Apple's iOS is a real walled garden. With the exception of those brave enough to "jailbreak" their phones, Apple controls which apps get into its App Store, and which don't.
On Android, it's not so simple. Google similarly vets its own Play store, but there's a huge loophole: Android users can allow third-party software software installations simply by checking off a button in the settings menu.
The reasons for allowing that outside Android software may range from the benign (beta-testing apps) to the nefarious (pirated software). But as ZDNet's Zack Whittaker recently detailed, by allowing app installs from unknown sources, you're essentially opening up your device to potential malware infections.
How to keep your Android device safe
By default, Google prevents users from installing apps from sources other than the Play store.
The best way to protect yourself is to leave the installation of apps from unknown sources disabled. It's a good idea to double-check that the setting is still disabled, just to be safe.
Exact placement of the option will vary based on the device you own, but it generally is found in the Settings app under Security > Unknown Source.
To be clear: This doesn't make your phone 100 percent safe. Nor does it protect you from non-software security issues, including phishing attacks and cloud-based password breaches.
That said, keeping unknown sources deactivated on your phone or tablet is a strong first line of protection that will prevent the most egregious malware from having open access to your device.
What you're giving up
While disabling access to unknown sources is the safest course of action, it may involve some sacrifices.
For example, Android app site APKMirror requires unknown source installation to be enabled. More significantly, Amazon Underground, the retailer's third-party app store, requires the "unknown sources" toggle to be switched, too. And that's the only way to get the Amazon Prime Video app on Android devices. (For reasons unknown, most of Amazon's other media apps -- including the Kindle app and the Amazon Music app -- are available in the Google Play store, and thus do not require unknown source access.)
But just remember: By allowing apps from those third parties, you're also opening a de facto security hole on your device. And even if Android security is getting better, it only works if you actually keep Google's safeguards turned on.
That's why you should only install applications from official channels such as Google's Play store, or for Samsung Galaxy users, the Galaxy App Store.