Android Hardening Checklist (by UT Austin)

Status
Not open for further replies.

Ink

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Source: Google Android Hardening Checklist | UT Austin ISO

The hardening checklists are based on the comprehensive checklists produced by CIS. The Information Security Office has distilled the CIS benchmark down to the most critical steps for your devices, with a particular focus on configuration issues that are unique to the computing environment at The University of Texas at Austin.

Basic Security
1 Update operating system to the latest version
2 Do not Root the device
3 Do not install applications from third party app stores
4 Enable device encryption
5 Disable 'Developer Actions'
6 Use an application/service to provide remote wipe functionality
7 Enable Android Device Manager
8 Erase all data before return, repair, or recycle
Authentication Security
9 Set a PIN and automatically lock the device when it sleeps
10 Set an alphanumeric password
11 Set Auto-Lock Timeout
12 Disable 'Make Passwords Visible'
13 Erase data upon excessive passcode failures
Browser Security
14 Show security warnings for visited sites
15 Disable 'Form Auto-Fill'
16 Do not automatically remember passwords
17 Disable browser plug-ins
18 Turn on Do Not Track
Network Security
19 Turn off Bluetooth when not in use
20 Disable network notification
21 Forget Wi-Fi networks to prevent automatic rejoin
Additional Security Settings
22 Turn off Location Services
23 Use a third party application to password protect applications with sensitive data
24 Limit the number of text (SMS) and multimedia messages (MMS) saved
25 Disallow cookies in Chrome browser
26 Disable JavaScript in Chrome browser
27 Use TextSecure to encrypt SMS messages

Interesting to check and compare with your Android devices. Please note, not all settings are suitable for all user types.
 

SHvFl

Level 35
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Nov 19, 2014
2,342
Main issue with android is that each manufacturer decides when and if they will update a device which leaves a lot of phones unprotected. For once i want to see google controlling things and pushing all the updates with manufactures having to follow certain rules so updates work. One can dream...
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top