Updated: December 14, 2013
If you've read my Android smartphone review, as well as the subsequent Samsung Galaxy Note 10.1 tablet review, and then the later six-month impression report, then you will have learned that it is virtually impossible to sign out of your primary Google account, apart from some rigorous rooting and such. The signout or logout functions do not exist.
This means that anyone with access to your mobile device could potentially view, read and tamper with your inbox, because it is wide open. Now, you can easily sign out of the Google account in your browser, but you cannot do the same thing in the mail client. You are not in the mood to start deleting and destroying things, you just wish some privacy and security. How do you go about that? Let me help you.
Here's a handful of mitigating privacy and security options that you should undertake to protect your device from unauthorized access. Not all of these features will be present on all Android phones and tablets, but if you can, try to exercise them.
Keep your device screen locked with a password, instead of keeping it open or locked with a gesture. They are fairly easy to memorize, unlike passwords, which require a very keen eye. Disabling sync, in case you are not using, or do not intend to use the mobile device for mails, is another option. You may also want to encrypt your internal storage and SD cards.
All of these should prevent strangers, in a way, to a degree. But they will do nothing for other people whom you may allow access, or even loan the devices, including friends and family members.
What you can do is create app specific locks - prevent the use of certain applications unless a correct numerical sequence, or a password if you like, is provided. To wit, there's a nice little program called App Lock, as simple as that. This application allows you to selectively disable access to your device.
What you want to do is lock Gmail:
You will need to configure App Lock, and set a default password. You can also give yourself a sort of a hint, in case you forget it, because that could be rather awkward. Moreover, App Lock is smart enough to protect itself from unauthorized access, so no one can just casually remove the lock once it's in place, without knowing the password or gently torturing it out of you.
The combination of device password, data encryption and per-application control with App Lock using a second, numerical password should provide you with a decent enough level of privacy and security. Of course, if you do not like the concept of your Android operating system using your account for everything, then you should not use it, at all.
This guide is not a foolproof security recipe. It's most a layered tactical solution to managing access to your private stuff by challenging potentially unauthorized or undesired users. It does not replace logic, common sense, and it does not resolve the inherent model, where your account is associated with your device, and all you do. I still do not have a simple and elegant way that you can just sign out of your device and use it in an anonymous mode, without rooting and hacking, but I will sure keep searching. For the time being, you have App lock as a very decent mitigating solution. There you go.