android

The Surprisingly Easy Guide to…Making Your Android Phone Safe

Share on FacebookTweet about this on TwitterGoogle+

Android is the most popular mobile operating system in the world, with an estimated 1 billion users.

Unfortunately, this popularity makes it a target for hackers, who take advantage of Google’s open source code and relatively lax policy on approving apps to infect devices.

There have been a number of high profile Android security issues over the years, the latest of which is Stagefright. Most of these issues get patched relatively quickly, but it’s still worth taking measures to make your device safer on a day-to-day basis.

So, without further ado, here is the surprisingly easy guide to making your Android device more secure!


Apply a screen lock

Lock Screen

The first and easiest step to making your device more secure is applying a screen lock. While this seems obvious, a lot of Android devices don’t prompt you to set a lock on start-up and many users forget and regret it later when someone unlocks their phone and starts posting rude messages on Facebook (which, amazingly, is actually the best case scenario).

It’s easy to set up a screen lock: just go to Settings > Security and choose screen lock. This process will vary from device to device, but the basic route will remain the same.

Depending on what version of Android you’re running, you’ll get to choose between a few different types of screen lock: PIN, password, pattern and even facial recognition.

Of these options, PIN and pattern tend to be the most popular, although password is probably the hardest for an unscrupulous type to guess.

Although facial recognition is fun and has come a long way in the past couple of years (for example, you can’t just show your phone a picture of yourself anymore), it’s still open to abuse and not the most secure option at the moment.

But I can’t be bothered to enter a password every time I use my device!

Ah, the most common complaint! Well, lazy phone user, you’re in luck as Android features a number of options to save you from entering your password each time you use your device.

The best is the ‘Automatically Lock’ setting in the Security section of Settings (also known as ‘Lock phone after’ on some devices). This allows you to set an amount of idle time before your phone locks entirely.

Lock Phone After

If you use Android 5.0, you can also set locations where your device won’t lock (i.e your house). You can also stop your phone from unlocking when it’s connected to ‘trusted’ devices, and use facial recognition to skip the password process.


Passwords

Like Fight Club, there are just two rules when it comes to passwords on Android: don’t save your passwords ever and use a password manager.

Although saving passwords is convenient, it gives a thief one less obstacle to overcome if they start going through your phone. Make sure to turn off autofill forms too, especially for credit cards and payment methods.

Downloading a password manager app is optional, but it will make it a lot harder for a thief to access your personal information. An app like LastPass (which we’ve covered before) creates an encrypted database of your passwords, and hides them behind a ‘master password’. This means you can set different passwords for every service you use and not have to worry about forgetting them (just make sure you don’t forget your master password!).

Lastpass


 Apps: stay vigilant, even in the Play Store

Google Play

Apps are one of the main ways hackers try to access a device, so be vigilant when downloading anything.

If you only download apps from Google’s Play Store, you should be fine most of the time. However, Google’s app policy is slightly more relaxed than Apple’s, which means the occasional dodgy app can slip through. Always check the amount of downloads an app has, its rating and the permissions the app asks for.

If you do accidently download something dodgy from the Play Store, it’s not the end of the world. Android has a feature called Verify Apps, which scans downloaded apps for malware and helps you uninstall them. Of course, the damage may already be done so it’s best to avoid dodgy apps altogether!


Third party app stores and sideloading

The real security issues arise when you download apps from third party stores. These stores are generally not as well vetted as the Play Store and some are more or less fronts for malware.

Sideloading, where you add the files to your phone manually and install an app that way, is also rife with security issues.

Before you download any app, make sure you search the web for forum reviews. If you can’t find any, it’s best to give it a miss.

Note: not all third-party stores are bad. The Amazon App Store and Samsung Apps are trustworthy, for example, although you should still stay vigilant before downloading anything.


Download a security app

Lookout

Opinion is split on whether or not Android users need to download a security app, given that Google patch a lot of vulnerabilities themselves. With so many free options, though, it’s worth downloading one and having that extra layer of security.

Lookout is one of the most popular security apps on Android, with a location tool to help you locate your device and some basic security features in the free version. If you prefer, you can pay to upgrade to a version with more features.


Encrypt your data

Storage

Unlike the iPhone, the data on your Android device isn’t automatically encrypted with a passcode. You can still encrypt it, though; simply go to Settings > Security or Storage (it could be either) > Encrypt Device (the route varies from device to device, but should be relatively similar). The encryption process takes a while, so leave plenty of time and make sure your device is connected to a charger.

It’s worth noting that encryption can slow your device down quite significantly. It’s also an irreversible process. You’ll need to factory reset your phone if it ends up operating at a crawl (make sure you back up your data first!).

As of Android 5.0 Lollipop, some devices will encrypt your data automatically so you can ignore this step!


Android Device Manager

Android Device Manager

Android Device Manager is the Android equivalent of Find My iPhone, allowing you to remotely ring, lock or erase your device from a computer. It’s automatically enabled on most devices, so all you need to do if you lose your phone is go to this link.

On some older devices, however, you may need to enable Device Manager manually. You can do this by going to Settings > Device Administrators and checking ‘Android Device Manager’.


Use a third-party browser

Firefox

The stock Android browser has had quite a few security issues in the past, and is no longer being patched on devices running Android 4.3 Jelly Bean or older.

While many of the browser’s issues are fixed on 4.4 and higher, it’s still a good idea to use a third party browser instead. Your options include Google’s own Chrome browser, Firefox or Dolphin.


Don’t keep sensitive data on your phone

The infamous iCloud celebrity picture leak illustrated the problem with keeping *ahem* sensitive material on your phone. Presume whatever is on your phone can be seen by other people, and act accordingly: don’t store any banking passwords, sensitive personal information or anything else you wouldn’t want a thief or hacker getting their hands off on your phone.


Back up the data you can keep

Losing everything– photos, music and so on – can be a devastating consequence of your device breaking down or being stolen. Make sure you back up everything to the cloud or your own personal storage. Luckily, a lot of phones do this automatically via Dropbox or Google Drive!


Always update to the latest version of Android

android

This is possibly the most important security advice of all. Whenever you’re offered an update, take it! Android updates often include crucial fixes and patches, and your phone is more vulnerable without them.

Bear in mind that because the Android OS is so fragmented across devices, some manufacturers will provide updates later than others.


Get a new phone

Unfortunately, manufacturers can’t support old devices forever and older versions of Android are particularly vulnerable to security issues. If your device has fallen behind the times, sell your phone with musicMagpie and treat yourself to a new one!


Have you got an Android security tip? Share it with us in the comments!