How secure is your data on that Android smartphone? On a scale of "Alcatraz" to "open field of flowers," where does yours rank? If you're truly concerned about the security of your mobile device (which you should be), you know there are always steps to take to further clamp it down. Because some of these steps a bit more complicated, they are often overlooked by the average user. That's why I want to offer up a few easy ways anyone can bring a bit more security to their Android device.
Without further ado, let's dive in and get a bit more security for your device.
Android Device Manager
This should be one of the first things you install on your Android. The Android Device Manager is an app that sets up your device to work with the Android Device Management page of your Google account. Once you've installed the app (and set it up), you use the ADM page to locate your device, reset your device lockscreen PIN (Figure A), or erase all data on your device. If you have more than one device, this app also serves as the ADM tool (so you don't have to go to the web page to work with a device. Of course, if the device you've lost or stolen happens to be the one with the Android Device Manager installed, you will have no choice but to use the web page. Even so, installing this app will ensure you've activated your device so that it will work with the management service.
Your device keeps tabs on you. When you search something, it records it. If you're really paranoid about keeping your searches private, you should consider installing DuckDuckGo. This particular tool doesn't store or share any personal information, doesn't share information with advertisers, and doesn't track you in any way. Install it, open it, and search with it. There is one little trick, however. Out of the box, DuckDuckGo does save your recent searches. To disable that, open the app, tap on the menu button (three vertical dots in the upper right corner), tap Settings, and then tap to disable Save Recents (Figure B).
This cannot be said enough. Period. You have no excuse to leave your Android device open for prying eyes. Set up a lockscreen password, PIN, pattern, or fingerprint. Yes, it might be a hassle, but it's certainly better than the hassle of having to replace your device or explain to your boss that the device containing company secrets is somewhere in the wild. Go to Settings | Security & fingerprint (or just Security, if your device doesn't have a fingerprint scanner) | Screen lock and configure your lockscreen.
Do this now.
And, before I forget, never share your screen lock password/PIN/pattern with anyone. Ever. Okay? Good.
Speaking of password and sensitive data, if you have apps on your device that contain such information, you should be employing an app lock of some kind. My app lock of choice is AppLock. Once you've installed this, you can then lock down individual apps with a password. The only way those locked down apps can be opened, is by knowing the pattern or password lock. From the AppLock main window (Figure C), locate an app to secure, and tap the associated lock icon.
The only caveat to AppLock is that you use the same password or pattern to unlock your apps. Even with this, you should be using such an app to block access to your apps and their data.
Installing and updating
I have two very simple bits of advice here:
- Never install an app from outside of the Google Play Store. Ever. Period.
- Always keep Android and every one of your installed apps updated. Check for updates regularly and install them as soon as they are available.
Set up user accounts
This has been an option since Android Lollipop. You can create user accounts that won't have access to your data. This is especially important if your kids are prone to beg for your phone or you often need to allow clients/customers to view data. To set up a user account, swipe the Notification Shade down twice and then tap the user icon in the top left corner. In the resulting window (Figure D), tap Add user, OK the warning, and allow the user to set up their space (which requires the connection to a separate Google account).
If you don't want to add a user with an associated Google account, you can always just switch to the built-in Guest account. This account will give the user access to the basic applications, but none of your data. When you switch back to your account, you will have to enter your lockscreen password/PIN/pattern to gain access (that way the guest can't simply switch to your account and get to your information).
Finally, I strongly believe in using an app like Orbot. Orbot encrypts your internet traffic and hides it by bouncing through a series of Tor computers around the world. Orbot is only the backend of this service. Once you've installed this, you should also install the Orfox web browser. With these two pieces installed, you then open Orbot, start the server (Figure E), and then (once the server is running) open Orfox and start surfing securely.
Better safe than sorry
You do not want to have to deal with a security breach on your mobile device. There is way too much private information transmitted from that phone to be passive about security. And, as the old adage goes, better safe than sorry. With just a few quick steps, you can be safe, so you won't later be sorry.
- Executive's guide to mobile security (free ebook) (TechRepublic)
- How to blacklist spammy phone numbers with Android Nougat (TechRepublic)
- Android Security Bulletin April 2017: What you need to know (TechRepublic)
- 4 ways to send encrypted messages on Android (TechRepublic)
- N-day Nvidia, Android driver security flaw details revealed (ZDNet)
Jack Wallen is an award-winning writer for TechRepublic and Linux.com. He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website jackwallen.com.