Mobile Device Best Practices for Android
AndroidTM Device Safety
Mobile devices are part of our daily lives, whether for work, travel or entertainment. Our devices connect us to our world, which make them—and the data they hold—that much more important to protect. Consider the following best practices to secure your Android device.
Note: Some of the instructions below may vary for your specific device and operating system (OS).
- Keep your OS and apps up-to-date – Software updates not only introduce new features but also resolve known bugs and security vulnerabilities.
- Only install apps from the Google PlayTM App Store – apps submitted to the Google Play store undergo a review process to provide a safe experience for users.
- Delete unused apps – Deleting unused apps not only frees up device storage but also streamlines updates and backups while removing potential vulnerabilities. To remove an app from your Android device:
- Open your device Settings
- Select Apps or Application Manager (this may be under the General section of Settings)
- Select the Downloaded list of apps.
- Locate and select the application you wish to uninstall to open the App Info screen.
- Tap the Uninstall button on the App Info screen and confirm your selection.
- Note: You may not be able to delete some apps that came preinstalled on your device. You may have the option to disable these apps instead.
- Limit the information you share with apps – Many apps will ask for your personal information (e.g., access to your Contacts or Location). Ask yourself what information is necessary for the app’s purpose. You can manage these preferences under your device Settings.
- Use Screen Lock with a PIN, password or fingerprint ID to protect your device – Using a passcode or fingerprint lock can prevent unauthorized access. Additionally, set your device to automatically lock after a certain period of inactivity. Screen Lock can be configured under your device Security settings. Auto Lock can be found under your device Display settings.
- Use ’Android Device Manager’ to control a lost or stolen device – If your device is lost or stolen, Android Device Manager not only allows you to locate the missing device (if Location Services is enabled), but also lets you remotely manage device security features such as:
- Locking your device
- Erasing your data
- Enable Android Device Manager at google.com/android/devicemanager or download the app from the Google Play Store.
- Know your Wi-Fi connection – Public wireless networks and hotspots are not always secure, and may allow others to monitor your traffic. Limit your activity on public Wi-Fi and avoid logging in to key accounts such as email or financial services on these networks. Consider using your carrier’s data network or a virtual private network (VPN) for a more secure connection.
- Disable Bluetooth when not in use – If your device’s Bluetooth is always discoverable, malicious users may access your device without your knowledge.
- Enable the ‘Erase Data’ feature – Erase Data encrypts your data with your device passcode. After 10 failed passcode attempts, your personal data is deleted. The Autowipe feature can be configured under Settings > Security > Device administrators.
Note: It is a good practice to backup your data regularly in case your device is lost or stolen.
- Wipe your data before selling or donating your device – Keep your personal data private. Go to Settings > General > Backup and Reset > Factory data reset to clear your data and restore your device to factory settings.
- Download antimalware software – Mobile OS—Android in particular—are increasingly becoming targets for malware. If you are using your device to access the Internet, an antimalware app will help to protect your smartphone or tablet. Note: Keep your security software updated to protect your device from emerging threats.
- Be wary of suspicious emails and text messages – Links in unsolicited email or text messages may lead to viruses or malware. Take caution with unsolicited messages.
- Know your URL – Shortened URLs and QR codes can lead to malicious Web sites. Use a URL preview site, such as LongURL, to view a Web address before visiting. For QR codes, use a QR reader that offers a preview of the code’s embedded Web address.
- This Security Spotlight – We are providing this Security Spotlight to help educate and keep our customers informed about Android Device safety. However, this Security Spotlight does not contain guidance on every aspect of device security nor does it contain comprehensive information on all types of viruses, malware and fraud that you may encounter when using your device. You should not rely solely on this document to provide you with answers to all of these important subjects.
- Ongoing diligence – You are responsible for understanding how to best protect yourself against threats to your device and your personal information. You must also determine the device best practices that are appropriate for you. This means that you must remain diligent and will need to keep informed about device security and ongoing security threats.