Essential Guide

Tips and tricks for ensuring mobile data security

A comprehensive collection of articles, videos and more, hand-picked by our editors
Q

Android malicious apps: How to tell secure Android apps from malware

Distinguishing malicious Android apps from clean ones can be tough, particularly for users with little security savvy. Expert Nick Lewis gives advice.

A recently discovered Trojan for Android led Google to say it would "take steps" to ensure malware didn't end up...

in the Android Market in the future. Whatever steps those may be, it's highly likely there are tons of malware-laden mobile apps out there. Are there any best practices for detecting clean apps from infected ones? Is there a simple strategy we can communicate to corporate users to help them pick clean apps?

The recently discovered DroidDream Trojan wasn’t the first Trojan for Android and wasn’t the first time Google removed malware from the Android Market or from smartphones. The steps Google Android security head Rich Cannings stated the company would take to remove the malware should help minimize the impact on users. As such, it's likely Google is more effectively identifying Trojans -- or any Android malicious apps -- and removing them from their Marketplace.

One way to determine whether an app may be malicious is to check the feedback on applications from other users. However, users will still need to minimally evaluate applications when installed to see if they are granting access to too much on the local system.

Best practices for detecting secure Android apps from infected ones are still emerging, but users should use extreme care when installing applications from outside of trusted marketplaces. A simple strategy that you could communicate to enterprise users as a part of your smartphone security awareness policy would be to use trusted marketplaces only and to have users check with a third party that evaluates applications for security. The Veracode directory lists applications they have approved, and the directory is expanding across mobile applications and to other similar vendors who rate applications like NSS Labs Inc. or West Coast Labs. Enterprises could also deploy antimalware software to users' smartphones that could prevent malicious applications from getting installed.  These additional security tools add processing overhead to the operations and management of the smartphone, however, you should weigh the risks and benefits.  

This was first published in August 2011

PRO+

Content

Find more PRO+ content and other member only offers, here.

Essential Guide

Tips and tricks for ensuring mobile data security

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchEnterpriseDesktop

SearchVirtualDesktop

  • VDI assessment guide

    Wait! Don't implement VDI technology until you know your goals and needs. A VDI assessment should consider the benefits of a VDI ...

  • Guide to calculating ROI from VDI

    Calculating ROI from VDI requires a solid VDI cost analysis. Consider ROI calculation models, storage costs and more to determine...

  • Keep the cost of VDI storage under control

    Layering, persona management tools and flash arrays help keep virtual desktop users happy and VDI storage costs down.

SearchVMware

SearchCIO

SearchSecurity

Close