Security Analysis and tools on the Android platform

Operational Security 101

Today, mobile devices are a common element in people’s daily lives. With the massive use of mobile devices, both in the personal and at work, organizations are beginning to consider more carefully the event and the potential security problems that affect them. The security problems to which these devices are exposed are similar to those that a computer is exposed to, but they are aggravated since they have a greater exposure as their community of users is wider, which uses them both in the workplace and in personal life concurrently.

As you already know, Android is the most dominant OS on Internet. It is a mobile operating system designed for mobile devices with a touch screen such as smartphones or tablets, but we can also find it in other devices such as smartwatches, televisions or even in the multimedia systems of some car models. An operating system developed by Google and based on the Linux Kernel and other open source software, which has become the main responsible for the popularization of many smart devices by facilitating the use of numerous applications in a way simple.

Android Security Tip

Android has built-in security features that significantly reduce the frequency and impact of application security issues. The system is designed so that you can compile your apps with default file and system permissions, and so you don’t have to make difficult security decisions.

The following main security features help you build secure apps:

  • The Android application sandbox, which isolates your app’s data and code execution from that of others.
  • An application framework with robust implementations of common security features, such as cryptography, permissions, and secure IPC.
  • Technologies such as ASLR, NX, ProPolice, safe_iop, OpenBSD dlmalloc, OpenBSD calloc, and Linux mmap_min_addr to mitigate risks associated with common memory management errors.
  • An encrypted file system that can be enabled to protect data on lost or stolen devices.
  • Permissions granted by the user to restrict access to system functions and user data.
  • Permissions defined by the application to control the data of each app.

Steps to follow for Mobile Teams regarding their Safety

Due to the great demand that the Android system has been having on different mobile devices, they have been forced to take on new features in terms of their security. Which I will name and explain below.

The Screen Locks

This is an option that allows the user to make their lock by accessing their mobile device in the configuration or adjustment part > click on Security, and options are immediately displayed and look for where it says screen lock.

Generally they ask for a PIN or a PATTERN, the user will choose which of these two types of security to establish on their equipment, it is recommended that you do not use personal data when establishing your PIN to lock the screen, it exists in one of the technologies newest in terms of security in smartphones is based on facial recognition.

In order to apply this new facial recognition technology, it is important to Smart Lock, this can be used in a faster and safer way, which was released in Android version Lollipop which is usually an automatic unlock just by placing your face, without having to enter neither PIN nor PATTERN when unlocking your device is configured by setting a screen lock.  These appropriate settings are available at Settings> Security> Screen lock.

Use Google Play to download apps

When doing any type of download you must use Google Play because it is the most guaranteed method that no malicious applications will be filtered on your android system, it is recommended that you do not have the setting option activated.

Activate app Checker

To have greater peace of mind that all the applications that are installed on our computer is to activate the application verifier. In Google Settings > Security, we have to activate the option “Search for security threats on the device” and “Improve the detection of harmful applications.

Use Device Manager

It is mandatory to have the device administrator activated its two options to be able to locate,block and erase our device remotely to be able to use these options in case of loss or theft.

Manage application permissions

From Android Marshmallow, we can manage application permissions, a security measure that will give us more control and privacy. In Settings> Applications> Advanced options> Application permissions, we can decide what type of information and functions each of the applications can access.

Let the inactive device lock up right away

In mobile phones, there is also the possibility of blocking the equipment when it has a certain time that it has no activity in the generally recommended 15 or 30 seconds. It is easy to configure it, you just have to go to setting> screen where the options are displayed from 15 seconds to 30 minutes, the user will decide which option they want for their Android device.

Encrypt the device

Finally, there is the encryption if the user so wishes from experience, when using this option it is usually very slow since the process can take up to an hour, however it allows us to have more secure data, files and accounts.

In other words, Android has been working according to the needs of the user and to give them greater comfort and advantages and in turn necessary tools to make this Android system less vulnerable and its users have greater confidence in using Android and following the protocol that each mobile team will ensure enhanced security on their Android devices.

Manish Gehlot

I am a privacy, security, encryption and software freedom enthusiast. I am into VPNs, TLS security. Recently I also got into technical writings including guides.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Check Also
Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker