Android is an inherently open operating system which allows users to do more especially in terms of customization which sets it apart from iOS. I’m not saying this to bash iOS, I’m just pointing it out. Both Android and iOS have their positives.
Due to the open nature of Android, the operating system was designed with robust security controls in order to protect users. There are multiple layers of security that are built right in to protect us Android users. Let’s take a closer look at these security features and also examine whether an antivirus is needed.
Built-in Android Security Features
To put things into perspective, let’s first look at the Linux Kernel. Android is built on top of the Linux Kernel. All code built on top of the Linux Kernel is restricted by the Application Sandbox. A sandbox controls the behavior of a software, preventing potentially harmful actions unless allowed by the user.
Below is a diagram illustrating the components built on top of the Linux Kernel.
Security Program Overview
Android has always been under the scrutiny of several parties throughout the development processes of the various versions of the operating system. They examine the Android ecosystem and address weak points.
Some of the major components of the Android security program as outlined on the Android website are as follows:
- Design review: In this part of the process, the platform is reviewed and a viable security model is designed and reviewed.
- Penetration testing and code review: In this part of the process, the Android Security Team along with Google’s information Security Engineering team as well as independent security consultants closely scrutinize both android-created and open source components for weaknesses.
- Open Source and Community Review: The Android Open Source project facilitates the review of security measures by interested third parties. Additionally Google Play offers a forum where information can be provided directly to users about specific applications.
- Incident Response: In the event that the previous components of the program fail there is an Android security team which operates full time, constantly monitoring for threats. They will respond and make the necessary adjustments in the event that a threat is detected.
Key Security Features of The Android Platform
Android provides several security features in order to protect user data and system resources as well as to isolate the allowed actions of an application. In order to achieve these objectives, Android ensures the following:
- Sturdy security is provided at the level of the operating system via the Linux kernel
- A mandatory application sandbox is enforced for all applications running on top of the Linux kernel
- Interprocess communication is secure
- Applications are signed
- Permissions are defined for applications which must then be granted by users
Where Is Security Most Likely To Breakdown?
Considering all of the information above, Android seems pretty solid, but despite this we know that there have been instances of malicious content affecting android. So the question must arise then; how do devices get compromised by these threats?
Well, the short answer is that users are the weakest link in the Android security chain.
Android is quite secure on its own but users have the ability to allow apps from third party sources to be installed on their devices thus letting in threats. In addition, apps require users to agree to grant certain permissions to apps. Sometimes these apps request unnecessary permissions which are used for malicious purposes if persons accept them.
How You Can Protect Yourself
In order to protect yourself against threats to your Android device’s security you should avoid installing apps from third party sources. In short, avoid installing apps that don’t come directly from Google Play Store. Third party applications are not submitted to the same security measures as apps sourced through the Google Play Store.
In addition, review app permissions each time you install an app. For instance, if a PDF reader app requests permission to access your Phone and Contacts then maybe you should be a little suspicious. This app might be trying to maliciously gain access to your information.
Finally you should also protect your Android device with competent Antivirus software. If you take the necessary precautions, with the high level of built in Android security your risks will be small but don’t take the chance. Your antivirus should be able detect any malicious content in the event that it makes it through the safety net.
The answer is therefore yes. Your Android device does need an antivirus. As careful as you may be and as secure as Android might be, there is still a small chance that malicious software could break through the Android safety net. This may be due to lack of due diligence on the part of the user or it might actually be a defect in the Android software. Regardless of the source of the threat, an antivirus should definitely be part of your plan for keeping your device secure.