Top 5 Android security tips for the enterprise

Keep your device secure by following these simple steps which include using Android's encryption features and Google's Device Policy app.

2. Implement Google's Device Policy

This should be one of the first things to be installed on a device before it is deployed, and should be part of any firm's BYOD policy. Google's Apps Device Policy is a free application that ties administration of devices to a Google account. Once the Apps Device Policy application is installed, the user selects a Google account for the device to be associated with. The administrator of that Google account can set remote access rights and administration tasks.

Google Device Policy allows administrators to track device, which can be particularly handy for those firms that operate with employees on multiple sites. However, for enterprises the most important administration task is the ability to lock and erase devices remotely. The ability to do so could be the difference between unauthorised access to sensitive data and the cost of merely replacing a device.

The downside to Device Policy is the need for a Google Apps account. The cost of this starts at 3.30 per month, but deals are available for larger firms. However, organisations should weigh up the monthly cost of Google Apps against the potential damage done by outside access to data and consider it as an addition to the mobile operator subscription charge.

1. Use the file system encryption

IT admins work on the premise that employee smartphones and tablets will be lost or stolen, so when it does happen steps can be taken to minimise impact to the business.

Advertisement
Advertisement - Article continues below

Users who may be carrying gigabytes worth of data on their device should have the same mindset to help prevent confidential information from falling into the hands of a third party. The best way to do this is to use Android's file system encryption.

Google introduced file system encryption in Android 3.0 Honeycomb and has brought it to smartphones with Android 4.0 Ice Cream Sandwich. Android's file system encryption requires the user to enter a passphrase that is used to generate a key which in turn is used to encrypt the device's file system.

Once the Android device's file system is encrypted, a task that can take over an hour depending on the storage capacity of the device, the user will have to enter the passphrase initially used to generate the key to unlock the device. Although Google uses industry standard AES128 encryption, it is only as strong as the passphrase used to generate the key, therefore using one that includes letters and numbers is recommended.

Encryption is important even if you have Google's Device Policy up and running because a device has to connect to the internet before it can swallow the poison pill. This means unencrypted data can be read while the device is kept in aeroplane mode. If devices are encrypted using a strong password, users can be safe in the knowledge that data cannot be lifted from the device without access to considerable computation power used to crack the encryption.

Overall, Google's Android offers a number of features to help organisations control and track devices. Our five tips to keen Android devices secure are all quick and easy but ultimately user education is the key.

Android's security features such as file system encryption and Google Apps Device Policy can be set by the system administrator but users need to know that using open Wi-Fi hotspots and failure to update regularly can pose a security risk. By putting our tips into practice alongside educating users, firms can mitigate against costly and embarrassing security breaches.

Featured Resources

Application security fallacies and realities

Web application attacks are the most common vulnerability, so what is the truth about application security?

Download now

Your first step researching Managed File Transfer

Advice and expertise on researching the right MFT solution for your business

Download now

The KPIs you should be measuring

How MSPs can measure performance and evaluate their relationships with clients

Download now

Life in the digital workspace

A guide to technology and the changing concept of workspace

Download now
Advertisement

Most Popular

Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

4 Nov 2019
Visit/strategy/28115/the-pros-and-cons-of-net-neutrality
Business strategy

The pros and cons of net neutrality

4 Nov 2019
Visit/domain-name-system-dns/34842/microsoft-embraces-dns-over-https-to-secure-the-web
Domain Name System (DNS)

Microsoft embraces DNS over HTTPS to secure the web

19 Nov 2019
Visit/social-media/34844/can-wikipedia-founders-social-network-really-challenge-facebook
social media

Can Wikipedia founder's social network really challenge Facebook?

19 Nov 2019