You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »


Introduction

 

Due to the large success of Android operating system and a rising number of installations

worldwide (nearly 75% in Europe) there is also an increasing number of threats based on

Malware and Spyware.

 

One example for such a Spyware is the Remote Administration Tool (RAT) "Dendroid" which was

identified in March 2014. This software was embedded into a normal App and was offered inside

the Googe Play Store.After installation of Dendroid the program was able to take over the control

about Camera, Microphone and so on.

 

In order to prevent such a misuse of Gigaset Android phones it's the goal of this document to

provide a guideline for information security procedures. According to this the document defines

the most important measures for Android hardening.

 

 

Security Guidelines

 

1. Update firmware and operating system to the latest version


Gigaset is always working to improve the reliability and security of the complete product portfolio.

This means that the phone firmware is permanently enhanced to face threats like malicious software.

Thus it's absolutely recommend to keep the device firmware always up to date.

 

For the same reason it's best practise to keep also the operating system up to date.

 

 

2. Installation of a Virus and Trojan scanner

 

Despite all security procedures the likelihood is quite high to get malware or spyware. To detect

these threats it's crucial to install a Virus and Trojan scanner. By means of these programs the

system has got the ability to find and remove malicious software.

 

 

3. Don't root the device

 

The shipped Gigaset Android devices has got no "root" administrator permissions. However, the

internet offers a lot of software to obtain these rights and to adjust the own device in a deep level.

Please be aware that these changes incorporates a lot of risks.

 

Due to this it's not permitted to conduct such changes. Rooting administration of a device

affects the loss of all Gigaset warranty.

 

 

4. Usage of Google Playstore


It's recommend to use only Google Playstore and to disclaim for the usage of third party App

stores. Nevertheless it's necessary to respect certain security rules for the Google Playstore

download.

 

It's a best practice to check the trustworthy of each software . This can be done by a

App rating check. Negative ratings and comments should be considered. If ratings or comments

are missing the customer should balance the benefits and risks in terms of the new software.

 

 

5. Restriction of permissions

 

The selection of permissions has got a large impact for the operation of a Android device. Thus it

should be strictly considered which permissions are really necessary and which not.

So the level of permissions should be respected for each App installation. Not every application needs

the access to the internet or to special hardware components like cameras or other service resources.

 

 

 



 

 

  • No labels