University at Buffalo - The State University of New York
Skip to Content

Android OS Security Recommendations

Take the following steps to secure your Android OS device. Please check with your manufacturer for specific instructions on how to best utilize these suggestions.

1.       Update firmware to the latest version

Firmware updates often include critical security fixes, which reduce the probability of someone remotely exploiting the device.

2.       Require a passcode

Requiring a password to unlock the device helps prevent unauthorized access to the device.

3.       Set auto-lock timeout

Automatically locking a device after a short period of inactivity reduces the probability of someone accessing it without entering a password.

4.       Turn off Ask to Join Networks

Requiring manually configuration to join a Wi-Fi network reduces the risk of inadvertently joining a similarly named, yet untrusted network (i.e. "default" vs. "defualt"). Once you have configured your device to connect to all of the usual places you’ll want to connect to (UB, home, etc.), turn off “Ask to Join Networks” to reduce this risk.

5.       Turn off Bluetooth when not needed

If you don’t need Bluetooth enabled, it should be disabled to prevent its discovery and connection by someone else.

6.       Forget Wi-Fi networks to prevent automatic rejoin

A trusted, but unauthenticated Wi-Fi network may be spoofed and automatically joined if it’s not forgotten after last use. Additionally, if such a network has a common SSID (network name), such as “default” or “Linksys,” it is probable that the Android will encounter an untrusted instance of a same-named Wi-Fi network and automatically join it.

7.       Erase all data before return, repair or recycle

Overwriting the device’s storage before it is out of the user’s control will reduce an attacker’s ability to recover sensitive information from the device.