Is there room for a more secure Android in Enterprise Mobility?
Who’s the taker of the enterprise mobility throne – Android or iOS? While Android has a handy lead in the global smartphone market, it has been iOS that has been marginally better received in the enterprise. Security concerns, problems with device management etc. are a few hits against Android in the enterprise. The Citrix Enterprise Mobility Cloud Report revealed that iOS had the largest share of the enterprise mobility market in Europe with at an adoption rate of 46%. Android followed close on iOS’ heels with 36% market share. While the advantage with iOS was that it gave IT a homogeneous mobile operating environment which translated to fewer lags, Android, being open source, did not secure much favor from IT since it may have been more susceptible to malware and attacks. Google, however, has worked judiciously to bring Android up to speed with enterprise needs and worked meticulously to put those IT concerns to rest.
Android has made security as a top priority since their Lollipop days. To strengthen their enterprise ambitions, Google launched Android at Work. This introduced a common set of API’s that were built directly into Android to beef up security and manageability. Android for Work allows Android devices to work in different models. It allows devices to operate in a work profile that separates and encrypts corporate data within the OS and hence can be used on corporate issued or privately owned devices as well as for single use devices such as kiosks.
With each new version, Android has worked towards becoming more secure and more manageable. Android for Work gives enterprises a consistent platform for managing Android devices securely. Data separation, standardized management, security controls etc. all allow organizations to use Android devices without the worry of jeopardizing their business data. Following the public disclosure of a bug in Stagefright, Google launched a monthly updates program in 2015 with the aim of accelerating patching of vulnerabilities across the android device range. In 2016, more than 735 million devices and 200 plus device manufacturers received a platform security update. Along with this, Android also released monthly security updates for Android devices running Android 4.4.4 and up. They also leveraged their carrier and hardware partners to expand update deployments and managed to release updates in the last quarter of 2016 for over half of the top 50 devices worldwide.
Additionally, to increase device security, Android has streamlined their security updates program to make it easier for manufacturers to deploy security patches. They have also been releasing A/B updates that make it easier for users to apply the patches.
The release of Android 7.0 Nougat further strengthened the Android security features. These features could now be applied to the work applications itself instead of the device, making device security easier to manage. Nougat also added ‘always on VPN’ that protects work network traffic data and ensures that data does not travel over unsecured connections. They have also implemented a separate password for work applications and further expanded the multiple security layers that come with built-in Android.
Enterprises can benefit greatly from the built-in nature of enterprise features in Android. A recent example of the same is The World Bank Group that has used these built-in enterprise features to mobilize their workforce and ensure that workforce productivity does not decline on the go. Using Android’s work profile and VPN support, The World Bank has enabled its employees to access sensitive data and yet managed to keep it secure.
Android has also made it easier for administrators to manage a plethora of Android devices. Android Nougat makes it easier for IT admins to suspend app access when not compliant with work policies. Additionally, the QR code provisioning makes it easier to deploy managed devices faster. It also allows customizations of device policy and supports messages in settings.
Android for Work also has a DevHub which is a community of developers who collaborate extensively and share best practices on Android enterprise applications. Along with this, there is the AppConfig Community that has standard Android for Work configurations for developing enterprise applications. This aids development of Android enterprise applications, set up managed profiles and configurations, and also develop single-use solutions for Android devices
Google also has been working proactively to keep the users safe from PHA’s or Potentially Harmful Apps that put devices and data at risk. Over the years systems have been created that review applications for unsafe behavior. Verify Apps checks devices for PHA’s. In 2016, Verify Apps conducted 750 million daily checks that helped in reducing PHA installation rates in android devices. In 2016, the number of Trojans reduced by 51.5% in comparison to 2015. Additionally, the number of phishing apps reduced by 73.4% when compared to 2015.
The steps Google is taking to strengthen the Android ecosystem is a clear indication of what their enterprise goals are. The iterations of Android and Android at Work reflect that Google is moving in the right direction with their enterprise ambitions. Though iOS might have a larger share of the enterprise pie at the current moment, it is evident that it’s only a matter of time before IT starts considering Android as a serious contender for enterprise mobility. Will it be your choice?