In the past years, I have been an Android user having difficulty checking the safeness of my mobile. Recently, I just got to realize that Android security doesn’t have to be a source of stress.
It has been proved beyond reasonable doubt that Android security is a hot topic people research due to one reason or the other. Reality check-up? I am once ignorant of some knowledge on how to check the safeness of my mobile. So, take a chill, we are all ignorant of one thing or the other, lol.
I believe after taking your time to go through this, you will not have to be scared of viruses or any sort of brain-eating-boogie-monster tied to threats with zero probability of actually affecting you in the real world. Let’s get started on our safeguard steps. For easy reading, I’ll put these into four parts. Each part will constitute the important the required steps you will be needing to keep your android safe.
Part I: Application Intelligence
Step I: Check through applications and services connected to your account
You might have probably granted permission of numerous applications accesses to be part of your Google account over time — which is no big deal in general, but it is advisable that applications that you had abandoned by abandon I mean that you’re no longer using, it’s a very smart move to close the connections.
To enable this, navigate go to the page in Google’s security settings to see a list of everything that’s been authorized and what exactly it can access. If you see an unknown application or an application you have been abandoned by you, click on it and then click the blue “Remove Access” button.
In the process of doing that, take a minimum of two minutes to look through your applications list and uninstall anything you’re no longer actively using. This will eliminate unnecessary opening to different areas of your data, and it’ll free up space and slay phone-slowing resources too.
Step 2: Revisit the permissions of your Android application
Like an open infected wound caused as a result of one’s carelessness, it’s too easy to give an application grant to access one’s information at an initial stage too due to carelessness i.e not giving much thought about it. That’s why it is advisable to periodically check one’s application permissions access. You might find yourself howling on how to do this. It is quite simple;
On recent Android versions, open up the Privacy section of your system settings then look for a statement that says either “Privacy dashboard” (for Android 12 users) or “Permission manager” (on other recent versions of the operating system). If you don’t see anything like that on your phone, panic not. What to do? Just try searching your system settings for the word “permissions” to find out what is equivalent to this on your device.
Going through any means, you will end up seeing a collection of categories for numerous types of permissions you have granted on your device over time. Take a skim through them all. If you see anything skeptical, all you’ve to do is tap it to revoke the permission.
You are possibly wondering if this isn’t possible for users using Android 10 and higher. I have an answer to your doubt, it is! All you’ve to do is to go a step further when it comes to location and allow an app to access that only when you’re actively using it. For those who are using Android 11 specifications and above, you can get even more minor distinctions by granting applications only temporary, case-by-case permissions to access your location, camera, and microphone. And as for Android 12, you can fine-tune an app’s location access to make it only approximate instead of precise (although, this is not mandatory), it is at the owner’s wish.
Step 3: Ensure that you are a user of an Android’s app-scanning system
As for Android 12 users, you can tune up an application location access to make it only approximate instead of precise (it is important to note that; this isn’t mandatory). Automatically, Android can monitor one’s device of bugging codes and all sorts of suspicious activity — here no third-party applications or add-ons are even required. And while the system should be enabled by default on any reasonably current device, it’s knowledgeable to occasionally confirm that everything’s turned on and is functioning the way it should.
To check if this is being activated, go to the Security section of your system settings, click on the statement tagged either “Google Play Protect” or “App security,” then take a peek at the system’s latest activity. You can as well tap the gear icon in the upmost-right corner of the screen to confirm if all available toggles are on and are active.
This ensures that Android’s application itself runs a verification to keep a watch on all installed applications on your mobile, even after they are been installed, and to ensure they don’t do anything harmful to your device. The scanning which runs silently in the background doesn’t bother one unless a suspicious activity is found.
The beauty of this is that, you’ll never even know it’s there. No sort of disturbance. But it’s a valuable piece of protection and an important application to set in motion, and it’s necessary to be aware of its presence.
Step 4: Appraisal of your right selection of applications to be installed
Not all good-looking meal is advisable to be devoured, right? Similarly, not all applications are to be installed. Even while walking you through ways to ensure the safety of your mobile. With the exclusion of Android security, take a bit of responsibility by letting your brain guide your app-downloading decisions.
The bitter truth is this: Google’s security mechanisms might invariably fail on certain occasions. But right decision-making on applications to get on one’s device doesn’t, not even when not all applications on Play Store are safe.
Just as you do when browsing the web from a computer, look at something thoroughly before you download it. A clue on how to do this is by checking the number of downloads and the overall reviews.
Pause to think about what permissions the application you are about to install ask before granting the acceptance.
Furthermore, check the name of the developer, if you doubting if the application is genuine or not, and see what else they’ve created. It is not advisable to download applications from just any random website or an unestablished third-party source. Although such applications will be scanned by Google’s on-device security system before they are been installed, the probability of encountering something sketchy is significantly greater naturally within the Play Store.
(However, your mobile device is likely not to download applications from an unknown source by default, by the way, if this fails, you will be warned and prompted to authorize any specific form of applications not from Play-Store. Installation of applications on Android cannot automatically install itself without one authorization, nor is it possible for it to access any sensors or branches of your data unless you grant such friendly permission).
For the most part, all it takes is a 10-second glance to size up what you’re about to install and see if it’s worth installing. Do not hesitate to skip this step for applications that you are not sure if it is genuine. If otherwise, then you can proceed.
Part II: Password/passkey and Authentication
Step 5: Double-check your security basics
If we are to carry a survey out of the world’s population, an approximate number of 65% of people will not give regard to security passkey. Perhaps, they feel it is of no importance to have their mobile secured with their password/passkey. Come to think of it, why do you think we have the security personnel in banks? Despite it being regarded as a safe house and as such no invader can invade it.
I will keep this simple: If you are not using biometric security and/or a PIN, pattern, or password on any of your devices, start doing it. Now.
Have you tried having a tete-a-tete with any security expert? If not, one thing I can guarantee you is that you’ll hear the same thing. Are you even aware that the most likely cause of a security failure is simply a failure on your behalf to secure your documents and information? You are the link between your mobile and the information that is there. I know you wouldn’t want to be a weak one, ensure not to be.
Awkward references aside, think about it: If your phone has no passcode protecting it, all of your data are prone to danger for the time being inasmuch you leave the device unattended (intentionally or otherwise). This includes your email, documents, social media accounts, and entire photo collection (you are amazed. Yes, even those pictures).
The best part; Android makes it trouble-free as it can be to keep your devices secure. A package called the software’s Smart Lock function allows you to automatically leave your phone unlocked in a “safe mode” condition — An instance is this; when you’re at home, and a specific trusted Bluetooth device is connected, or even when the phone is being carried in your pocket. This is a result of extra security which shows up only when it’s can save passwords for websites as one desire and all sort of applications to access the information via one mobile device. As part of your annual checkup, glance over the list of unsaved passwords that Google did not save (a warning will be displayed plainly at the top of that very same screen).
While you are on this, take a few seconds to remove any noted dated applications that you no longer need. You will be glad you do this in the future.
Step 7: Persistently assess your password management system
As they say, having something is better than having none. This applies to using Google saved password system, but do we get stronger security assurances, more advanced and useful features? With the support of an in-application password filling which is done by using a password management service.
Numerous creditable options are available. To mention some of the recommendable options include; LastPass, 1Password, and Bitwarden. Any of the listed recognized services work effectively on desktop and even on iOS, and most have similar levels of security. Although, there will be the main difference being cost, extra features, interface, and the resulting overall user experience.
Install any of those on your device and then, we can get started, if you are already using such a service, take a few minutes now to peek into the application’s settings and ensure you’re taking advantage of all the on-device protection it offers. LastPass as a case study, it is advisable to confirm the option that locks this application automatically and whenever it is at rest for more than a few minutes they are actively back. You should ensure that the application requires a PIN or biometric authentication to unlock. (For LastPass users, all of these options are in the Security section.)
Mimicking Google, most good password managers now provide an option to analyze all of your passwords and identify that which would be advisable to change. Particularly, the ones that are duplicated or that are not as strong as they should be. That’s another smart move to add to the list of one’s annual audits.
Step 8: Examine your two-factor authentication situation
A single non-strong password is not enough to protect an account — especially one valuable as your Google account. Two-factor authentication mandate that you have to put in a kind of time-sensitive code in addition to your password anytime you try to sign in. Activating the two-factor authentication increases one’s assurance of security and it decreases the probability of anyone being able to intrude and access your data as well as information since the requirement of your password and your physical presence of your phone to generate your code before one can get your data will be reauthentication required.
What about if you don’t yet have two-factor enabled for your Google account? It’s simple, head over to this site to get started. And don’t settle with just Google alone, either: Look into enabling two-factor authentication on any service that offers it, including a suitable password manager, your social media accounts, and any non-Google cloud storage services that you happen to be using. Another application to use as a security gate is using Google Authenticator which is used to generate single-use codes from one’s mobile or you might decide to use a third-party alternative like Authy, which is far more feature-rich than Google’s Authenticator and can run on different devices.
For activation of the Authy application, you must activate the two-factor authentication first, then, open the application and go to the My Account section in the settings, then click on “Application Protection”, ensure that you are using a PIN or fingerprint as a protection backup. After that, go to the Devices section of the same settings menu to check up on what devices are authorized to access the application. Remove any that are outdated and those you longer use.
If you are want to keep your account secure, Google also offers a hopped-up option called Advanced Protection. This requires you to purchase a security key and then use it anytime you wish to sign in to your Google account. It also limits ways in which third-party applications can connect to one’s account.
Step 9: Optimize your lock screen security
Your lock screen is the guard of your Android devices — and there few tasks which you need to put in place to ensure the right security to this. Don’t overwrite this down that it’s just a lock screen. It is way more than how you view it.
Firstly, anyone who gets their hands on your phone could easily see visible information and data. What to do? Think about the kind of notifications you get daily and how much of that information you want to be visible on your lock screen. If you are the type who does not like to dispose of any means of information of any kind, just navigate through to the Display section of your system settings after that select “Lock screen” or “Lock screen display.” (This may vary on devices depending on one’s mobile; all you need to do is just to navigate through the Security section or within a special “Lock screen” section of the settings to find a similar option.)
There, you’ll find the necessary tools for controlling precisely what will and won’t be shown in your pre-authentication area as well as creating a security-minded message that’ll always appear on your lock screen — for instance, you might decide to activate: “If found, please contact Janson Stone at +1340981587.” You might even decide to add an emergency contact into your settings and then use the lock screen message to direct any stranger who happens to find the lost mobile.
For Android 9 or higher users, there is an option called lockdown mode, which is well worth activating. Once this has been enabled, it gives you a fast way to lock your phone down from all biometric and Smart Lock security options — meaning only a pattern, PIN, or password could get a person past your lock screen thereby navigating into your device.
To talk of the advantage, should in case you find yourself in a situation where you are to be forced to unlock your phone with your fingerprint or face — be it by some sort of law enforcement agencies or just by a regular tout, provided you had activated the lockdown mode. Then, you can rest assured that your data couldn’t be accessed without your explicit permission. The most incredible thing is that not even notifications will pop up on your lock screen when this mode is activated, and this high level of protection will remain in place until you manually unlock your phone (even if the mobile device is being restarted).
If you are fortunate to be a user of some device. Here’s a catchy thing, you are a determining factor to the activation of the option ahead of time for it to be available. Note that doing this takes a couple of seconds: On the same “Lock screen” section page on your system settings, just activate the toggle next to “Show lockdown option” — or tap “Secure lock settings” and then “Show Lockdown option,” This is particularly for Samsung devices — and then you are good to go without any fright of strangers intruding your privacy without the owner’s consent. (should in case you don’t see any option of a sort, it might happen that you are using a recent Android version that enables itself by default.)
However, if the need ever arises, just remember this: In your phone’s power menu, together with the regular options for restarting and shutting down your device, you’ll always find a button to activate that “Lockdown” function. You might not need but in case of unforeseen circumstances.
And with that, guess what? You’re almost done with the annual checkup which you need to set up in place. Not too difficult so far, right? I guess I have a positive response from you. Yippee! There are just six more steps to go…
Part III: Device access
Step 10: Erase your list of connected devices
Whenever you log on to a device using your Google account – whether it is by an Android phone, using a Chromebook, or just using the Chrome browser on a regular PC such a device is automatically added to an approved for access list and it is associated with such a personal account.
Click on this page in your Google’s security settings to see your list of devices. Should in case you see old devices that you no longer use, click on them sequentially and click on the “Sign out” button that pops up to ensure that they longer have access to your account. In situations when you see devices you have never used, remove them right away and go on to change your account password immediately
Step 11: Erase devices in your Play-Store application
Although this step here isn’t directly related to security, it is advisable to do this alongside; go to Google PlayStore settings and take a look at the list of your available devices. These are the devices that pop up a list of options every time you install a new application from the PlayStore web interface and also they are the devices that show up as options in Google’s Find My Device unit.
Go on and uncheck the box beside “Show in menus” for any devices you no longer use and if you happen to have any devices with and cryptic codenames, click on the “Edit” button to rename them to what you can recognize.
This will give you a much smoother experience the next time you download an application or remotely locate one of your devices.
Step 12: Ensure that your device is prepared for the worst
You might be thinking of cases where you happen to lose your Android device. Well, it’s simple. Although, you might not have noticed the truth is that Google itself has its utility for tracking, finding, and remotely wiping off a lost Android device – this is an in*-built function in the operating system.
What to do is just to ensure that this is being activated before it’s too late. Just go to the Google section on the device main settings setup, then, click on “Find My Device,” and ensure that the toggle at the top of the “find my device” option is activated.
Then, bookmark the web version of your Find My Device, or you can simply download the application via Chrome or any other means compatible with your device. There are circumstances where you might not find your phone. Click on the service or do a Google search for “Find My Device” in any browser you are using. After that, you will be able to know what went wrong with the missing gadget.
You can also enable the device to ring as well as remotely lock it or erase that.
Step 13: Have a thought about whether to use VPN
It is evident that no matter how secure your claim your mobile is, your information can still be intruded via an insecure network. This is where virtual private networks or VPNs are likely to come in. They assist in encrypting all of your incoming and outgoing data so that no man can alter or see what one is doing at the network level.
VPNs are not a tool that everyone needs, but for users who run a business or keep some personal material, then, such a person is best advised to have one – if you are the type who uses a lot of open Wi-Fi networks.
Here’s a good list of VPNs
- Private Internet Access.
For users using Google Fi wireless service. This provides an option to automatically encrypt all your network connections through Google’s VPN service. All you’ve to do is to activate it.
Part IV: Final considerations
Step 14: Ensure you have done your virtual estate planning
Unpleasant things happen, right? I believe we can all attest to this and it is best to prepare for any sort of unforeseen circumstances: If something bad happens to you, are you willing to give room for someone else to be able to access your Google account and all the data therein? Take thought to think about this. If your response is positive, then, let’s get on with how to enable that. Otherwise, you can skip this step.
To do this, go to this page and set up Google’s Inactive Account Manager. This system detects your inactiveness for a certain duration of time be it – three months, six months, a year, a year and a half depending on how you set it up and it then notifies the friend or loved one whom you had chosen and gives them the access to your account. You can even decide to set up an auto-reply to kick in for your Gmail account (lol, this looks kinda creepy though), and you can decide to allow Google to delete your account after a specific time which you must have set has passed.
Before you decide to use Google’s inactive account manager, one needs to be extraordinarily cautious, with numerous conditions to be put in place which one might decide to include an option to try to contact the original user of that account (You) via SMS and email a month before your inactivity goes into play.
Services like LastPass offer a similar system for setting up emergency access to your account.
Step 15: Perform a general Google security check-up overview
Take a chill pill: We’re almost done! This penultimate step will take you through a broad security check that will look for the remaining weak points in your Google account and run a security checkup for your Android device prompting you to fix them right away.
The process is as follows; go to the Google security site and note any issue it presents. It will confirm that you’ve successfully performed all of the actions we have discussed above and look for other rooms which need to be improved. Consider it and do as directed.
Step 16: Think diligently about third-party security suites
Here comes the last step. Now that you have ensured that your Android security is shipshape. The next thing to put in place is any third-party security suites (be it that you install it or it came preinstalled on your mobile phone or tablet) noting what they are adding to your device. A list of such programs is Lookout, Avast, Norton, McAfee, AVG.
After verifying that your device is protected. It is a smart move that monitors the type of applications the user download. The Operating System (OS) lookout for SMS-based scams while the Chrome for Android browser keeps an eye out for web-based threats too.
Beyond all these, your Android devices are enrolled in a sophisticated cross-platform system for remotely tracking, pinging, and erasing as it is being needed. And all these happen on a platform level.
Now, there goes the question that stumbles on your mind; does the third-party security suite do anything redundant and unnecessary on the mobile phone? Is it eating up system resources and impacting performance for no reason? Even at the expense of costing you money, you ought not to spend, and is it, in reality, accomplishing anything of value that your Android device itself is not already handling in a more precise way?
The answer is no. But an extra security layer makes you feel safer. Although, if you had painstakingly completed the step of this checkup, then, there’s no reason why you need it. (Sincerely, some privacy and security applications are really worth it) and the above-listed options are quite a number of outstanding ones.
Now, after the completion of this, we are done with the checkup. We should not forget that this should be part of our habit yearly. These areas that have just been covered are constantly evolving and an annual checkup is the best way to ensure you are also in tip-top shape.