Due to the large success of Android operating system and an rising number of installations
worldwide (nearly 75% in Europe) there is also an increasing number of threats based on
Malware and Spyware.
One example for such a Spyware is the Remote Administration Tool (RAT) "Dendroid" whichwas
identified in March 2014. This software was embedded into a normal App and was offered inside
the Googe Play Store.After installation of Dendroid the program was able to take over the control
about Camera, Microphone and so on.
In order to prevent such a misuse for Maxwell phones it's the goal of this document to
provide a guideline for information security procedures. According to this the document defines
the most important measures for Android hardening.
1. Update firmware and operating system to the latest version
Gigaset is always working to improve the reliability and security of the complete product portfolio.
This means that the phone firmware is permanently enhanced to face threats like malicious software.
Thus it's absolutely recommend to keep the device firmware always up to date.
For the same reason it's best practise to keep also the operating system up to date.
2. Installation of a Virus and Trojan scanner
Despite all security procedures the likelihood is quite high to get malware or spyware. To detect
these threats it's crucial to install a Virus and Trojan scanner. By means of these programs the
system has got the ability to find and remove malicious software.
3. Don't root the device
The shipped Gigaset Android devices has got no "root" administrator permissions. However, the
internet offers a lot of software to obtain these rights and to adjust the own device in a deep level.
Please be aware that these changes incorporates a lot of risks.
Due to this it's not permitted to conduct such changes. Rooting administration of a device
affects the lost of all Gigaset warranty.
4. Usage of Google Playstore
It's recommend to use only Google Playstore and to disclaim for the usage of third party App stores.
Nevertheless it's necessary to respect certain security rules for the Google Playstore download.
It's a best practice to check the trustworthy of each software . This can be done by a
App rating check. Negative ratings and comments should be considered. If ratings or comments are missing
the customer should balance the benefits and risks in terms of the new software.
5. Restriction of permissions
The level of permissions should be respected for each App installation. Not each application needs
the access to the internet or to special hardware like cameras or other service resources.