Abstract: New technologies always create new areas of concern for information security teams. Usually early adoption of such products is slow and it allows some maturity to develop in the play store(previously Market), providing time for the development of effective security controls. Indeed often these new devices will be slowly introduced to the corporate/government environment as part of an internal strategy. The rapid growth of the Smartphone play store(previously Market) and the use of these devices for email, online banking, and accessing other forms of sensitive content has lead to the emergence of a new and ever-changing threat landscape. This combined with the fact that anyone can be user has led to smart phones appearing as part of the corporate/government estate before the appropriate controls are in place. Even without these technologies connecting to the corporate/government network, there are security implications brought about by their mere presence in an office environment. A malicious user or malware on the device can create a number of risks for an organisation, and so the fact that these devices are not necessarily connected does not translate to a lack of security risks. This paper will discuss why it is important to secure an Android device, what some of the potential vulnerabilities are, and security measures that can be introduced to provide a baseline of security on Google’s mobile OS.
Keywords: android, security, hacking, smart phones, risks, measures.