Top 10 Android security tips

As Android becomes more prevalent in the enterprise, Computer Weekly gives you 10 top tips for keeping your devices secure

There is no question the Android mobile operating system (OS) is a dominant force in the world of smartphones. But it is also the most susceptible to malware, the least secure fresh out of the box and the most fragmented.

If you want to use the OS on tablets or mobiles for business, security will have to be your number one priority. Follow these 10 security tips and Android will become a much more secure and reliable mobile operating system.

1. Disable app downloads from unknown sources

The easiest way to get infected with malware on an Android phone or tablet is to start installing apps from outside the official Google Play app store. In the Settings menu of any standard Android device is a check box that enables and disables installing ‘unofficial’ apps. An Android that keeps itself legit is far safer.

2. Upgrade to Android 3.0 or above

The first version of Android to incorporate file system encryption was Android 3.0, almost three years into the system’s life. Devices that do not use any kind of data encryption are all the more susceptible to damaging data loss.

3. Download an anti-malware app

Now that Android malware and viruses are a widely-recognised part of the smartphone world, there are many solutions to combat them. Most of the big antivirus (AV) companies have their own Android anti-malware apps, including Kaspersky, AVG, Avast and Norton. Recommended free Android AV apps include Lookout (where there is also a premium version available) and TrustGo.

Read more about mobile security

  • IBM extends cloud business with Trusteer mobile security
  • Mobile security model flawed, says Mobile Helix
  • Mobile security watershed - from SOAP to SUDS
  • BAE Systems and Vodafone join forces for mobile security

4. Do not connect to unsecured, unknown Wi-Fi networks

An unsecured Wi-FI network can seem like a cheeky goldmine of free internet, but if you’re using an outdated version of Android in particular, it could prove dangerous. Imposter Wi-Fi networks can be used to stage a ‘middleman’ attack, where any inputted data can be intercepted by a third party – including passwords and personal details, such as credit card numbers.   

5. Install a remote wipe/lock app

If an Android device is lost or stolen, it is sensible to have a way to wipe or lock it. There are apps available from Google Play that will do just that, reacting to either a command from a web interface or via text. Popular remote wipe and lock apps include Cerberus and Avast Mobile Security.

6. Keep all sensitive data behind an extra encryption layer

Keeping sensitive information logged in a generic note on a phone or tablet is a bad idea. There are plenty of apps that will store information behind a double wall of password protection and encryption. Top picks include mSecure and File Hide Expert.  

Read more about Android

7. Be aware of SMS threats

Premium SMS threats are partly responsible for the surge in Android malware. The Obad threat, which was brought to light earlier this year, can send premium rate SMS texts, install other malicious apps and execute other code. If there is mysterious activity on a phone bill, check it is not down to this type of attack.

8. Use the Chrome browser

Since Android 4.1 was introduced, phones and tablets have come with the stock Android browser as well as Chrome installed as standard. Chrome is marginally more secure than the stock version, having been subject to fewer publicised insecurities in recent months. It is also likely that Chrome for Android is being more keenly worked on, its pre-installed status marking it out as the future default browser for Android.  

9. Put a lock on your lock screen

Simple but necessary, anyone with a concern about Android security should put some lock screen protection on their phone. Virtually all Androids come with optional security measures pre-installed, accessed in the security submenu of settings.

10. Stolen phone? Check out Plan B

Many have done it – had a phone lost or stolen just before planning to buy phone insurance or install a phone tracker. There is one last point of call. Try to install Plan B to the phone from the Google Play website and, if successful, it will automatically send the location of the device to the Gmail account linked to it.

Read more on Mobile apps and software

CIO
Security
Networking
Data Center
Data Management
Close