Android Security

Richard LaHue, James May Jr.
2017-07-10 21:45

For Android devices, we’ll go over the following kinds of security in detail: physical security of the device, security of the device’s data, and access management. Android devices include Android smartphones (e.g., Samsung Galaxy S8) and tablets.

Android fragmentation and update cycles makes it difficult to make how-to articles that cover the range of Android devices that Carthage provides faculty & staff for work. For simplicity, we’ll be writing instructions using Android 7.0 Nougat.

Android Data Security & Access Management

Set a Strong Lock Code

The good news about your Android device’s passcode is that it both limits access to your device’s data (i.e., someone can’t get into your phone without your passcode) and it encrypts your phone’s data with your passcode (i.e., someone can’t pull the storage device out of your Android device and access the data stored on it without decrypting it with your passcode).

It’s very important to have a strong passcode. While a 6-digit numeric passcode makes for a better passcode than nothing, 6 numbers isn’t nearly as good as a 6-digit alphanumeric (letters & numbers) passcode. Nothing beats a strong alphanumeric passcode.

When & Whether to Enable Biometric Locks

Fingerprint and iris scanners are nice and convenient, as long as you’re not traveling through an airport. Courts have ruled that the TSA can’t make you turn over the password to your computer devices, but they can compel you to put your thumb on your Android device’s fingerprint sensor—if the fingerprint sensor is allowed to unlock your phone, that’s the same as handing over your device’s passcode! If you plan on travelling, you should disable any biometric locks on your Android devices (e.g., fingerprint scanners, iris scanners, face scanners) at least until you’re out of airports, and you should turn off your phone and other computer devices before going through a TSA / CBP checkpoint.

Depending on the country you’re going to, it may be legal for the authorities to compel you to use your finger to unlock your phone, so you do some research and make sure you don’t need to disable biometric locks for your entire trip. The US is one such country. In the US, law enforcement can compel you to use your finger to unlock your phone, but they cannot compel you to hand over the passcode to your device if you’re a US citizen (your password is protected under the 5th Amendment to the US Constitution, but your biometrics aren’t).

Android Device Security

Find My Device

If your Android phone is lost or stolen, you can use Find My Device to track it down. As long as you’ve signed into your Google account on your Android phone and have Location turned on, you should be good to go.

To Enable Find My Device...

  1. Link your phone to Google if you haven’t yet. See Google’s documentation for more detail: Link your phone to Google - Android - Google Search Help
  2. Connect to mobile data (through your cellular carrier) or wifi.
  3. If you have hidden your phone in the Google Play Store, you will need to unhide it.
  4. Find Google Settings in one of these places (depending on your device):
    • Navigate to your device’s Settings app > Google
    • Open a separate app called Google Settings
  5. In Google Settings, navigate to Security.
  6. Under Find My Device, turn on Remotely locate this device and Allow remote lock and erase.
  7. Go back to Google Settings, then navigate to Location.
  8. Turn on Location.
  9. You’re done!

See Google’s documentation for more detail: Be ready to find a lost Android device - Google Account Help

Average rating: 0 (0 Votes)

You cannot comment on this entry