ByOleg Romanenko 2019-02-20 1060
Say, Android on a Nexus device, on a Samsung / Sony / HTC smartphone and on some unknown "Chinese" - these are two big differences. Nevertheless, some general tips on improving the security of this OS can be given, and some of them coincide with the recommendations for iOS. Of course, it will be necessary to come to terms with certain inconveniences in daily work, but here you will have to follow the universal rule - either comfort or safety. In the end, you can use only part of the recommendations and find the optimal balance of convenience and protection.
Yes, the most "dangerous" part in Android is not the OS itself, but the programs for it. Unlike iOS, installing an application (on your own or at the will of an attacker) on Android is easier than ever. Never download programs from unofficial sites or from third-party sites, as they may be infected. It is best to disable the ability to install software from third-party sources and enable built-in application checking. Also, do not do root access, as this significantly increases the level of risk.
How does this help: dramatically reduce the threat to pick up some malware.
Where to configure: go to "Settings" -> "Security", uncheck "Unknown sources" and tick "Check applications".
Firstly, you should install applications from well-known developers or those recommended by Google. Secondly, before installing it is necessary to check what the application is going to access. For example, a program for changing wallpaper or a toy that requires access to accounts, SMS, microphone, location and unlimited access to the Internet, looks extremely suspicious.
How does this help: reduce the threat to pick up the malware.
Where to set up: when installing the application, a list of required permissions is always displayed + on the program page at the very bottom there is a "View permissions" item. Also do not forget to view the lists and permissions of applications connected to Google. In the list of programs, you need to find "Google settings" -> "Connected applications" and disable unnecessary ones.
Universal, but never superfluous advice. To unlock the screen, it is better to set a really complex password and refuse to use a pattern or PIN code. The password, as usual, must consist of at least a dozen characters. Ideally, it should include letters in different registers, numbers and other characters. But it is better not to make the password very complicated, otherwise you will get tired of typing it quickly. Periodically it is useful to change the password. It is also worth setting the minimum possible screen autolock interval and disable the display of any passwords as you type. In addition, many applications allow you to set a password protection.
How does this help: significantly reduce the chance of gaining access to the smartphone and its content.
Where to configure: go to "Settings" -> "Security" -> "Screen lock" and select "Password" as the screen lock method. Then in "Settings" -> "Security", uncheck the "Show passwords" box .
Everything is simple! If the information on the phone is encrypted, even if it is lost, the data will not fall into the wrong hands. For protection, it is better to set a password, not a PIN code. It will have to enter every time you turn on the device. In current versions of Android, encryption strength depends only on the strength of the password - before the advent of Android 5.0, this will have to be borne in mind.
How does this help: protect your data in case of loss of the device.
Where to configure: go to "Settings" -> "Security" -> "Encrypt Phone", in addition, it is necessary to enable the "Encrypt SD Card" checkbox.
Android by default tries to connect to the wireless networks to which you have ever connected. It may well be that, instead of the familiar open access point, it will turn out to be a hotspot with the same name, created by an attacker.
Therefore, firstly, you should avoid public points and, secondly, you should regularly clear the list of remembered Wi-Fi networks. At the same time it is recommended to disable the forced tracking of wireless networks.
How does this help: reduce the risk of quietly connecting to a potentially dangerous Wi-Fi network.
Where to set up: go to "Settings" -> "Wi-Fi", a long press on the name of the memorized network will bring up a menu where you can delete the network; in the same section, in the "Advanced Settings" section, uncheck the "Always search for networks" box.
This tip is especially relevant when using open access points somewhere in a public place or in any untrusted networks. Using VPN will protect the transferred data, and as a pleasant bonus it will help to circumvent possible restrictions on access to certain resources. Today, access to a reliable VPN is not so expensive, and some modern home routers have their own VPN servers, so in this case the connection will be completely free. Just keep in mind that it is better to use L2TP or OpenVPN - these protocols provide better protection than the popular PPTP. In order for some data not to have time to leak before establishing a VPN connection, it will not be superfluous to either turn off auto-synchronization of applications or (which is better) to set up forced use of VPN.
How does this help: protect the transmitted and received data.
Where to configure: go to "Settings", in the section "Wireless Connections and Networks" select the items "More ..." -> VPN; after setting up one or several VPN connections, the only item "Permanent VPN" appears in the menu, where you can select the connection that is used forcibly; Auto-sync can be disabled in the "Settings" -> "Accounts" section.
Even with the screen locked, various notifications can be displayed both in the status bar and directly on the smartphone display. These may include one-time transaction codes, account status notifications, and other sensitive data. Unfortunately, there is no single notification center where they could be disabled in one fell swoop. In addition, many manufacturers install a variety of shells, which may also not be very safe from this point of view. Therefore, you will have to manually disable notifications in applications.
How does this help: outsiders will not be able to see the notice, which may contain important information.
Where to configure: go to "Settings" -> "Applications", select the desired program and uncheck "Show notifications". Sometimes it's easier to turn off alerts in the settings of the program itself.
The corporation of good wants to know about its users as much as possible, and its appetites grow every year. It makes sense to reason the search giant slightly in his desires, since a leak of access to a Google account has very sad consequences - attackers can not only read your messages, but also know where and when you were, view your photos and contacts, and much more.
How does this help: to reduce losses in case of theft of a Google account.
Where to set up: in the "Google Settings" application in the "My Location" section, disable the "Sending location" and "Location History" options for all accounts, disable "Google Now" in the "Search and Hints" section, and optionally "Android Remote Control" Enable the "Remote Device Search" and "Remote Block and Reset Settings" options; in the "Google Photos" application, go to "Settings" -> "Startup" and disable the functions of automatically sending all the taken photos to the Google server.
Super savings at Today's Top Coupons - UP TO $12 OFF.
Find a mobile with up to 50% off discount at Weekly Savers - 50% OFF BRAND PHONES.
In essence, this is a continuation of points 1 and 2. The more programs, the higher the chance that some of them will engage in unfair activities. In addition, in the Android world, there is a vicious practice when a smartphone maker pre-installs a huge number of third-party applications and services. Even if you do not use them, it does not mean at all that their developers do not use you for any of their own purposes. Some of them can be removed, although not all. What kind of services you can safely disable, easy to find on the Internet.
How does this help: minimizing losses in case of data leakage.
Where to configure: go to "Settings" -> "Applications" -> "All", tap on the unnecessary application in the list and click the "Delete data" and "Turn off" buttons.
Two-factor authentication is perhaps the only method for sufficiently reliable protection of any accounts today. It works quite simply - in addition to entering a password, you are required to provide a temporary one-time code that can be received via SMS or using special applications or even devices. Without this code, an attacker, even knowing your password, will not be able to log into your account and mess things up.
How does this help: dramatically reduce the possibility of using accounts by unauthorized people.
Where to set up: go to Google account in the browser and follow the instructions.
The above tips will help to significantly increase the security of Android, but they will not save from many misfortunes anyway. So do not be lazy to install on your smartphone a software package from well-known developers of antivirus solutions. In addition to the antivirus itself, they usually offer many other levels of protection - secure web surfing, password manager, SMS and call filtering, "anti-theft" features, and so on.
And most importantly - never let down your guard!
|You may also want to read:|
|How to protect your smartphone from theft or loss?|
|Want to become a smart Android geek? Start from Google Play Store|
|How to protect your data on an Android smartphone|