- July 24th, 2013
- 31 Comments
Mobile Security, Online Privacy
Android devices seem to be continually under attack, with new reports of malware almost every day. However, the biggest threats against your Android phone or tablet aren’t malware, but rather unauthorized users who may access your information.
While mobile security includes detecting and blocking malicious apps, it also includes protecting physical access and encryption. Securing your Android device helps you protect your data and privacy. Just follow the following best practices.
 Lock Your Device
A pattern-code or a PIN can help keep unauthorized users from flipping through your phone. Pattern locking asks users to draw a specific pattern while the PIN-based symptom unlocks the screen as soon as the correct numeric code is entered. It’s good practice, though, to wipe the screen with a cloth after unlocking the device.
If you look at the device from an angle, you will likely see a trail of smudges showing what the pattern looks like or what digits are used in the PIN. If you wipe the screen, randomly run your finger across the screen in crazy patterns, or use a pattern that doubles back on its self frequently, then any smudges left behind won’t be of any use to the snoop.
Don’t leave your device lying around either, since there’s nothing stopping people from picking it up and flipping through your contacts or looking at images.
 Secure Google Play Purchases
Set a separate PIN for purchases in Google Play so that unauthorized users won’t be able to buy apps from the marketplace. Within the Google Play app, go to the settings menu, and then tap “Set of change PIN.” Once you’ve created the pin, select “Use PIN for purchases,” to make sure the user is prompted for the PIN before completing a transaction from the store.
 Install Security Software
While Android malware is still a tiny portion of threats, it still pays to install security software on the device. Most Android security tools do more than just scan for malicious apps. The tools can detect potential phishing Websites, provides information about the kind of permissions other apps are requesting, and have a variety of built-in anti-loss tools. Many security products on the market lets you remotely lock your phone, track its location via GPS, and even remotely wipe all the data from the device.
 Rely On Official App-Stores
Hand-in-hand with the security software recommendation is a warning: don’t install apps from dodgy third-party sites and don’t try installing the apps manually in a process called side loading.
Users should make sure apps from third-party sites can’t be loaded onto the device by unchecking “Unknown Sources” within the Settings page.
This goes for links, too. After clicking on a link in an unsolicited email or SMS, many users are prompted to download a separate app. That new app is most likely a scam. Always read reviews of apps before installing, and check the permissions the app is requesting. If any of the permissions seem a little odd, such as a car-racing game wanting to send SMS messages, then it’s best to not install the app.
 Don’t Root the Device
There are many reasons to root an Android device, such as to have some control over what Android operating system to run or to upgrade to a new version the carriers aren’t providing. However, rooting relies on the developers identifying a vulnerability to gain root privileges. You don’t know if the software you are looking to install is legitimate or malicious, and if you’ve rooted your device, you may be escalating that new application to gain root access.
 Encrypt Your Data
Android devices have full encryption to protect all the data, including Google Accounts, application data, and download information. The encryption means, however, that the user can’t access any data without the right password or PIN.
To enable this option just go to Settings->>Security->>Check Enable Encryption.
Encryption also applies to network traffic. If users regularly use a public unsecured Wi-Fi hotspot, then the eavesdropper could easily be harvesting all the profile information and interaction with others.
 Backup Your Data
Always backup your phone data, contacts and settings in regular intervals against Google’s servers or by connecting directly to a computer. If something ever happens to your data, you will be able to reclaim the information from the cloud service.