Top 5 Android security tips for the enterprise

Keep your device secure by following these simple steps which include using Android's encryption features and Google's Device Policy app.

4. Keep up-to-date

Google generally carries out one major upgrade per year with the latest being Android 4.0 Ice Cream Sandwich. In between the major refreshes regular updates are pushed out to fix bugs, address security holes and improve general performance. It is important to keep up-to-date in order to benefit from this updates, especially the security fixes.

As Android application developers support newer versions of Android, those running older versions could be left with unsupported software with potential security vulnerabilities. History has shown that older operating systems become security liabilities as attackers are able to exploit a greater number of vulnerabilities to undermine devices.

Organisations should systematically audit devices to make sure they are being supported by device manufacturers and consider replacing those units that will not receive future software updates. Those firms looking to deploy Android devices now should consider devices running Android 4.0 and beyond and encourage users to upgrade.

3. Don't ROOT your device

Android is a Linux-based operating system, with applications running with less permission in order to sandbox any potential security threat from a single application. Running applications under restrictive user accounts also limits what applications can do with lower-level access forbidden. However, this can be circumvented by 'rooting' an Android device, allowing certain applications to have full access to the Android operating system.

Android enthusiasts and power users like to root devices because it gives the ability to alter Android's look and feel, load custom versions of the OS (known as ROMs) and run applications that have kernel level interaction. It is possible to increase the clock speed of the processor, for example.

While all of that sounds good, users should realise that by allowing wide reaching access, malicious applications could run amok with access to sensitive data stored on the device.

Google warns against rooting encrypted Android devices as doing so allows applications to access the private key used for encryption. This effectively erases any security benefits provided by encryption. Google's advice may pertain to encryption keys but the general point remains, rooting devices can give malicious applications and remote attackers access to the whole device.

Featured Resources

Preparing for AI-enabled cyber attacks

MIT technology review insights

Download now

Cloud storage performance analysis

Storage performance and value of the IONOS cloud Compute Engine

Download now

The Forrester Wave: Top security analytics platforms

The 11 providers that matter most and how they stack up

Download now

Harness data to reinvent your organisation

Build a data strategy for the next wave of cloud innovation

Download now

Recommended

Google breaks from Qualcomm with in-house Pixel 6 chip
system on chip (SoC)

Google breaks from Qualcomm with in-house Pixel 6 chip

3 Aug 2021
Google launches Meet Progressive Web App
video conferencing

Google launches Meet Progressive Web App

2 Aug 2021
Google, Microsoft fight over documents in antitrust lawsuit
Policy & legislation

Google, Microsoft fight over documents in antitrust lawsuit

30 Jul 2021
Google Cloud seeks to abandon its ‘Killed By Google’ reputation
Software

Google Cloud seeks to abandon its ‘Killed By Google’ reputation

27 Jul 2021

Most Popular

RMIT to be first Australian university to implement AWS supercomputing facility
high-performance computing (HPC)

RMIT to be first Australian university to implement AWS supercomputing facility

28 Jul 2021
Square to acquire Afterpay for $29 billion
mergers and acquisitions

Square to acquire Afterpay for $29 billion

2 Aug 2021
Zyxel USG Flex 200 review: A timely and effective solution
Security

Zyxel USG Flex 200 review: A timely and effective solution

28 Jul 2021