Top 5 Android security tips for the enterprise

Keep your device secure by following these simple steps which include using Android's encryption features and Google's Device Policy app.

4. Keep up-to-date

Google generally carries out one major upgrade per year with the latest being Android 4.0 Ice Cream Sandwich. In between the major refreshes regular updates are pushed out to fix bugs, address security holes and improve general performance. It is important to keep up-to-date in order to benefit from this updates, especially the security fixes.

As Android application developers support newer versions of Android, those running older versions could be left with unsupported software with potential security vulnerabilities. History has shown that older operating systems become security liabilities as attackers are able to exploit a greater number of vulnerabilities to undermine devices.

Organisations should systematically audit devices to make sure they are being supported by device manufacturers and consider replacing those units that will not receive future software updates. Those firms looking to deploy Android devices now should consider devices running Android 4.0 and beyond and encourage users to upgrade.

3. Don't ROOT your device

Android is a Linux-based operating system, with applications running with less permission in order to sandbox any potential security threat from a single application. Running applications under restrictive user accounts also limits what applications can do with lower-level access forbidden. However, this can be circumvented by 'rooting' an Android device, allowing certain applications to have full access to the Android operating system.

Android enthusiasts and power users like to root devices because it gives the ability to alter Android's look and feel, load custom versions of the OS (known as ROMs) and run applications that have kernel level interaction. It is possible to increase the clock speed of the processor, for example.

While all of that sounds good, users should realise that by allowing wide reaching access, malicious applications could run amok with access to sensitive data stored on the device.

Google warns against rooting encrypted Android devices as doing so allows applications to access the private key used for encryption. This effectively erases any security benefits provided by encryption. Google's advice may pertain to encryption keys but the general point remains, rooting devices can give malicious applications and remote attackers access to the whole device.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Most Popular

School laptops sent by government arrive loaded with malware
malware

School laptops sent by government arrive loaded with malware

21 Jan 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

21 Jan 2021
What is the Raspberry Pi Pico?
Hardware

What is the Raspberry Pi Pico?

21 Jan 2021