Galaxy S10+Source: Android Central

Your Android phone is a tool. Sure, you can have a lot of fun with it or find ways to pass the time, but a modern smartphone is one of the most productive pieces of equipment you can buy. And with so many of us working from home right now, it's important to keep things safe and secure if you have any business happening on it.

Thankfully, that's really easy. With a few simple tools and some common sense about how you do things, your phone will stay safe and protected against malware and hackers.

Use a Malware scanner

Play ProtectSource: Android Central

There are no viruses for Android, and there can't ever be. But that's really just semantics — there is malware out there for every smart device and your Android phone is no different.

Best VPN providers 2020: Learn about ExpressVPN, NordVPN & more

Google takes a very active role when it comes to policing malware in the Play Store. You'll hear about apps that fell through the cracks, but when you consider over two billion active users and over one million apps, it's easy to see how Google can't scan everything before someone downloads it. That's why you need some sort of malware scanner of your own that can scan your local files.

A great malware scanner is already built into your phone.

The good news is that this is really easy to do because the best one available is already built into your phone: Google Play Protect. It scans files regularly to identify known threats as well as read app heuristics (a fancy word for taking a look at what an app can do) without any intervention.

If you want to trigger a scan manually, you can open the Play Store app and find Play Protect in the menu. You can install a second malware scanner if you want to, but you don't really have to do it unless you've disabled Play Protect. And you shouldn't!

Use a VPN

VPNSource: Android Central

A VPN acts as a secure and trusted middleman between you and the public internet. The things you download and the things you upload go through a VPN that encrypts things both ways if they weren't encrypted to begin with, masks your actual device identification and location, and most will keep all this information private.

More: The best VPN in 2020

Most reputable VPN companies have a dedicated Android app so using one is simple — install the app and sign in with your username and password, then enable the VPN whenever you want to use it.

Use two-factor authentication

2FASource: Android Central

Most cases of user "hacking" over the internet are done using a technique called phishing. That's when someone tricks you into supplying a username and password for a real service to them so they can take over your account.

If a service doesn't offer 2FA, email them and ask why.

Two-factor authentication pretty much puts this to a stop because even if you supply the right password the first time you use any service that has it enabled, you also have to provide another form of identification like a code through an authenticator app.

Many services including banking, social media, and email providers offer two-factor authentication and you should be using it whenever you can.

Use a secure lock screen

Using the fingerprint sensor on the Galaxy S10Source: Android Central

When your phone screen goes off, whoever picks it up next — including you — should have to provide some sort of credentials to get past the lock screen. That might be a passcode, a pattern, a fingerprint, or a facial scan.

An unlocked phone is like leaving the keys in your car.

This makes sense no matter how you use your phone. You don't want someone who finds (or steals) your phone to have full access to everything on it, and you probably don't want your kids or your roommates to peek into it all, either.

The only way to prevent this from happening is to secure your lock screen. Do it right now before you forget if you need to!

Stop clicking every link

Never, ever click a link created by a link shortener unless you know 100% that the people or person who sent it to you are trustworthy. In fact, stop clicking any link unless you have complete faith in the sender.

Never get RickRolled (or web malware) again.

Link shorteners are handy. They can be easy to remember and they help a business keep track of how many people clicked it. But they also mask the real URL by default so you have no idea if that t.co Twitter link is going to something you wanted to see or if someone wanted to trick you into believing just that.

This goes for social media, email, your favorite messenger and every other way a person can send or forward a link.

Stick to Google Play for all of your apps

Google Play StoreSource: Joe Maring / Android Central

There are a lot of ways to find apps for your Android phone, and sideloading them is really easy. But unless you really know what you're doing, stick to Google Play for your Android apps.

Google not only scans apps for malware, but it will also pull really bad apps off of your phone if it finds them. Yes, Google does have guidelines for apps through its store so technically it censors results. But unless you really want something that violates Google's simple terms for the Play Store, you'll never know.


These tips are important for everyone, but when you also have your boss's information stored on your phone they all go double. Your work might have even stricter policies you need to adhere to, and there could even be a device policy installed that enforces rules remotely through your company's IT department.

Either way, these tips will keep you safer whether you're working from home or not!