MACH37 Cybersecurity Guide: Securing Your Android Device

Key Takeaways

  • Android is the most popular mobile operating system in the world with a current 70% market share and more vulnerable to malware than iOS

  • You can secure your smartphone by leveraging native tools like Android Smart lock, Lockdown mode, Google Play Protect and Find My Device

  • There are other tools available for Androids like VPNs or Anti-virus software that can boost the security of your phone

Smartphones are quickly becoming the most critical device to defend for our personal cybersecurity. Everything from our credit card information to our sensitive personal messages are stored on the phone in our pockets. Android has become the most popular mobile OS in the world with over 70% of mobile users globally using it. 

Unfortunately for its large user base, Android phones are less secure than iPhones. One of the prime attractions for Android users is more flexibility, especially when it comes to application platforms. But that flexibility and openness can lead to vulnerability to malware. Third-party platforms offer developers a chance to test new ideas in a less-regulated, free market. However, fewer regulations often leads to abuse—malware. And while the Google Play Store does attempt to crack down on bad apps, the sheer number of developers means that more than a few will slip through.

Therefore, those who own Android phones need to think about security actively. If you are one of them, this post will guide you towards easy ways that will help you protect and secure your Android phone.

For your device’s protection, all you need is to spare some time to deploy impactful security settings and opt to use a few essential tools.

Android Smart lock

Pretty much everyone has some sort of pin to unlock their phone. This is the first and foremost thing to keep your Android phones secure. Android has a really neat feature called Android’s Smart lock. It also makes your device security less annoying without leaving it entirely vulnerable.

Android Smart Lock keeps your smartphone unlocked whenever at a trusted place such as on your person or in your home. It also leaves your device unlocked when connected to trusted Bluetooth devices such as earbuds, your car’s multimedia system, or smartwatch.

Biometrics / Lockdown Mode

The latest smartphones have a variety of authentication tools like face authentication and fingerprint authentication. They make it difficult for an unauthentic person to access your device. The adoption and popularity of biometric authentication are on the rise, as practically, it is easier to press your fingertip on a sensor than typing a password. However, as mentioned in our iPhone security guide, a thumbprint can be compelled by law enforcement as a search in the United States, whereas a passcode is protected by fifth amendment self incrimination protections. 

Provided you're using a phone with Android 9 or higher, an option called lockdown mode is well worth your while to investigate. Once enabled, it gives you an easy way to temporarily lock down your phone from all biometric and Smart Lock security options — meaning only a pattern, PIN, or password can get a person past your lock screen and into your device.

The idea is that if you were ever in a situation where you thought you might be forced to unlock your phone with your fingerprint or face — potentially by some sort of law enforcement agent — you could activate the lockdown mode and know your data couldn't be accessed without your explicit permission. Even notifications won't show up on your lock screen when the mode is activated, and that heightened level of protection will remain in place until you manually unlock your phone (even if the device is restarted).

To set lockdown, hold down the power button and select Lockdown or go to:

Settings > Lock Screen

Google Play Protect

Google Play Protect is Android's native security system that, among other things, continuously scans your phone for any signs of misbehaving apps and warns you if anything suspicious emerges.

Unless you inadvertently disabled it at some point, Play Protect should be up and running on your phone already — but it certainly can't hurt to double-check and make sure.

To do so, just open up the Security section of your Android system settings. Tap the line labeled "Google Play Protect," then tap the gear icon in the upper-right corner and make sure the toggles there are activated.

Use a VPN

VPNs (or virtual private networks) add an additional security layer to your internet connection, so it makes total sense that you would like to have one on your device seeing that you use it to send emails and surf the web. VPNs work by encrypting any internet data to and from your device.The trick is to choose a reliable VPN service. Once you choose one, downloading it and setting it up should be pretty seamless.

Use Two-factor authentication (2FA)

Two-factor or multi-factor is a major theme of cybersecurity guides nowadays because they are so effective! Even if an adversary steals your password they won’t be able to get into your device or accounts without having access to your SMS messages or email. So, if you are not using it for Google and social media accounts (for example), you need to incorporate it immediately.

Turning on 2FA verification on Android is pretty straightforward;

  1. Open your Android device’s Settings. Then go to Google, and then Google Account.

  2. Tap Security (available at the top in most Android devices).

  3. Locate “Signing in to Google,” and then tap 2FA (it will more likely be labeled as 2-Step Verification).

  4. Tap the Get started button.

  5. Follow the final steps you see on the screen to complete activating 2FA on your phone.

Download apps only from the Google Play Store

If you are security conscious, do not use third-party app stores for downloading any app, as many types of malware and viruses enter into your phones this way. It is an easy approach for hackers to access your device.

Another important aspect you need to care about is to avoid using unauthentic apps. Even if they are available in the Google App Store, do not use them unless you recognize the developers.

While such shady apps frequently make it to the Play Store, Google algorithms identify and remove them quickly. So, give the tech giant some time to eliminate those shady apps and bugs. As for you, use apps only when you are sure about their reliability and security.

Use anti-virus software

It helps resolve your Android security issues such as finding malware or a bug in a smartphone.

Although the built-in Google Play Protect keeps an eye on typical malware, an antivirus will come to your rescue and strengthen your Android security.

A couple of recommended quality antivirus software available in the market include Avast Mobile Security & Antivirus and Norton Mobile Security.

Enable Android’s “Find My Device” feature

Turning on “Find my device” helps you prevent data loss or find your lost device (as the name suggests) in situations such as your phone getting stolen.

To enable the “Find My Device” feature on your Android device;

  1. Go to Settings.

  2. Scroll down and click on Google.

  3. Next, scroll down and tap on Security.

  4. Now tap on Find My Device and then tap the appearing slider to turn it to the On position.

By activating this feature, you can track your smartphone from anywhere.

The only thing you need is to visit www.android.com/find and log in using the Google account that you have used on your phone. Then the application will track your smartphone in seconds.

Update Android device whenever prompted

If you want to keep your Android smartphone or any other device thoroughly secure, you should care about keeping your apps and operating system up-to-date.

Not updating your OS (Operating System) puts devices at risk of various security threats. That is because many malware and bugs can attack through the vulnerabilities in older versions of the software.

Do not root your Android!

“Rooting” is the Android equivalent of jailbreaking an iPhone. Android users love rooting due to the supposed advantages it offers. Some people argue that rooting helps in customization of the phone, and installation of apps not available on Google Play.

However, when you root your device, the Android security model gets compromised by a great degree.

Why? Because root applications have way much more access to your device’s system when it’s rooted.

Conclusion

The ability to customize your Android is a two-edged sword. It leads to many security pitfalls, but if you are careful and customize with security in mind then your phone can become a bastion of security. By switching the settings and adding the tools mentioned in this guide you can enjoy the freedom of your Android with peace of mind that your most important data is secure.