Basic Security Settings
Screen Lock and Encryption
Setting up a screen lock is a fundamental step in securing your Android device. Options include password, PIN, or passcode. Navigate to Settings > Security or Lock Screen to choose from pattern lock, PIN, or password. Auto-lock should be set to 15 minutes or less to prevent unauthorized access.
Data encryption is another critical setting. Android OS version 7.0 (Nougat) and newer have encryption enabled by default. For earlier versions, go to Settings > Security > Turn on Encryption. This ensures all data on your device is encrypted, making unauthorized access more difficult.
Device Tracking
Installing a device tracking app enhances security. These apps help locate your device if lost or stolen and can remotely erase all content and settings if necessary. This feature is particularly useful for handling sensitive data.
Network Security
Secure Network Connections
Using a secure network connection is essential. Your cellular carrier network generally provides a more secure connection compared to public Wi-Fi networks. If using a wireless connection, ensure it is secure, such as MWireless.
WiFi and Bluetooth
Turn off WiFi and Bluetooth when not in use to prevent unauthorized access. These features can be easily enabled or disabled through Settings > Connections.
App Management
App Permissions
Managing app permissions effectively is crucial for device security:
- Assign Bare Minimum Permissions: Only grant essential permissions for the app's key features.
- Enable Runtime Permissions: Use runtime permissions to access sensitive data or features, enhancing transparency and control.
- Clearly Explain Normal Permissions: Ensure users understand why certain permissions are required to gain their trust and reduce unnecessary permissions.
Trusted Market Apps
Install apps only from trusted sources like the Google Play Store. Avoid installing apps from other sources unless required for specific work and approved by your department.
App Updates
Keeping apps updated is vital. Regular updates often include patches for known vulnerabilities and new security features. To update apps:
- Check for Updates: Regularly check the Google Play Store for updates to all installed apps.
- Enable Auto-Update: Enable auto-update settings to ensure apps are updated automatically.
Antivirus Software
While built-in security features like Google Play Protect are helpful, additional antivirus software provides comprehensive protection. Here are some top antivirus apps for Android:
TotalAV
TotalAV offers real-time protection and a suite of security tools. It protects against malicious websites, includes real-time protection, allows app locking, and provides a high-powered VPN. It also includes basic identity theft protections and checks all Android apps before installation.
Bitdefender Mobile Security
Bitdefender Mobile Security offers excellent malware protection with minimal impact on performance. It includes tools like an app lock, Wi-Fi scanner, anti-theft features, and data breach notifications. Bitdefender also provides up to 200 MB per day for safe browsing via its VPN feature.
Norton Mobile Security
Norton Mobile Security provides great malware protection and an intuitive design. Its standout feature, Safe Web, flags insecure or malicious websites and prevents them from loading. Norton also includes VPN functionality and advisors that scan Google Play installs, warning about potentially dangerous apps.
HTTPS and SSL Pinning
Implementing HTTPS and SSL pinning significantly enhances app security.
HTTPS
HTTPS (HyperText Transfer Protocol Secure) adds an extra layer of protection to HTTP. It encrypts data in transit, reducing the chances of malicious attacks. HTTPS ensures usernames and passwords cannot be stolen during transit and protects sensitive information like bank account details.
SSL Pinning
SSL pinning adds an extra layer of security by connecting your app to a specific SSL certificate or public key. This technique enables your app to communicate only with the server matching the pinned certificate or key, rejecting any other request.
Regular Rigorous Testing
Regular rigorous testing ensures your app is secure and free from vulnerabilities. This includes:
- Pre-Installation Scans: Actively scan newly downloaded apps for malicious content before installation.
- Regular Updates: Keep your app updated with the latest patches and security fixes.
- Penetration Testing: Conduct penetration testing to simulate real-world attacks and identify vulnerabilities.
Focus on Target Permissions
Focusing on target permissions enhances security:
- Assign Bare Minimum Permissions: Only grant essential permissions for the app's key features.
- Enable Runtime Permissions: Use runtime permissions to access sensitive data or features.
- Clearly Explain Normal Permissions: Ensure users understand why certain permissions are required.
- Prevent Other Apps from Accessing Internal Components: Disable signature permissions to prevent other apps from accessing internal components.
Additional Best Practices
Turn Off GPS/Location Access
Turn off GPS/Location Access for apps when not needed to prevent unauthorized tracking of your location.
Set Web Browser for Private Browsing
Set your web browser for private browsing to prevent tracking of your browsing history and other personal data.
Use Secure Storage Services
Store and share sensitive data using approved services that meet regulatory and policy requirements. Avoid using personal storage services for storing sensitive data.
Report Security Incidents
If your device is lost or stolen and it contains sensitive data, notify the ITS Service Center immediately. Prompt reporting can help mitigate potential damage.
