Android Anti-Virus or App Manager?

Tuesday, May 17, 2011, 10:54 AM


Shouldn't I protect my Android device from viruses, just like I do my PC?

 Android security and Personal Computer security are not the same and should not be addressed in the same way. Because of the “secure and “sandboxed architecture of the Android Operating System, many of the “traditional threats that are associated with Personal Computers are not valid or relevant to the Android Operating System. The threat properties of “self propagation, “spreading, “infecting the Operating System or “corrupting other files and programs are nonexistent in the Android Operating System. This does not mean, however, the device is “completely immune to threats.

Threats to the Android Operating System do exist, but not in the same form typically associated with Personal Computers. The threats to the Android Operating System are associated with the “installation and “running of “Malicious Applications. “Malicious Applications are programs that do “work that the user did not intend or have knowledge of. “Malicious Applications are installed by users in the same form “other applications are installed. Unlike a Personal Computer, “Malicious Applications cannot be installed on an Android device without the user's consent.

To help users avoid installing “Malicious Applications or applications that do things that the user does not approve, Google has created a “registration of intent process and screen. This screen tells the user that an application will have “access to specific information or services on the phone or tablet.   For example, when installing an “email client the installation could inform a user that, “This application will have access to, an Internet connection, the contacts stored on the phone, and the 3g of 4g data connection. The purpose of the field is to tell users “what the application will do. Unfortunately most users have no idea what this screen is telling them, and many users never bother to read the screen and just tap continue or install. There is also no penalty or action taken against application developers that misrepresent an application's “intent during the installation process. In short, this step does little to prevent the installation of a “Malicious Application on an Android device.

The solution to protecting an Android device from “threats is the implementation of an “Application Manager. In its simplest form an “Application Manager can control which applications are added or run on the device, eliminating the introduction of threats found within “Malicious Applications. For an “Application Manager to be effective it needs to provide 3 important features.

  1. Audits and reports showing the applications installed on the Android device
  2. Controls to allow or limit the “locations from which applications can be downloaded and installed.
  3. Controls for which applications can or cannot be installed or run

Persons concerned with securing Android devices should focus their efforts in purchasing and implementing an “Application Manager instead of a “Malware or Anti-Virus solution. An “Application Manager will not only provide the necessary security, but will give users “management tools and introduce DLP “Data Loss Prevention features to help ensure a fully “protected experience.