{"id":4263,"date":"2014-11-07T10:31:17","date_gmt":"2014-11-07T15:31:17","guid":{"rendered":"http:\/\/me-en.kaspersky.com\/blog\/?p=4263"},"modified":"2020-02-26T18:59:08","modified_gmt":"2020-02-26T14:59:08","slug":"android-maximum-security-tips","status":"publish","type":"post","link":"https:\/\/me-en.kaspersky.com\/blog\/android-maximum-security-tips\/4263\/","title":{"rendered":"Protect your Android: 10 tips for maximum security"},"content":{"rendered":"

Applying a dozen iOS security settings<\/a> to better protect your mobile device does not sound like a terribly tedious job. So what about Android? The issue here is that Android as a mobile OS is seemingly the same, yet it is so varied. Its open and flexible nature has made it the leader in the mobile market, but simultaneously it is the basis for the notorious fragmentation issue that everyone is keen to mention every so often.<\/p>\n

\"Android<\/a><\/p>\n

Versions of Android running on the Nexus device, Samsung\/Sony\/HTC smartphones and on a Chinese no-name are easily distinguishable. However, there are some general tips to ensure that your Android device is more secure, and a number of the tips are those that are applicable to iOS as well.<\/p>\n

Of course, it presupposes compromises in everyday experiences, but in this case you have to choose between comfort and safety. Ultimately, one can find an optimal balance between convenience and safety and, at least partially, follow the list of tips below.<\/p>\n

    \n
  1. Download apps only from the Google Play Store<\/strong>
    \nIndeed, the most \u2018dangerous\u2019 thing about Android is not the OS itself, but apps that a user can install. Contrary to iOS, installing an app by oneself or with \u2018help\u2019 from another user is super easy on Android. Just never download an app from third-party platforms and websites: they might be infected. It is easier to fully disable this capability in settings and deploy an integrated app security check. Also, say no to root access, as it significantly elevates the risks of running into infected applications.
    \nHow it helps:<\/strong> significantly lowers your chances of getting malware.
    \nHow to set it:<\/strong> go to \u201cSettings\u201d -> \u201cSecurity\u201d, un-check the \u201cUnknown Sources\u201d box, check \u201cVerify Apps.\u201d<\/li>\n<\/ol>\n
      \n
    1. Watch out for app permissions\"2-en\"<\/a><\/strong>
      \nFirst, you\u2019d want to install apps only by known developers, or rely on Google recommendations. Second, check\u00a0the apps\u2019 permissions every time you install to see what exactly a certain app is asking to access. If a wallpaper app or game wants to access your accounts, SMS, mic, location and to enjoy unlimited Internet, that       looks fishy<\/a>.
      \nHow it helps:<\/strong> significantly lowers your chances of getting malware
      \nHow to set it:<\/strong> upon installation, the list of permissions is shown on the screen, and also there is the \u201cSee Permissions\u201d link on the bottom of the app page. If a suspicious app has been installed already, go to \u201cGoogle Settings\u201d -> \u201cEnabled Apps\u201d and disable the ones you don\u2019t want to run.<\/li>\n<\/ol>\n
        \n
      1. Use strong passwords<\/strong>
        \nThis is more of a \u2018one-size-fits-all\u2019 tip. To unlock your phone, use sophisticated passwords, not a PIN or graphic code. The best solution is a         password that contains at least ten characters<\/a>, including lower case and upper case letters, numbers, and symbols. But it\u2019s not easy to enter that many symbols each time that you unlock your phone, so you should try several passwords to find the optimal one. The password should be changed on a regular basis. Also, set the minimal idle time to enable the lock, and disable the option to show passwords when entering them. Note that many apps also use password-based security.
        \nHow it helps:<\/strong> significantly lowers the chances for other people to access your phone and its content.
        \nHow to set it:<\/strong> go to \u201cSetting\u201d -> \u201cSecurity\u201d -> \u201cScreen Lock\u201d and choose \u201cPassword\u201d as a means of locking the screen. Then go to \u201cSettings\u201d -> \u201cSecurity\u201d and un-check \u201cMake passwords visible\u201d box.<\/li>\n<\/ol>\n
          \n
        1. Encrypt your data\"4-en\"<\/strong>
          \nIt\u2019s simple! If the data on your phone is encrypted, then no one is able to access it even if the phone is lost or stolen. It is better to choose a password rather than a PIN code because           in the current Android version, encryption is based on password\/PIN only<\/a> and is only as strong as the password is. Android 5.0 should improve upon this.
          \nHow it helps: <\/strong>protects data in case your device is lost
          \nHow to set it:<\/strong> go to \u201cSettings\u201d -> \u201cSecurity\u201d -> \u201cEncrypt Phone\u201d, and check the \u201cEncrypt SD Card\u201d in addition.<\/li>\n<\/ol>\n
            \n
          1. Watch out for your Wi-Fi connections<\/strong>
            \nBy default, Android tries to connect to any wireless network you ever accessed. In the case of open access points, it may well be that it is not a hotspot you are used to but rather a             malicious hotspot created by a cybercriminal<\/a>. With that in mind, first try to avoid public hotspots, and second, run a regular audit of your remembered Wi-Fi networks list. Also, disable default search for open wireless connections.
            \nHow it helps: <\/strong>lowers the chances of inadvertently connecting to potentially malicious Wi-Fi networks.
            \nHow to set it:<\/strong> go to \u201cSettings\u201d -> \u201cWi-Fi\u201d, press and hold a remembered hotspot name to call up the menu which allows you to delete the network; go to \u201cAdvanced Settings\u201d to un-check \u201cAlways Search for Wireless Networks.\u201d<\/li>\n<\/ol>\n
              \n
            1. Always use VPN\"6-en\"<\/strong>
              \nThis tip is especially relevant when using a public hotspot or an untrusted network connection.               Using VPN will protect the data you transfer<\/a> and (as a bonus) allow you to access resources that are somehow restricted on public networks. Today, robust VPN access is not that expensive and the latest models of home routers have their own VPN servers, making VPN access completely free for you. It is better to use L2TP or OpenVPN, which sport even more reliable protection than the widely used\u00a0PPTP. To prevent a data leak prior to establishing a VPN connection, do not forget to make VPN \u2018always-on\u2019, or disable automatic syncing of your apps.
              \nHow it helps: <\/strong>encrypts inbound and outbound data.
              \nHow to set it: <\/strong>go to \u201cSettings\u201d, choose \u201cMore\u2026\u201d -> VPN in \u201cWireless Connections and Networks\u201d; in the context menu check \u201cAlways-on VPN\u201d and choose the connection; autosyncing can be disabled in \u201cSettings\u201d -> \u201cAccounts.\u201d<\/li>\n<\/ol>\n
                \n
              1. Disable notifications<\/strong>
                \nEven if your phone is locked, different notifications can be pushed to the status bar or to the display. Notifications may include one-time codes to confirm transactions, account status alerts and other sensitive data. Unfortunately, there is no single Android notification center where these can be disabled. Also, many device OEMs use different skins which are not secure in this respect. That means that you will have to disable all app notifications manually.
                \nHow it helps: <\/strong>no outsider is able to see your notifications, which might contain sensitive information.
                \nHow to set it: <\/strong>go to \u201cSettings\u201d -> \u201cApps\u201d; choose an app and un-check the \u201cShow notifications\u201d box. In some cases it is even easier to disable notifications in the program\u2019s settings.<\/li>\n<\/ol>\n
                  \n
                1. Apply settings to Google services\"8-en\"<\/strong>
                  \nThere may be good reasons to set some limits for the search giant, as any leak of Google account information might lead to negative consequences for a user: any culprit able to gain access might not only read your messages but may also\u00a0find out where you have been, see your photos and contacts and other meaningful things.
                  \nHow it helps: <\/strong>minimizes damage done in case of data leakage.
                  \nHow to set it: <\/strong>in the \u201cGoogle Settings\u201d app, in \u201cMy Location\u201d entry, disable \u201cSending Geolocation Data\u201d and \u201cHistory\u00a0of Location\u201d options for all accounts; in \u201cSearch and Tips,\u201d disable Google Now; in \u201cAndroid Remote Management\u201d you may want to enable \u201cRemote Device Search\u201d and \u201cRemote Lock and Reset\u201d options; in the \u201cGoogle Photo\u201d app, go to \u201cSettings\u201d -> \u201cAuto Back Up\u201d and disable the default automated backup of all of your photos on Google servers.<\/li>\n<\/ol>\n
                    \n
                  1. Get rid of unnecessary apps<\/strong>
                    \nSee tips 1 and 2 above. The more apps that you have, the higher the risk is that some of them are involved in malicious activities. Also, in the Android world, there is this bad habit of selling devices with tons of pre-installed services and apps. You may not use them, but it doesn\u2019t mean that their creators don\u2019t use you. Some, but not all, of them, can be deleted. Refer to an app\u2019s website to know which of them are good to go.
                    \nHow it helps: <\/strong>minimizes damage done in case of data leakage.
                    \nHow to set it: <\/strong>go to \u201cSettings\u201d -> \u201cApps\u201d -> \u201cAll,\u201d tap on the app you need to delete in the list and press \u201cWipe data\u201d and \u201cDisable\u201d.<\/li>\n<\/ol>\n

                    @Kaspersky 10 hot #security tips for #Android users<\/p>Tweet<\/a><\/blockquote>\n

                      \n
                    1. Use two-factor authentication for Google and other apps<\/strong>
                      \n                      Two-factor authentication<\/a> is likely the best method to ensure maximum user account security available today. It is simple: besides using the password, it requires you to also enter a one-time code sent via text message or within specialized apps or even hardware. Without this code, an intruder cannot log in to your accounts, even if they have laid hands on your password.
                      \nHow it helps: <\/strong>significantly lowers the chances of an outsider using your accounts.
                      \nHow to set it: <\/strong>go to                       https:\/\/accounts.google.com\/SmsAuthConfig<\/a> in your browser and follow the instructions.<\/li>\n<\/ol>\n

                      This list of tips helps to significantly improve Android security but it is not a cure-all. Thus, do not forget to install a trusted security pack<\/a> on your smartphone or tablet. Besides antivirus, such solutions offer other means of protection: safe web surfing, password manager, SMS filtering, anti-theft options and so on.<\/p>\n

                      And, a final note in our recommendations: stay alert!<\/p>\n\n","protected":false},"excerpt":{"rendered":"

                      It\u2019s not always easy to give general advice to Android users because the OS is so very diverse. But we have ten security tips that are relevant for almost any Android version.<\/p>\n","protected":false},"author":40,"featured_media":4264,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5],"tags":[105,22,193,187,97,677,174],"class_list":{"0":"post-4263","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"tag-android","9":"tag-google","10":"tag-mobile-device","11":"tag-passwords","12":"tag-security-2","13":"tag-vpn","14":"tag-wi-fi"},"hreflang":[{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/android-maximum-security-tips\/4263\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/android-maximum-security-tips\/4335\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/android-maximum-security-tips\/4789\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/android-maximum-security-tips\/5027\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/android-maximum-security-tips\/5938\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/android-maximum-security-tips\/6579\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/android-maximum-security-tips\/5427\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/android-maximum-security-tips\/5938\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/android-maximum-security-tips\/6579\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/android-maximum-security-tips\/6579\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/me-en.kaspersky.com\/blog\/tag\/android\/","name":"Android"},"_links":{"self":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/4263","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/40"}],"replies":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=4263"}],"version-history":[{"count":4,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/4263\/revisions"}],"predecessor-version":[{"id":15940,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/4263\/revisions\/15940"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/4264"}],"wp:attachment":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=4263"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=4263"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=4263"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}