Security

Android Enterprise Recommended touts quick security updates

The latest Android enterprise effort aims to reassure skeptical IT pros that their users’ smartphones will receive regular security updates and provide consistent management capabilities.

Google’s Android Enterprise Recommended program, launched today, certifies devices that meet certain standards and follow specific guidelines, with an emphasis on business deployment and security. Devices in the program will receive Android security updates within 90 days of Google releasing them, and these updates will continue for at least three years.   

“This is another attempt by Google to say that, as an enterprise, the devices that you pick will be secure,” said Brian Katz, enterprise architect at Oath, a global online media company. “But the proof is in the pudding. Some devices get updates regularly, but it’s not consistent.”

Getting Android into the enterprise has been a real issue forever because of the security concerns.
Eric Kleinanalyst, VDC Research

Android Enterprise Recommended devices must also run Android 7.0 Nougat or higher, meet or exceed minimum hardware specifications, support zero-touch enrollment for enterprise mobility management (EMM) and more. Only 29.6% of all Android devices run version 7.0, which came out in August 2016, or higher, according to Google.

If an original equipment manufacturer (OEM) fails to keep up with Android security updates or meet other requirements, Google will remove it or its devices from the program, the company said.

Android security updates leave IT wary

The large number of OEMs and their varying approaches to Android security updates has hindered enterprise adoption since the operating system’s inception.

“Getting Android into the enterprise has been a real issue forever because of the security concerns,” said Eric Klein, director of mobile software at VDC Research. “Vendors have gotten a lot better, and the EMM companies have more robust solutions, but they’re still not totally there.”

Some devices have stopped receiving updates within 18 months of their release, leaving them susceptible to vulnerabilities and frustrating the IT pros tasked with securing them.

“Tell us what we can put our trust in,” said Katz, whose company manages some Android devices.

In the absence of business-specific devices — which OEMs have been reluctant to create because of low adoption numbers — Android Enterprise Recommended is a step in the right direction, Klein said.

“IT folks are going to be more willing to buy a device that has that explicit detail in terms of the enterprise specifications,” he added.

Moto X4
The Motorola X4 is an Android Enterprise Recommended device.

Android Enterprise Recommended partners

The Android Enterprise Recommended program includes devices from six OEMs, but not Samsung, the Android market share leader. Samsung has added several enterprise security and management features to its devices over the years. These include Knox, a set of management APIs, hardware-based security capabilities and more, and E-FOTA, software that gives IT control over Android updates.

Google said in a statement that it worked closely with Samsung to develop the Android Enterprise Recommended requirements and invited the company to join the program at launch.

“This is the first group of partners to be announced, and we’ll be working with more OEMs in the future,” Google said.


Source link

Tags

About the author

GG

Add Comment

Click here to post a comment

Your email address will not be published. Required fields are marked *

Do NOT follow this link or you will be banned from the site!