PRIVACY GUIDE: ANDROID
INTRODUCTION
As an activist or independent journalist, protecting your privacy and security is extremely important. Your smartphone contains sensitive information about your work, sources, and contacts that could put you or others at risk if it fell into the wrong hands. Android devices have some vulnerabilities that you need to be aware of. This guide provides tips and advice for how to keep your information secure on an Android device.
USE ENCRYPTION
Encrypting your smartphone data is one of the most important steps you can take.
This scrambles all the data on your device so that it is unreadable without your passcode.
Go to Settings > Security > Encrypt Phone and follow the prompts to encrypt your phone.
This means if it is lost or stolen, no one can access your files or apps.
Suggested Reading: https://www.androidauthority.com/how-to-encrypt-android-device-326700/
STRONG PASSWORDS
Don't use simple passwords like "1234" or "password".
Use longer passwords with a mix of letters, numbers and symbols.
Consider using a password manager app that will generate and store strong, unique passwords for each of your accounts.
Enable two-factor authentication where possible for an extra layer of security on important accounts.
Suggested Apps: Bitwarden | Proton Pass
UPDATE SOFTWARE
Always keep your Android OS and all installed apps updated. Updates often contain vital security patches.
Go to Settings > System > Advanced > System Update to check for the latest Android OS updates.
Also periodically check the Play Store for app updates. Turn on auto-update options when available.
AVOID PUBLIC WIFI
Public WiFi networks are easy to intercept.
Never, ever use public or third party WiFi access without using a reliable and reputable VPN (see more on VPN below).
USE SECURE APPS
Be very selective about the apps you install. Stick to reliable app sources like the Google Play store, and conduct your own research for reviews
and expert reports on an app before trusting it. Be especially cautious with messaging apps - use only trusted encrypted options.
Always verify app permissions and only enable what is necessary. Disable unused apps.
Suggested Apps: Signal | Threema | Wire | Session
Suggested Reading: https://www.securemessagingapps.com/
BEWARE OF MALWARE
Malware (malicious software) is an ongoing threat on Android. Be vigilant about not downloading apps from third-party sources outside of Play Store.
Also beware of phishing links sent via SMS or email that try to trick you into compromising your device.
Suggested Apps: Bitdefender | Malwarebytes
DISABLE UNNEEDED SERVICES
Disable any wireless connections like Bluetooth, NFC or mobile hotspots when you are not actively using them. Also turn off smartphone features like USB debugging as they create potential security loopholes.
Limit app permissions so they can only access what is absolutely necessary.
Suggested Reading: https://www.lifewire.com/how-to-manage-android-app-permissions-4797758
USE A VPN
A virtual private network (VPN) encrypts all traffic leaving your device. This hides your IP address and online activities from surveillance. Do you research and only use trustworthy paid VPN's, not free ones.
A VPN also provides an added layer of protection against scammers and identity thieves.
Suggested Apps: Proton VPN
USE TWO-FACTOR AUTHENTICATION
Enable two-factor authentication (2FA) on important accounts like email, banking, social media, and work apps.
2FA requires both your password and a second step like a code sent to your device.
Suggested Apps: Aegis Authenticator
PHYSICAL SECURITY
Use device locking with a password or PIN rather than biometric or pattern locking and set automatic times locks to prevent physical access if your phone is lost or left unattended.
Carry your phone securely in public and don't leave it sitting out anywhere.
BACK UP DATA
Regularly back up important phone data such as contacts, documents and photos. You can use built-in Android backup features, external storage or cloud backups.
This ensures you have copies if your phone is compromised.
Suggested Apps: Proton Drive
Following these tips will help you use your Android more securely. But ultimately, remember it is just a device. Practicing good operational security in how you communicate and share information is just as important as technical smartphone security.
