Android smartphone manufacturers fail to patch vulnerabilities

BANGALORE, INDIA: Smartphones have become an utmost necessity and security of the device is critical with all the valued information stored in it. While smartphones eases many of our works while on the go, it inevitably enhances the risk factor and the vulnerabilities. Govind Rammurthy, MD  and CEO, eScan, makes the understanding easier on which OS  provides more security  and what are the simple steps users can take to avert risks.

CIOL: Which of the mobile platforms (iOS, Android, Windows) provide a better security?

Govind Rammurthy: iOS is designed with advanced security technologies that offer enterprise-grade protection for corporate data while maintaining a great user experience. This comprehensive approach to security allows end-to-end control of devices, data and apps as well as keeps employees focused on being productive. Due to this, iOS provides a much more robust smartphone experience and also due to the fact that all updates are centrally managed unlike with Android / Windows wherein providing security updates for the disclosed vulnerabilities is at the sole discretion of the mobile phone manufacturer.

CIOL: Security risks in Android devices have been surging. What are the main reasons for this vulnerability?

GR: The main and the only reason is that Android OS is preferred by majority of smartphone manufacturers. However, these very manufactures fail to push / patch up the vulnerabilities discovered and published by the Core Android Development Team.

CIOL: Can you suggest few simple steps that the mobile users can do to avert the risks?

GR: The need of every smartphone application is the need for access rights, as a user, one should exercises their right to verify the actual functionality required vis-à-vis the access rights demanded by the application. In majority of the cases, it is the access rights which have played havoc. Moreover, users should consider the below mentioned tips:

• Use a pin, password or pattern to lock your phone.
• Always turn-off Wi-Fi and Bluetooth on your phone when not in use. If kept on all the time, cyber criminals may use them to connect to your device and access files.
• Always download apps only from trusted stores. Do check for ratings and reviews if they are available. Even read the app’s privacy policy to see exactly what phone features it will have access to if you download.
• Make sure that your operating system and apps in the device are always updated. This helps to enhance security.
• Always keep back-up of your data as it would help protect and restore your important information in case device is lost or stolen or facing technical issues.
• After using online banking or shopping services, log out of sites once your transactions are complete.
• Never store your usernames and passwords on your phone and avoiding transactions while you are on public Wi-Fi.

CIOL: How well, has the security issue been tackled in Android Lollipop?

GR: Android Lollipop has introduced some new security features that are based on user’s usage patterns which are a great thing. However, it should not happen that in favor of pleasing the end-users, some of the basic security requirements are forgotten. Moreover, the new features which have been introduced they themselves should not have any bugs residing within them.

CIOL: In what ways, how do you think the mobile companies can enhance the security in their devices?

GR: The only way mobile manufacturers can enhance the security in their devices is by providing critical updates as and when they are available and push them into the handsets.