1. Password Protect your device.
Set a password and screen lock so that nobody can access your mobile device. Set you phone so that if a unauthorised person enters too many incorrect password the phone will automatically wipe all data. This will help to prevent the private data on your mobile phone from getting into the wrong hands.
2. Hardware Encryption
Android phones doesn’t have any hardware encryption. So you should not store any sensitive emails or information on your Android phone. There are several third party encryption app that you can use on your mobile phone. One good encryption app is "Keeper Password & Data Vault" for storing passwords and information.
If you connect your android phone to an Exchange server you should use a app like "Touchdown" to encrypt your email, calendar and contact info that is stored on the Android mobile device.
3. Remote Wiping
Android supports automatic and remote wiping.
To remote wipe you need to use third-party apps, this feature is possibly via the security policies on a Microsoft exchange server.
4. Virus Risk
Android devices are more at risk to viruses and intrusions than iOS devices , due to the openness of the platform. There are several anti-virus and security products on the market, one of the best I have come across is Trend Micro Mobile Security.
5. Rooting Android devices (not recommend)
More info on Rootin Android Devices
More info on Keeper Password and Data Vault here.
More info on TouchDown here.
More info on Lookout Mobile Security here.
More info on Trend Micro Mobile Security for Android here.
Search the internet and you will find a lot of great tutorial on rooting your android devices but, how many of these tutorial will highlight the fact that by doing this you are compromising the security of your android device.
How many times have you downloaded a application or game that has the all or some of the following requirement like full Internet access, GPS location, Read Contacts, etc… STOP and think, why would a game or simple app require this type of functionality or access.
As soon as you grant these rights to an application, there is very little you can do to stop them sending all of your contacts information across the internet, etc… .
Even non-root applications can be harmful so image the risk of rooted application
What might a malicious root application do? or Maybe I should re-ask the question – What can a malicious root application not do?
Example of some of the things a malicious root-enabled application could do:
This is just some of the list, I don't believe I need to build a long list to highlight the danger