Home / Tips/How To / How to secure your Android Smartphone [Tips]

How to secure your Android Smartphone [Tips]

Mobile device will soon become the next prime target of malware, in fact, the attacks are already rising rapidly. The reason? It is simply because a modern smartphone is really just a small computer.

How does it affect you? For a normal user, the damage can range from loss of your photos to personal files and even instantly damaging your smartphone. However the risk on enterprise users can be more serious as malwares can take hostage of confidential data for money.

There are ways to steal your money as well. There have been reports that rogue apps installed on your phone can send large number of premium SMS that will be billed to your phone, it happens without you knowing. Another way in which malware could compromise you is by recording your phone calls or by logging your passwords. Each malware is different and can range from stealing a user’s address book to completely taking control of the infected device.

Are you afraid of using your phone now? Fret not as there are always ways to minimize these risk. If you are an Android user, check out some of the tips below on how to secure your Android smartphone/devices.

Lock your phone

This is the most important step in securing your smartphone as it is the first line of defence against any unauthorised access. However most people would avoid locking up their device as it takes an extra few second to input the pin and access their phone.

On Android, its easy to set a screen lock by going to Settings > Security > Screen lock. It is more secure to use a PIN/Password or at least the Pattern lock.

Instal a mobile antivirus

The most common way to keep malware out of your phone is to instal a mobile antivirus program. Most of these programs comes free and some even offers Anti-Theft functions.

A short list of recommended mobile security software for Android as below:

  • Dr. Web Anti-virus Light(Free)- Real time & On Demand scanning, SD-card protection.
  • Lookout Security & Antivirus(Free)- Real time protection. Paid version comes with backup/restore, anti-theft functions.
  • avast! Mobile Security(Free)- Real time & on-demand scanning, Anti-Theft functions, Firewall for Rooted device only, SMS/Call Filtering, Network Meter plus other functions.
  • Norton Mobile Security Lite(Free)- malware protection and remote locking. Paid version offers browser protection, call and text blocking, remote locating, remote alarm, remote camera control to take snapshots and remote wiping.
  • Sophos Mobile Security(Free)- Details here.

If you still need more option, there are also other free/paid programs such as NQ Mobile Security & Antivirus, Kaspersky Mobile Security or F-Secure Mobile Security. For a more effective protection, make sure the Android security program is always up to date.

Instal Anti-Theft app

It has come to a point for some people that their mobile phone is more important than their wallet. What happens if you ever lost your phone? With a remote management program, you can try to locate your phone via GPS. In the event that it is stolen, you can remotely lock or wipe all your important data on the phone. This way, you can still secure your personal data despite you may not be able to get back your phone.

A recommended program that do an excellent job on this is Avira Android Security and best of all, its free.

Other similar free programs that offer anti-theft function include Norton AntiVirus & Security and AVG AntiVirus.

Secure your Android Internet

Most people love to use free public WiFi networks such as the one available at Starbucks. But did you know that all emails, instant messages, Facebook/Twitter passwords or just any other data that is sent via your WiFi are not secure? While you are reading this, cyber criminal are constantly exploring many ways to steal consumer’s data and password and the easiest way to do this is via free public WiFi networks. In fact, there have been reports last year that Facebook’s iOS and Android clients don’t encrypt users’ logon credentials and 99% of Android devices are not safe in open WiFi networks.

Have you heard of FaceNiff? Its an Android app that lets anyone hijack accounts of Facebook and Twitter in open WiFi networks.

Installing a mobile antivirus programs does not help. A mobile antivirus protects data that are stored on your mobile phone and not your data that are transmitted to the Internet.

Here’s the solution- You may know what is a VPN or Virtual Private Network and if you are reading this, you probably think that you don’t need one.

The most important thing that you need to know about VPN is that it secures your internet connection to ensure that the data you’re sending and receiving is encrypted and secured from prying eyes.

Unfortunately, a good VPN service usually comes at a price as there are cost involved in securing and encrypting your Internet connection. But don’t worry, there are also some free VPN services for Android such as Hotspot Shield VPN and Hideman VPN.

However there are drawbacks with Hotspot Shield as well as some other VPNs. The free versions are supported by showing adverts or data limits, though you can avoid these by upgrading to a paid-for version. Keep in mind that usually VPN servers are located overseas like in US or Europe and this may result in a slower Internet connection especially if you’re using the free one that usually have congested servers.

A paid VPN service usually gives you faster speeds, depending on your Internet connection. Some PPTP/L2TP VPNs to check out are WiTopia, SecurityKiss or HideMyAss.

Android device generally support the following VPN protocols: PPTP, L2TP, L2TP/IPsec PSK, or L2TP/IPsec CRT. The last is most secure but requires a digital certificate. With L2TP/IPsec PSK, you can use a preshared key (a password). PPTP is the easiest type of VPN to set up, but it’s also the least secure.

If you still think that you don’t need VPN, avoid connecting your Android phone to an open public network(WiFi networks without passwords), if you care for your personal data.

Avoid rooting your Android phone

Many Android users out there install a custom ROM on their phone to get the latest version of Android. This process requires the device to be rooted. This means malware can exploit the operating system to grant itself root permission and install extra software without any interaction from the user.

Rooting is a process that allows you to attain root access to the Android operating system code (its called jailbreaking when it comes to iPhone). It gives you privileges to modify the software code on the device or install other software that the manufacturer wouldn’t normally allow you to.

Gaining root access means bypassing the security restrictions put in place by the Android operating system. Which means worms, viruses, spyware and Trojans can infect the rooted Android software if it’s not protected by effective mobile antivirus for Android.  If you still want to root your device, ask for expert advice on dedicated forums to understand the potential risk.

An important thing to note- Rooting your Android phone usually will void its warranty.

Conclusion

Besides common sense actions like not downloading untrusted apps or not installing apps which ask for odd permissions (like a game wanting SMS permissions), do some research if you are not sure. You can do this by simply Google-ling about the app online if you really take serious about security.

As an added protection, you can also encrypt your Android device and your SD card with a master password to prevent unauthorised access.

Other than that, it is also important to keep your apps up to date as these updates usually contains bugs and vulnerability fix. Most importantly, make sure you know what you are doing. If you are not sure, ask people who might know.

About Kugan

Kugan is the founder of MalaysianWireless. He has been observing the mobile industry since 2003. Connect with him on Twitter: @scamboy