There is no question the Android mobile operating system (OS) is a dominant force in the world of smartphones. But it is also the most susceptible to malware, the least secure fresh out of the box and the most fragmented.
If you want to use the OS on tablets or mobiles for business, security will have to be your number one priority. Follow these 10 security tips and Android will become a much more secure and reliable mobile operating system.
1. Disable app downloads from unknown sources
The easiest way to get infected with malware on an Android phone or tablet is to start installing apps from outside the official Google Play app store.
In the Settings menu of any standard Android device is a check box that enables and disables installing ‘unofficial’ apps.
An Android that keeps itself legit is far safer.
2. Upgrade to Android 3.0 or above
The first version of Android to incorporate file system encryption was Android 3.0, almost three years into the system’s life. Devices that do not use any kind of data encryption are all the more susceptible to damaging data loss.
3. Download an anti-malware app
Now that Android malware and viruses are a widely-recognised part of the smartphone world, there are many solutions to combat them. Most of the big antivirus (AV) companies have their own Android anti-malware apps, including Kaspersky, AVG, Avast and Norton. Recommended free Android AV apps include Lookout (where there is also a premium version available) and TrustGo.
4. Do not connect to unsecured, unknown Wi-Fi networks
An unsecured Wi-FI network can seem like a cheeky goldmine of free internet, but if you’re using an outdated version of Android in particular, it could prove dangerous. Imposter Wi-Fi networks can be used to stage a ‘middleman’ attack, where any inputted data can be intercepted by a third party – including passwords and personal details, such as credit card numbers.
5. Install a remote wipe/lock app
If an Android device is lost or stolen, it is sensible to have a way to wipe or lock it.
There are apps available from Google Play that will do just that, reacting to either a command from a web interface or via text. Popular remote wipe and lock apps include Cerberus and Avast Mobile Security.
6. Keep all sensitive data behind an extra encryption layer
Keeping sensitive information logged in a generic note on a phone or tablet is a bad idea.
There are plenty of apps that will store information behind a double wall of password protection and encryption. Top picks include mSecure and File Hide Expert.
7. Be aware of SMS threats
Premium SMS threats are partly responsible for the surge in Android malware.
The Obad threat, which was brought to light earlier this year, can send premium rate SMS texts, install other malicious apps and execute other code. If there is mysterious activity on a phone bill, check it is not down to this type of attack.
8. Use the Chrome browser
Since Android 4.1 was introduced, phones and tablets have come with the stock Android browser as well as Chrome installed as standard. Chrome is marginally more secure than the stock version, having been subject to fewer publicised insecurities in recent months. It is also likely that Chrome for Android is being more keenly worked on, its pre-installed status marking it out as the future default browser for Android.
9. Put a lock on your lock screen
Simple but necessary, anyone with a concern about Android security should put some lock screen protection on their phone. Virtually all Androids come with optional security measures pre-installed, accessed in the security submenu of settings.
10. Stolen phone? Check out Plan B
Many have done it – had a phone lost or stolen just before planning to buy phone insurance or install a phone tracker.
There is one last point of call. Try to install Plan B to the phone from the Google Play website and, if successful, it will automatically send the location of the device to the Gmail account linked to it.
Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners.
If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Related content from ComputerWeekly.com
This was first published in August 2013