android device hardening
TRANSCRIPT
![Page 1: Android Device Hardening](https://reader033.vdocument.in/reader033/viewer/2022042522/55a941db1a28ab105d8b471a/html5/thumbnails/1.jpg)
Google Android Hardening Checklist
![Page 2: Android Device Hardening](https://reader033.vdocument.in/reader033/viewer/2022042522/55a941db1a28ab105d8b471a/html5/thumbnails/2.jpg)
Forget Wi-fi Networks
By default, an Android device will remember and
automatically rejoin networks that it has previously
associated with.
…….but unauthenticated Wi-Fi network
may be spoofed and then automatically
joined.
Further….if previously joined network has a
common SSID, such as “test” or “sample”, the
device may encounter an untrusted instance of a
same-named Wi-Fi network and automatically join
it.
![Page 3: Android Device Hardening](https://reader033.vdocument.in/reader033/viewer/2022042522/55a941db1a28ab105d8b471a/html5/thumbnails/3.jpg)
Location Services allows installed applications and visited websites the ability to request your current location.
Turn off Location Services
Once access is granted to an application, the application may request the data again at any time
with no further notification to users
![Page 4: Android Device Hardening](https://reader033.vdocument.in/reader033/viewer/2022042522/55a941db1a28ab105d8b471a/html5/thumbnails/4.jpg)
Limit the number of SMS
& MMS saved
For high security environments, limiting the number of SMS and
MMS messages saved per conversation thread may reduce the
likelihood and scope of information disclosure in the event the
device is lost or compromised.
![Page 5: Android Device Hardening](https://reader033.vdocument.in/reader033/viewer/2022042522/55a941db1a28ab105d8b471a/html5/thumbnails/5.jpg)
The issue is that anyone can run a wireless hotspot and, joining a poorly configured or insecure network could allow a malicious user on that same network to intercept, capture, and alter any network traffic sent by a user.
Disable Network Notification
By default, Android devices will automatically present a list of detected wireless networks from an icon in the status bar that users may attempt to connect to
when no networks that have previously been connected to are available.
![Page 6: Android Device Hardening](https://reader033.vdocument.in/reader033/viewer/2022042522/55a941db1a28ab105d8b471a/html5/thumbnails/6.jpg)
Update Operating System
to the Latest version
![Page 7: Android Device Hardening](https://reader033.vdocument.in/reader033/viewer/2022042522/55a941db1a28ab105d8b471a/html5/thumbnails/7.jpg)
Do not ROOT the device
One should understand that by rooting device, you
are taking on increased responsibility for securing the device and protecting from malicious software.
![Page 8: Android Device Hardening](https://reader033.vdocument.in/reader033/viewer/2022042522/55a941db1a28ab105d8b471a/html5/thumbnails/8.jpg)
Do not install Applications from Third
Party App Stores
Installing applications from other sources is riskier since
there is no way of knowing how the stores are managed and whether or not the applications available in it
can be trusted to not be malicious in nature.
![Page 9: Android Device Hardening](https://reader033.vdocument.in/reader033/viewer/2022042522/55a941db1a28ab105d8b471a/html5/thumbnails/9.jpg)
Enable Device Encryption
This protects the data stored on the device from unauthorized access in the event that it is lost or stolen.
When enabled, Android uses your passcode or password to generate an encryption key that is then used to encrypt the device.
This passcode/password is then required every time the
device is powered on.
![Page 10: Android Device Hardening](https://reader033.vdocument.in/reader033/viewer/2022042522/55a941db1a28ab105d8b471a/html5/thumbnails/10.jpg)
Disable 'Developer Options'
When enabled, it is possible to completely control a device through this interface.
Android provides a number of features that allow developers to interact with the
device through the built-in USB power/data port to change its behavior,
read and modify local storage, and issue commands.
![Page 11: Android Device Hardening](https://reader033.vdocument.in/reader033/viewer/2022042522/55a941db1a28ab105d8b471a/html5/thumbnails/11.jpg)
Use an Application/Service to
provide Remote Wipe functionality
Many third party applications provide this functionality. Some options include Norton Mobile
Security, Wave Secure, Lookout, Security Shield, and Theft Aware.
![Page 12: Android Device Hardening](https://reader033.vdocument.in/reader033/viewer/2022042522/55a941db1a28ab105d8b471a/html5/thumbnails/12.jpg)
Enable Android Device Manager
Android Device Manager is a free service provided by Google that allows users to track and remotely lock or erase an Android device.
A free Google account is required to use this service
http://www.androidauthority.com/android-device-manager-579966/
![Page 13: Android Device Hardening](https://reader033.vdocument.in/reader033/viewer/2022042522/55a941db1a28ab105d8b471a/html5/thumbnails/13.jpg)
Set a PIN and automatically lock the
device when it sleeps
A PIN (or a password) is more secure than a pattern as patterns can be trivially observed by people around you and there have been cases of using the fingerprint smudges on devices to derive lock-screen patterns
Setting a PIN prevents casual unauthorized access to a device.
![Page 14: Android Device Hardening](https://reader033.vdocument.in/reader033/viewer/2022042522/55a941db1a28ab105d8b471a/html5/thumbnails/14.jpg)
This option automatically locks the device after it has been inactive for the specified amount of time.
Set Auto-lock Timeout
![Page 15: Android Device Hardening](https://reader033.vdocument.in/reader033/viewer/2022042522/55a941db1a28ab105d8b471a/html5/thumbnails/15.jpg)
This feature controls whether passwords are displayed as they are entered. Disabling this feature increases security by making it harder for people in close physical proximity to learn your passwords by observing you interact with your device.
Disable 'Make Passwords
Visible'
![Page 16: Android Device Hardening](https://reader033.vdocument.in/reader033/viewer/2022042522/55a941db1a28ab105d8b471a/html5/thumbnails/16.jpg)
Android does not natively provide this functionality, but there are a number of third party applications, some of which were mentioned earlier, which can.
Erase Data Upon Excessive
Passcode Failures
Since excessive passcode failures typically indicate the device is out of your physical control, having the device automatically erase may protect the confidentiality of information stored on the device.
![Page 17: Android Device Hardening](https://reader033.vdocument.in/reader033/viewer/2022042522/55a941db1a28ab105d8b471a/html5/thumbnails/17.jpg)
These warnings could indicate that communications between your computer and the site's server are not secure.
Show Security Warnings
For Visited Sites
This feature will warn you of common security problems, such as invalid or expired SSL
certificates, affecting the web sites you visit.
![Page 18: Android Device Hardening](https://reader033.vdocument.in/reader033/viewer/2022042522/55a941db1a28ab105d8b471a/html5/thumbnails/18.jpg)
Automatically filling in web forms could result in the unintentional disclosure of sensitive data to unauthorized people.
Disable 'Form Auto-fill'
![Page 19: Android Device Hardening](https://reader033.vdocument.in/reader033/viewer/2022042522/55a941db1a28ab105d8b471a/html5/thumbnails/19.jpg)
Bluetooth should be enabled only when it is actively being used.
Turn Off Bluetooth When Not In Use
![Page 20: Android Device Hardening](https://reader033.vdocument.in/reader033/viewer/2022042522/55a941db1a28ab105d8b471a/html5/thumbnails/20.jpg)
The slides only give out few steps to Harden your
Android Device.
It takes a lot many other things to secure it further..perhaps Google for that please.Ref from https://wikis.utexas.edu/display/ISO/Google+Android+Hardening+Checklist
![Page 21: Android Device Hardening](https://reader033.vdocument.in/reader033/viewer/2022042522/55a941db1a28ab105d8b471a/html5/thumbnails/21.jpg)
Contact me :
[email protected]://about.me/anupam.tiwarihttps://www.youtube.com/user/anupam50/videos
Ref from https://wikis.utexas.edu/display/ISO/Google+Android+Hardening+Checklist