How to Protect your Photos and Videos from Unauthorised Access

The cyber threat landscape is rapidly evolving. It is becoming increasingly sophisticated and impacting individuals and businesses alike. To help you stay one step ahead of cybercrime, we’ll be exploring a different aspect of cyber security each month in 2025 as part of our bitesize series.

This month’s focus is on how to protect your photos and videos from unauthorised access.

How many times have you seen headlines sprawled across the tabloids and newspapers surrounding leaked celebrity photos?  

Photos don’t need to be explicit or sensitive to be classified as leaked. Leaked photos refer to any photo that has been distributed without the consent of the photographer or the people in the photo. This could include photos of your personal IDs, family photos, photos of your home that could enable people to identify where you live or even work and photos of a private nature.

Typically, photos and videos are leaked to damage the person’s reputation, blackmail them, bully them or to extort money from them.

Offenders can gain access to your personal images in a number of ways, including hacking, stealing your device, finding lost devices, data breaches and social engineering.

To limit the risk of your photos and videos being accessed by an unauthorised person, there are a few steps you can take.

Step 1 – Secure your personal device

In the previous article in our bitesize cyber series, we focused on how to secure your personal devices. Many of the steps detailed can also apply to your photos and videos, including how to lock down your device, the importance of regular updates, backing up your device, facilitating remote wiping and disposing of old devices securely.

Step 2 – Do a “stocktake”

Have you ever Googled yourself? If you haven’t, consider doing it and clicking on the ‘Images’ tab to see if there are any photos of you out there that you weren’t aware of. You may be surprised by the volume of information that is available online.

To keep track, you can set a Google alert to notify you if your name or phrase appears online, so it can proactively keep an eye out for you.

Step 3 – Be social media savvy

How many social media networks have you signed up for over the years? Cast your mind back to the days of MySpace, Bebo and Flickr. You may have deleted these accounts, or they may have been deleted when the platform closed, but that doesn’t mean the content you shared on these is gone forever.

The harsh reality is, the moment you post something online, there is nothing stopping another person from screenshotting or taking a photo of it. That’s why it’s important to ensure you’re happy with the world seeing it before you hit post. Think twice before posting anything too personal.

Take time to have a look through your social media profiles, both active and unactive and regularly clear out your personal photos and videos. You may wish to check your security settings to monitor what information is set to ‘Public’ view.

Step 4 – Delete your photos or videos properly

We touched on this in our first article in this series on how to dispose of old devices without leaking data. When you delete a file, it doesn’t wipe it completely but rather it makes the space that the file was taking up available for a new file to overwrite it. If you want to make sure a file is gone for good, it’s recommended that you use reputable wiping software.

Most phones nowadays have the option to back up photos and videos instantly into the cloud. When you delete a photo on your phone, you will need to ensure that you have deleted the photo from the cloud/Google Photos as well by going into the recently deleted album.

Speaking of Google Photos, did you know you can set up a ‘Locked Folder’ in Google Photos? A locked folder will allow you to save personal photos and videos, but the photos will not appear on your grid, albums, memories or in the search function. Another bonus is that anything stored in these folders will not be accessible to other apps despite their permissions.

Step 5 – Check your app settings

How many apps have you downloaded that you have given access to your camera or photo library? The moment you grant permission to these apps, you are exposing yourself and increasing the likelihood of your photos or videos falling into the wrong hands or being sold to third parties.

You can manage your apps’ permissions here:  Settings > Privacy > Permission settings.

Similar to step four, deleting photos and videos on your phone doesn’t delete them from the apps that have access to your media. Apps can store data in its own cloud, so make sure to delete it from there too.

Step 6 – Send files safely

Prioritise your security when sending files. Use file sharing tools that encrypt your media to reduce the chances of someone getting their hands on them.

Opt for a service that offers end-to-end encryption (E2EE), preventing third parties from accessing files in transit, as only the recipient can decrypt it.[1]

When it comes to cyber-crime, many SMEs don’t have sufficient cyber insurance. But the reality is, the risk of cyber-crime to your business far outweighs many other risks that you would cover for without a second thought. It’s time to get real about the risk of cyber-crime. Visit our Cyber Liability Insurance page to find out more.  

[1] What is End-to-End Encryption (E2EE) and How Does it Work?

Consistent with our policy when giving comment and advice on a non-specific basis, we cannot assume legal responsibility for the accuracy of any particular statement. In the case of specific problems we recommend that professional advice be sought.