Tag Archives: Android enterprise

Research details Android growth in the enterprise

Mobility is key to building a connected workforce that can tackle today’s complex business challenges. According to recently-published IDC research, mobile platforms need to offer hardware choice, multi-layered security, and comprehensive management capabilities to enable digital transformation.

This infographic from IDC illustrates how Android meets these attributes, and demonstrates why Android has strong and growing adoption in the enterprise.

Security incidents are less frequent in Android-majority enterprises compared to iOS-majority deployments. IDC Infographic
"Android Taking Off in the Enterprise"

Among the key IDC findings:

  • 74 percent of U.S.-based IT decision makers believe Android Enterprise Recommended devices are more secure and enterprise-grade than iOS devices. A recently released Gartner reportdetails Android security performance.

  • 77 percent of U.S.-based multinational firms prefer Android devices.

  • Android-majority deployments have a higher satisfaction rate than a mixed or iOS-only fleet.

  • Android-majority enterprises experience eight percent fewer mobile phishing incidents, and five percent fewer issues integrating mobile devices with back end systems.

For more insights, explore the IDC findings to discover how Android powers mobile, connected teams and can help your company transition to a digital workforce.

The Pixel 3a joins the Android Enterprise Recommended lineup

Android Enterprise Recommended continues to shape how organizations choose devices for their teams. According to a recent HMD smartphone purchase survey, 56 percent of IT decision makers have decided to only choose Android Enterprise Recommended devices for their business. Android Enterprise Recommended helps businesses select devices with confidence from a breadth of options, so they can find a quality device at a price that’s right for the organization.

Today, the Pixel 3a joins the Android Enterprise Recommended lineup. Announced at Google I/O last week, the new, more affordable Pixel has enterprise-grade security, with monthly security updates and the Titan M chip. A consistent Google user experience backed by machine learning and artificial intelligence helps your team work productively. Recently, a 2019 Gartner research report that evaluated mobile security determined that the Pixel 3 device family has the strongest performance for built-in security when compared to other mobile devices.

The Pixel 3a joins a group of devices in Android Enterprise Recommended that provide businesses with options of enterprise-grade performance and support for zero-touch enrollment at a budget-friendly price. The Nokia 7.1, Moto G7 and Sharp AQUOS Sense are among the many knowledge worker devices within the Android Enterprise Recommended portfolio that run Android 9 Pie, and offer strong productivity power and battery life at a cost below $400.

Since launching in 2018, Android Enterprise Recommended now offers devices from over 20 OEMs, with knowledge worker, rugged devices and tablets in our portfolio. We also help companies secure and manage their devices with Android Enterprise Recommended EMM and Managed Service Provider partners. Learn more about the vast selection of devices available from our Android Enterprise Solutions Directory.

Enhanced security and IT tools for enterprises in Android Q

With each version of Android, we’ve focused on improving the work experience for people and providing more control, security and flexibility for IT and business owners. Android Q, the newest release in beta, offers up more features that deliver on this promise and continue to push the boundaries of enterprise mobility.

Here’s a look at some of the features available in beta.

Improved work experience

In Android Q, we’ve tackled some of the top feature requests that give people more functionality when using the work profile, our platform level separation for work apps and data. People will be able to see work events in their personal calendar and other apps in the personal profile, with a simple transition to the work calendar for more details or event editing. IT admins, meanwhile, can set limits on work event sharing by policy.

Cross profile calendar sync

Employees can also use their favorite keyboard or input method for their personal profile, while IT can require a different method for the work profile. This gives employees more freedom for personalized usage and allows IT to apply more security to the work profile.

We’re also providing companies with more flexibility in deploying work profiles on corporate-owned devices. IT admins can now use zero-touch enrollment, QR codes or NFC tags to provision a work profile directly during the setup wizard.

More IT control

Previously, IT admins could freeze device updates for up to 90 days to help with testing and scheduling updates. In Android Q, admins now have the ability to manually install system updates locally from a file. That allows organizations to stagger rollouts to preserve network bandwidth or take advantage of times when devices are idle.

Apps can soon send feedback to IT admins, such as providing the status of managed configurations, or giving impromptu device error reports. This functionality will be available in the coming weeks and will be supported on devices going back to Android 5.0.

The same app feedback channel bolsters our OEM Config offering. With OEM Config, device manufacturers can include bundled apps that call custom privileged APIs, allowing admins to set OEM policies via managed configurations, without any extra integration work from enterprise mobility management (EMM) providers. For example, Samsung uses our updated OEM config offering to improve the availability of their Knox Platform for Enterprise.  Improvements to OEM Config include the feedback channel, an enhanced configurations schema and an update broadcast which informs an app immediately when new configurations are available, even when the app is not open.

IT admins can also now also configure certificate-based WiFi networks during setup by including the credentials in the enrollment QR code or NFC tag. This will simplify setup and streamline connectivity for work devices.

Enhanced security

Android Q brings a host of updates for organizations looking to secure their mobile fleet. IT admins can take advantage of new delegation capabilities that enable offloading of certain tasks to specific apps outside of the device policy controller. For example, IT admins can appoint their preferred app to handle network activity logging or the selection of certificates.

On devices with a work profile, IT admins can now block the installation of apps from unknown sources across the entire device, adding additional protections against potential malware in the personal profile. And with the deprecation of Device Admin APIs in Android Q, we’re enabling apps that require a lock-screen to check the quality of screen lock credentials and direct a user to set a stronger passcode.

These are just some of the new Android Q features available in beta that will benefit enterprise customers. Take a look at a fuller list of features at the Android developers website and try out the beta today.

Android Enterprise security assessed by Gartner

Data and device security are among the most important aspects to any enterprise mobility initiative. With Android, we’ve invested in a wide range of protections, both on-device defenses and corporate-managed tools, to help companies keep their devices and data safe.

Gartner’s 2019 Mobile OSs and Device Security: A Comparison of Platforms report (subscription required) is a comprehensive assessment of mobile security controls and enterprise management features. The report helps security and risk management technical professionals through analysis of and recommendations for security controls of popular mobile device operating systems.

In the report, which was published on Monday, Gartner evaluates a number of operating systems and device implementations including Android, Chrome OS and the Google Pixel 2 and Pixel 3. Android 9 received strong ratings in 26 of 30 categories, including 12 of the 13 categories in the corp-managed section.

Check out the video below for more details.

Gartner's assessment of Android security

Gartner senior director analyst Patrick Hevesi provides an overview of the 2019 Mobile OSs and Device Security: A Comparison of Platforms report

 You can also see a breakdown of all of the categories in the table below :

Gartner security ratings for Android 9 and Pixel 3

For more information, visit the Android Enterprise security page, where you can learn about security features like built-in anti-malware through Google Play Protect and workplace isolation with the Android work profile. Also learn more by reading the Android Security & Privacy 2018 Year in Review report.

Sharing what’s new and coming next with Android Enterprise

We’ve built Android to help power the connected workforce of the future. With a growing lineup of Android Enterprise Recommended devices and services, leadership in mobile security and flexible platform tools, Android gives organizations plenty of options. At Google Cloud Next ’19, we shared more about how Android can benefit your organization, and offered a preview of some of the features we’re working on for Android Q.

If you weren’t able to attend the event, or would just like a refresher on any of the sessions, here’s an overview of the ones that are now available on YouTube:

My engineering team’s work on Android Q has focused on an improved end user experience, more controls for IT, and enhanced security tools. For example, we've addressed many top feature requests, such as an API for consolidating personal and work calendars and separate input methods for work and personal apps.

As 2019 rolls on, we’re looking forward to continuing Android’s momentum and impact on organizations of all sizes.

New research shows how Android helps companies build a digital workforce

IDC reports that by 2022, 75 percent of CIOs who don’t transition their organization to flexible IT product teams that use technology to solve problems in new ways will fall behind the competition. According to IDC, mobility is the key to building a connected workforce that’s agile, particularly when the organization is going through rapid change.  

In new research sponsored by Google, IDC asserts that teams can thrive with platforms that feature a diversity of hardware, offer strong security, and support IT management that balances with user experience. This series of whitepapers, videos and blog posts detail the critical role that mobility plays in achieving these core pillars and the strengths that Android offers as a strategic platform of choice for enterprise.

Phil Hochmuth, Program Director of IDC Mobility, said that for businesses to transform how their workers do their jobs with mobility, they must address key challenges around mobile computing risk, device capabilities, and form-factor selection, as well as the underlying provisioning and management of mobile end-user technology. IDC sees Android as a strategic platform that addresses each pillar to consider when choosing a mobile platform: Overall security, solution breath, and IT management capabilities balanced with user experience.

Android security extends from the hardware to the application stack, ensuring corporate data is kept secure. Our broad set of OEM partners offers a wide range of both price points as well as form factors that can enable every worker. And Android IT management capabilities span from the Work Profile, which separates personal data from corporate data access on a BYOD or personally enabled device, to locked down modes that control the device experience to a set of IT approved applications. Combined with innovative tools that bring machine learning, immersive experiences, and both native and web apps to users, Android is well suited to powering an organization’s digital transformation efforts.

Explore the IDC findings to discover how Android powers a mobile, connected workforce and can help your company take the next steps toward transitioning to a digital workforce.

A look back at 2018 with the Android Security & Privacy Year in Review

The Android Security & Privacy team is devoted to protecting each of the more than two billion active Android devices worldwide. This level of security and privacy is essential for enterprises, where compromises mean lost time, revenue or essential data.

As part of our commitment to updating customers, partners and Android users on our security efforts, we recently published our fifth annual Year in Review report. This document details the many advancements that the Android Security & Privacy team has made over the last year and gives you a transparent look at some of the key metrics we’ve collected.

In 2018, programs like Android Enterprise Recommended, combined with platform improvements like Treble and new OEM agreements, contributed to substantial progress in releasing security updates. In the short video below, you’ll get an overview of how the Android security team’s core pillars of layered security, transparency & openness, and Google-backed intelligence underpin our work.

Hear from Dave Kleidermacher, VP of Android Security and Privacy, as he discusses the highlights of Android Security's 2018 Year in Review report. View the full report at www.android.com/security

For further details, check out the full report by going to g.co/androidsecurityreport2018.

Managed Google Play earns key certifications for security and privacy

With managed Google Play, organizations can build a customized and secure mobile application storefront for their teams, featuring public and private applications. Organizations’ employees can take advantage of the familiarity of a mobile app store to browse and download company-approved apps.

As with any enterprise-grade platform, it’s critical that the managed Google Play Store operates with the highest standards of privacy and security. Managed Google Play has been awarded three important industry designations that are marks of meeting the strict requirements for information security management practices.

Granted by the International Organization for Standardization, achieving ISO 27001 certification demonstrates that a company meets stringent privacy and security standards when operating an Information Security Management System (ISMS). Additionally, managed Google Play received SOC 2 and 3 reports, which are benchmarks of strict data management and privacy controls. These designations and auditing procedures are developed by the American Institute of Certified Public Accountants (AICPA).

Meeting a high bar of security management standards

To earn the ISO 27001 certification, auditors from Ernst & Young performed a thorough audit of managed Google Play based on established privacy principles. The entire methodology of documentation and procedures for managing other companies’ data are reviewed during an audit, and must be made available for regular compliance review. Companies that use managed Google Play are assured their data is managed in compliance with this industry standard. Additionally, ISO 27001 certification is in line with GDPR compliance.

Secure data management

With SOC 2 and SOC 3 reports, the focus is on controls relevant to data security, availability, processing integrity, confidentiality and privacy, which are verified through auditing reports. In managed Google Play, the data and private applications that enter Google’s systems are administered according to strict protocols, including determinations for who can view them and under what conditions. Enterprises require and receive the assurance that their information is handled with the utmost confidentiality and that the integrity of their data is preserved. For many companies, the presence of an SOC 2 and 3 report is a requirement when selecting a specific service. These reports prove that a service company has met and is abiding by best practices set forth by AICPA to ensure data security.

Our ongoing commitment to enterprise security

With managed Google Play, companies’ private apps for internal use are protected with a set of verified information security management processes and policies to ensure intellectual property is secure. This framework includes managed Google Play accounts that are used by enterprise mobility management (EMM) partners to manage devices.

Our commitment is that Android will continue to be a leader in enterprise security. As your team works across devices and shares mission-critical data through applications hosted in managed Google Play, you have the assurance of a commitment to providing your enterprise the highest standards of security and privacy.

How companies are finding the right device with Android Enterprise Recommended

We recently returned from Mobile World Congress, where many of our hardware partners showcased their latest devices and how Android is shaping the future of mobility. When we launched  the Android Enterprise Recommended program, our goal was to provide the mobile ecosystem with powerful and versatile solutions, validated for enterprise use. The first validated knowledge-worker devices debuted just over a year ago, and since then the program has expanded to rugged devices, enterprise mobility management solutions and most recently, managed service providers. Today, we’re sharing highlights about how our partners are embracing Android Enterprise Recommended for how it provides choice, cost savings, and empowers companies to choose devices with confidence.

Embracing device choice

SAP, a leader in enterprise application software, wanted to give its teams greater device choice and embrace the latest Android Enterprise management features. The company was looking for a solution to transition 9,000 corporate-owned devices onto modern Android Enterprise management for the separation of business and personal data delivered by the work profile.

Jarmo Akkanen, SAP Global Service Owner, Mobile Operations, said with Android Enterprise Recommended the company was able to confidently choose devices that it knew met strict security requirements and supported rapid deployment features: “We urgently wanted to offer our colleagues more choice for their mobile workplace. We found that Google’s Android Enterprise Recommended program is a good opportunity to broaden our portfolio of managed company-owned smartphones.”

Lower cost and speedy deployment

As part of this device strategy, the SAP IT team was also looking for a way to reduce the total cost of ownership with high-quality devices across various price points. Nokia has a diverse portfolio of Android Enterprise Recommended devices that range from high-end to more cost-efficient options. This gave SAP flexibility in choosing devices that met the same rigorous standards for the enterprise, regardless of cost.

Part of the equation in lowering costs is time—SAP is transitioning to zero-touch enrollment for all Android Enterprise Recommended devices so the company can deploy corporate devices in bulk without any manual setup. Employees will get their device with the right apps and management settings already configured.

Finding great devices

When Yorkshire Building Society (YBS), a financial institution based in the UK, had numerous devices that were either unmanaged or running a legacy operating system and management solution, the company’s IT team was eager to modernize its management framework. After investigating both iOS and Android-based approaches, the YBS IT team migrated its mobile device infrastructure to Android Enterprise Recommended devices. The company made the Nokia 7 Plus its new corporate standard phone and developed a company app store to distribute applications through managed Google Play.

YBS’ End User Computing Delivery Manager Andrew Ellison said employee feedback about the transition was positive, and the new phones bring together a mix of smooth and consistent software experience with excellent hardware. “Thanks to the migration to Android, we will give our employees a good user experience and offer an extended set of services and software to them,” he said. “With Android Enterprise we will be able to offer our colleagues a personal user experience on corporate owned devices without compromising security and manageability.”

These are just a couple of examples of what companies are doing with Android. We’re looking forward to hearing how more customers and partners are embracing the potential of Android.

Google and Samsung simplify choosing Android in the Enterprise

With Android Enterprise, we've always been focused on working alongside partners, like Samsung, to support businesses as they secure and manage millions of Android devices around the world. Samsung has also pioneered advanced security with its Knox enterprise platform, building a deep set of features upon the flexible and enterprise-grade framework of Android.

Over the past few years, we’ve worked with Samsung to harmonize our enterprise investments to simplify mobility for customers and reduce duplication. With the introduction of Knox Platform for Enterprise (KPE) in Android 8.0 Oreo, Knox features are now built on top of the core Android Enterprise framework. This means that our validated management partners can now offer a single foundation for customers to deploy Android Enterprise, while adding supplementary Samsung Knox features as they see fit.    

We’re here at Mobile World Congress this week, beginning the next chapter of our partnership with Samsung with two new joint projects that will enable more enterprise feature management and expanded enrollment options for partners and customers.

Samsung leverages Android OEMConfig to accelerate delivery of Knox features to customers

Today, Samsung announced support for OEMConfig, a new Android standard that enables OEMs to create custom device features and controls that can be immediately and consistently offered by Enterprise Mobility Management (EMM) providers. The premise of OEMconfig is simple: allow an OEM provided app to configure all of the customized OEM-specific features on the device, instead of having EMMs build support for each and every OEM-specific feature in their products. OEMConfig leverages a feature of Android Enterprise known as managed configurations, and is part of the standard published on the Appconfig community.

Expansive feature sets like Samsung KPE, which deliver a broad range of security and fine-grained hardware controls, have presented a challenge for EMMs to implement. With OEMconfig, EMMs can now offer their customers a full complement of KPE features on Android Enterprise without having to build the supplemental feature support in their consoles. They can also make these features available immediately as Samsung releases them.   

To support OEMConfig, Samsung will be releasing the Knox Service Plugin (KSP) app this spring. All EMM vendors that have validated their solutions for Android Enterprise can immediately support Samsung KPE features as they are updated through the Knox Service Plugin app.

Collaborating with Samsung to streamline bulk enrollment of enterprise devices

Android Enterprise offers a simple bulk, over-the-air enrollment method called zero-touch enrollment.  Samsung also offers Knox Mobile Enrollment, which provides similar functionality for Samsung devices as part of their Knox Deployment Program (KDP). Both automate device and user enrollment, providing a seamless out-of-the-box configuration experience.

While these enrollment methods have been valuable to customers in setting up large Android deployments, it has been a burden for operators and resellers to integrate and offer both services. To help alleviate this challenge, Google and Samsung have developed a common client library for service providers with a single set of APIs that will integrate with both Android zero-touch capable devices and Samsung devices. Distribution of the library will begin this spring 2019 with Google and Samsung supporting ecosystem partners as they move to this simplified integration model.

A simplified path forward

By working together to reduce complexity, customers can confidently choose a single foundation for modern Android device management using Android Enterprise. Partners will now be able to offer automated enrollment services, as well as rapidly support feature enhancements like Samsung Knox Platform for Enterprise. We’re looking forward to continuing our partnership with Samsung as we collaborate on improving enterprise mobility for customers.