Top 5 Android security tips for the enterprise

Keep your device secure by following these simple steps which include using Android's encryption features and Google's Device Policy app.

4. Keep up-to-date

Google generally carries out one major upgrade per year with the latest being Android 4.0 Ice Cream Sandwich. In between the major refreshes regular updates are pushed out to fix bugs, address security holes and improve general performance. It is important to keep up-to-date in order to benefit from this updates, especially the security fixes.

As Android application developers support newer versions of Android, those running older versions could be left with unsupported software with potential security vulnerabilities. History has shown that older operating systems become security liabilities as attackers are able to exploit a greater number of vulnerabilities to undermine devices.

Organisations should systematically audit devices to make sure they are being supported by device manufacturers and consider replacing those units that will not receive future software updates. Those firms looking to deploy Android devices now should consider devices running Android 4.0 and beyond and encourage users to upgrade.

3. Don't ROOT your device

Android is a Linux-based operating system, with applications running with less permission in order to sandbox any potential security threat from a single application. Running applications under restrictive user accounts also limits what applications can do with lower-level access forbidden. However, this can be circumvented by 'rooting' an Android device, allowing certain applications to have full access to the Android operating system.

Advertisement
Advertisement - Article continues below

Android enthusiasts and power users like to root devices because it gives the ability to alter Android's look and feel, load custom versions of the OS (known as ROMs) and run applications that have kernel level interaction. It is possible to increase the clock speed of the processor, for example.

While all of that sounds good, users should realise that by allowing wide reaching access, malicious applications could run amok with access to sensitive data stored on the device.

Google warns against rooting encrypted Android devices as doing so allows applications to access the private key used for encryption. This effectively erases any security benefits provided by encryption. Google's advice may pertain to encryption keys but the general point remains, rooting devices can give malicious applications and remote attackers access to the whole device.

Featured Resources

The essential guide to cloud-based backup and disaster recovery

Support business continuity by building a holistic emergency plan

Download now

Trends in modern data protection

A comprehensive view of the data protection landscape

Download now

How do vulnerabilities get into software?

90% of security incidents result from exploits against defects in software

Download now

Delivering the future of work - now

The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.

Download now
Advertisement

Most Popular

Visit/hardware/354232/raspberry-pi-4-owners-complain-of-broken-wi-fi-when-using-hdmi
Hardware

Raspberry Pi 4 owners complain of broken Wi-Fi when using HDMI

29 Nov 2019
Visit/mobile/mobile-phones/354222/samsung-sails-past-apples-market-share-despite-smartphone-market-slump
Mobile Phones

Samsung sails past Apple's market share despite smartphone market slump

28 Nov 2019
Visit/mobile/google-android/354189/samsung-galaxy-a90-5g-review-simply-the-best-value-5g-phone
Google Android

Samsung Galaxy A90 5G review: Simply the best value 5G phone

22 Nov 2019
Visit/business-strategy/digital-transformation/354201/boston-dynamics-dog-like-robots-sniff-out-bombs-for
digital transformation

Boston Dynamics dog-like robots sniff out bombs for Massachusetts police

26 Nov 2019