Android OS Security Recommendations

Take the following steps to secure your Android OS device. Please check with your manufacturer for specific instructions on how to best utilize these suggestions.

Operating System: All

Applies To: UB students, faculty, staff, alumni, retirees and volunteers

Last Updated: September 9, 2016

  1. Update firmware to the latest version
    Firmware updates often include critical security fixes, which reduce the probability of someone remotely exploiting the device.
  2. Require a passcode
    Requiring a password to unlock the device helps prevent unauthorized access to the device.
  3. Set auto-lock timeout
    Automatically locking a device after a short period of inactivity reduces the probability of someone accessing it without entering a password.
  4. Turn off Ask to Join Networks
    Requiring manually configuration to join a Wi-Fi network reduces the risk of inadvertently joining a similarly named, yet untrusted network (i.e. "default" vs. "defualt"). Once you have configured your device to connect to all of the usual places you’ll want to connect to (UB, home, etc.), turn off “Ask to Join Networks” to reduce this risk.
  5. Turn off Bluetooth when not needed
    If you don’t need Bluetooth enabled, it should be disabled to prevent its discovery and connection by someone else.
  6. Forget Wi-Fi networks to prevent automatic rejoin
    A trusted, but unauthenticated Wi-Fi network may be spoofed and automatically joined if it’s not forgotten after last use. Additionally, if such a network has a common SSID (network name), such as “default” or “Linksys,” it is probable that the Android will encounter an untrusted instance of a same-named Wi-Fi network and automatically join it.
  7. Erase all data before return, repair or recycle
    Overwriting the device’s storage before it is out of the user’s control will reduce an attacker’s ability to recover sensitive information from the device.

 

Still need help?

Contact the UBIT Help Center.