Get started Bring yourself up to speed with our introductory content.

Android security features protect against constant threats

Android's popularity makes it a prime target for hackers and attackers. Fortunately, there are plenty of security features to keep devices safe.

Android faces constant security threats because of its popularity and flaws inherent to its structure.

While Android remains the most popular mobile operating system (OS), it's also been criticized for issues related to security -- particularly regarding app-level malware. The fundamental openness of Android and its popularity serve as a magnet for cybercriminals. As a result, Google has implemented robust, layered Android security features.

Built-in security

Android is Linux-based and derived from Unix, which introduced a wide variety of security mechanisms that are still in use today. Among the most important of these features are file system permissions and file system encryption. File system permissions prevent applications from accessing areas of the file system that they do not have access to, while Android disk encryption, which is enabled with a password, uses a kernel-level Advanced Encryption Standard (AES) algorithm to protect key OS elements from those without proper access. Android has a safe mode, which disables third-party applications for troubleshooting purpose, if all else fails. Android also includes Security-Enhanced Linux Enforcement, which moves OS security to the kernel layer and requires apps to abide restrictions set at that level, for additional protections.

Building on the security features native to Linux systems, Android offers application sandboxing. Sandboxing is when an OS isolates apps as separate processes from each other, typically through app wrapping in the case of mobile devices. This isolation protects the apps from any errant behavior in other apps, like the opening of malware. Android also supports a wide variety of APIs and security protocols, including AES and RSA for encryption, the Digital Signature Standard for authentication, SHA cryptographic hash functions and Secure Sockets Layer (SSL)/ HTTP over SSL.

The Android team has overall done a great job establishing and maintaining an environment, and even culture, of security. System administrators and users who take advantage of security best practices should have no problems integrating Android devices into secure network environments. As always, education, support, security policy and centralized management are necessary to ensure users know which apps are safe to install and give privileges to.

The latest Android security features

The next Android release, known as Android 5.0 Lollipop (formerly Android L), includes Android for Work, a number of features designed to enhance the appeal of the platform in business environments. Android for Work offers some mobile content management and mobile application management features, including elements of the Samsung Knox security platform. An excellent argument can be made for the inclusion of enterprise mobility management functionality directly into the OS, where hackers will have a much more difficult time working their evil; basic device administration has in fact been in Android since 2.2.

With Android's popularity, it's a sure bet that the hacker community will continue to poke at every API and test every limit of the operating system. In some ways, this experimentation is actually encouraging. One of the benefits of an open source platform is the more rapid identification and resolution of bugs and vulnerabilities. But even with the benefits of experience and the enhancements to Android security features in Lollipop, IT organizations must remain ever vigilant and current in their knowledge of threats, best practices and their own security policies and procedures.

Dig Deeper on Enterprise mobile security

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

What do you think of Android's security features? What security features would you like Google to add?
At this point, even with the new security additions and features, the Android mobile OS still seems very vulnerable. As such we do not use Android devices for our mobile end users. Google needs to add a dual authentication process for sign in and access, and should begin to use pass phrases versus codes and begin to implement new tech that uses scans and other forms of authentication.