Mobile Security - Securing Android Devices


Nowadays, mobile phone devices are substituting computers in some special cases and from this comes the concern of the users and system administrators to restrict rights to the application or the user. Hence, we protect computers from being infected by installing antiviruses in order to prevent any possible unpleasant situation, where some data is lost or goes public.

Following are a few recommendations to protect our mobile devices −

  • Enable lock screen so as not to be directly accessible by third parties.
  • Keep the operating system updated and patch the apps all the time.
  • Download apps that are officially marked by Google or from genuine sites that offers this app.
  • Don’t root android devices.
  • Install and update antivirus app on android device.
  • Don’t download android package files directly.
  • Use android protectors that allows you to set password to email, SMS, etc.

Google Apps Device Policy

Google Apps Device app allows a Google Apps domain admin to set security policies for android devices. This app is available only for business, government, and education accounts, which allows IT administrators remotely to push policies and enforce them. Additionally, it helps them locate mobile devices and lock them.

Google App Device Policy

Remote Wipe Service

Remote Wipe Service is a service that allows administrators to reset or erase the information in the lost or stolen device. To avail this service, the device should install Google Sync or Device Policy. This can also delete all the information in the device such as mail, calendar, contacts, etc. but cannot delete the data stored on the device's SD card. When this service completes its task, it prompts the user with a message as an acknowledgement to the delete function.

Follow these steps to enable this setting for users −

Step 1 − Sign in to the Google Admin console

Step 2 − Click Device management → Mobile → Device management settings

Step 3 − Check the Allow user to remote wipe device box.

Step 4 − Click Save Changes.

You can apply this setting to your whole organization or by organizational unit to enable remote wipe for only a specific group of users.

Once enabled, a user can remotely wipe their device by following these steps −

Step 1 − Go to their My Devices page. The user will need to enter their password to access this page, even if they're already signed in to their account.

Step 2 − Click Wipe Device.

A window appears with this warning text: This will wipe all application and personal data from your device. Anything that hasn't been synced will be lost. Are you sure you want to proceed?

Step 3 − Click Confirm to wipe the device.

Following is the Administrator Console −

Administrator Console