Limiting third-party apps is understandable, as those often present greater risks and are not necessarily scanned for malware before approval, like Play Store apps. But restricting what users can do with their own devices is questionable. According to TechCrunch, users will be able to install apps from third-party stores that shipped on the device, and some apps will be available through the developer tool Android Debug Bridge. Third-party apps that are on the device already will not be removed, and they'll still receive updates.

Google will also reportedly enable Google Play Protect automatically for anyone enrolled in the Advanced Protection Program. That feature automatically scans your device to make sure your mobile security is up to date, and it scans billions of apps in the Google Play Store daily. The catch is that Advanced Protection Program users will not be able to turn Google Play Protect off.

You can expect these changes to roll out gradually to Android devices, and new malware protections for Chrome may arrive later this year.

Google Advanced Protection originally launched as a way to protect high-profile hacking targets, like celebrities and political figures, but it is available to anyone. Earlier this year, Google made it easier to sign up for the program. While the added security could be useful if you feel like two-factor authentication isn't enough, these new policies could be a reason to think twice before signing up.