Set a device PIN, ideally use a long passcode. If supported, configure fingerprint authentication, but avoid face unlockEncrypt your device, in order to keep your data safe from physical access. To enable, for Android: Settings --> Security --> Encryption, or for iOS: Settings --> TouchID & Passcode --> Data ProtectionKeep device up-to-date. System updates often contain patches for recently-discovered security vulnerabilities. You should install updates when promptedReview application permissions. Don't grant access permissions to apps that do not need it. (For Android, see also Bouncer - an app that allows you to grant temporary permissions)Disable connectivity features that aren't being used, and 'forget' WiFi networks that you no longer needDisable location tracking. By default, both Android and iOS logs your GPS location history. You can disable this, for Android: Maps --> Settings --> Location History, and iOS: Settings --> Privacy --> Location Services --> System Services --> Places. Be aware that third-party apps may still log your position, and that there are other methods of determining your location other than GPS (Cell tower, WiFi, Bluetooth etc)Use an application firewall to block internet connectivity for apps that shouldn't need it. Such as NetGuard (Android) or Lockdown (iOS)Understand that apps contain trackers that collect, store and sometimes share your data. For Android, you could use Exodus to reveal which trackers your installed apps are using.