en/security/best-practices/index.html - platform/docs/source.android.com - Git at Google

 <html devsite>
   <head>
     <title>Android Security Best Practices</title>
     <meta name="project_path" value="/_project.yaml" />
     <meta name="book_path" value="/_book.yaml" />
   </head>
   <body>
   <!--
       Copyright 2018 The Android Open Source Project

       Licensed under the Apache License, Version 2.0 (the "License");
       you may not use this file except in compliance with the License.
       You may obtain a copy of the License at

           http://www.apache.org/licenses/LICENSE-2.0

       Unless required by applicable law or agreed to in writing, software
       distributed under the License is distributed on an "AS IS" BASIS,
       WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
       See the License for the specific language governing permissions and
       limitations under the License.
   -->

 <p>
   This topic contains best practices for device manufacturers to ship secure
   devices to all Android users. The collected best practices cover:
 </p>

 <ul>
   <li><strong>Organizational and operational security</strong>—Creating strong
     security practices in your team and organization.</li>
   <li><strong>System security</strong>—Reviewing and improving core operating
     system and device security.</li>
   <li><strong>Application security</strong>—Reviewing and improving the
     security of apps on the device.</li>
   <li><strong>Network security</strong>—Reviewing and improving the security
     of network communications from the device.</li>
   <li><strong>Hardware security</strong>—Reviewing hardware choices to improve
     device security.</li>
   <li><strong>Privacy</strong>—Enabling user control over the handling of
     their data.</li>
 </ul>

 <p>
   Many recommendations in this section are also detailed in the
   <a href="/compatibility/cdd">Android Compatibility Definition Document</a>
   (CDD). In many instances, these recommendations are detected through tools,
   such as the <a href="/compatibility/cts/">Android Compatibility Test Suite</a>
   (CTS).
 </p>

   </body>
 </html>
	<html devsite>
	<head>
	<title>Android Security Best Practices</title>
	<meta name="project_path" value="/_project.yaml" />
	<meta name="book_path" value="/_book.yaml" />
	</head>
	<body>
	<!--
	Copyright 2018 The Android Open Source Project

	Licensed under the Apache License, Version 2.0 (the "License");
	you may not use this file except in compliance with the License.
	You may obtain a copy of the License at

	http://www.apache.org/licenses/LICENSE-2.0

	Unless required by applicable law or agreed to in writing, software
	distributed under the License is distributed on an "AS IS" BASIS,
	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	See the License for the specific language governing permissions and
	limitations under the License.
	-->

	<p>
	This topic contains best practices for device manufacturers to ship secure
	devices to all Android users. The collected best practices cover:
	</p>

	<ul>
	<li><strong>Organizational and operational security</strong>—Creating strong
	security practices in your team and organization.</li>
	<li><strong>System security</strong>—Reviewing and improving core operating
	system and device security.</li>
	<li><strong>Application security</strong>—Reviewing and improving the
	security of apps on the device.</li>
	<li><strong>Network security</strong>—Reviewing and improving the security
	of network communications from the device.</li>
	<li><strong>Hardware security</strong>—Reviewing hardware choices to improve
	device security.</li>
	<li><strong>Privacy</strong>—Enabling user control over the handling of
	their data.</li>
	</ul>

	<p>
	Many recommendations in this section are also detailed in the
	<a href="/compatibility/cdd">Android Compatibility Definition Document</a>
	(CDD). In many instances, these recommendations are detected through tools,
	such as the <a href="/compatibility/cts/">Android Compatibility Test Suite</a>
	(CTS).
	</p>

	</body>
	</html>