Tag Archives: Android enterprise

Sharing what’s new and coming next with Android Enterprise

We’ve built Android to help power the connected workforce of the future. With a growing lineup of Android Enterprise Recommended devices and services, leadership in mobile security and flexible platform tools, Android gives organizations plenty of options. At Google Cloud Next ’19, we shared more about how Android can benefit your organization, and offered a preview of some of the features we’re working on for Android Q.

If you weren’t able to attend the event, or would just like a refresher on any of the sessions, here’s an overview of the ones that are now available on YouTube:

My engineering team’s work on Android Q has focused on an improved end user experience, more controls for IT, and enhanced security tools. For example, we've addressed many top feature requests, such as an API for consolidating personal and work calendars and separate input methods for work and personal apps.

As 2019 rolls on, we’re looking forward to continuing Android’s momentum and impact on organizations of all sizes.

New research shows how Android helps companies build a digital workforce

IDC reports that by 2022, 75 percent of CIOs who don’t transition their organization to flexible IT product teams that use technology to solve problems in new ways will fall behind the competition. According to IDC, mobility is the key to building a connected workforce that’s agile, particularly when the organization is going through rapid change.  

In new research sponsored by Google, IDC asserts that teams can thrive with platforms that feature a diversity of hardware, offer strong security, and support IT management that balances with user experience. This series of whitepapers, videos and blog posts detail the critical role that mobility plays in achieving these core pillars and the strengths that Android offers as a strategic platform of choice for enterprise.

Phil Hochmuth, Program Director of IDC Mobility, said that for businesses to transform how their workers do their jobs with mobility, they must address key challenges around mobile computing risk, device capabilities, and form-factor selection, as well as the underlying provisioning and management of mobile end-user technology. IDC sees Android as a strategic platform that addresses each pillar to consider when choosing a mobile platform: Overall security, solution breath, and IT management capabilities balanced with user experience.

Android security extends from the hardware to the application stack, ensuring corporate data is kept secure. Our broad set of OEM partners offers a wide range of both price points as well as form factors that can enable every worker. And Android IT management capabilities span from the Work Profile, which separates personal data from corporate data access on a BYOD or personally enabled device, to locked down modes that control the device experience to a set of IT approved applications. Combined with innovative tools that bring machine learning, immersive experiences, and both native and web apps to users, Android is well suited to powering an organization’s digital transformation efforts.

Explore the IDC findings to discover how Android powers a mobile, connected workforce and can help your company take the next steps toward transitioning to a digital workforce.

A look back at 2018 with the Android Security & Privacy Year in Review

The Android Security & Privacy team is devoted to protecting each of the more than two billion active Android devices worldwide. This level of security and privacy is essential for enterprises, where compromises mean lost time, revenue or essential data.

As part of our commitment to updating customers, partners and Android users on our security efforts, we recently published our fifth annual Year in Review report. This document details the many advancements that the Android Security & Privacy team has made over the last year and gives you a transparent look at some of the key metrics we’ve collected.

In 2018, programs like Android Enterprise Recommended, combined with platform improvements like Treble and new OEM agreements, contributed to substantial progress in releasing security updates. In the short video below, you’ll get an overview of how the Android security team’s core pillars of layered security, transparency & openness, and Google-backed intelligence underpin our work.

Hear from Dave Kleidermacher, VP of Android Security and Privacy, as he discusses the highlights of Android Security's 2018 Year in Review report. View the full report at www.android.com/security

For further details, check out the full report by going to g.co/androidsecurityreport2018.

Managed Google Play earns key certifications for security and privacy

With managed Google Play, organizations can build a customized and secure mobile application storefront for their teams, featuring public and private applications. Organizations’ employees can take advantage of the familiarity of a mobile app store to browse and download company-approved apps.

As with any enterprise-grade platform, it’s critical that the managed Google Play Store operates with the highest standards of privacy and security. Managed Google Play has been awarded three important industry designations that are marks of meeting the strict requirements for information security management practices.

Granted by the International Organization for Standardization, achieving ISO 27001 certification demonstrates that a company meets stringent privacy and security standards when operating an Information Security Management System (ISMS). Additionally, managed Google Play received SOC 2 and 3 reports, which are benchmarks of strict data management and privacy controls. These designations and auditing procedures are developed by the American Institute of Certified Public Accountants (AICPA).

Meeting a high bar of security management standards

To earn the ISO 27001 certification, auditors from Ernst & Young performed a thorough audit of managed Google Play based on established privacy principles. The entire methodology of documentation and procedures for managing other companies’ data are reviewed during an audit, and must be made available for regular compliance review. Companies that use managed Google Play are assured their data is managed in compliance with this industry standard. Additionally, ISO 27001 certification is in line with GDPR compliance.

Secure data management

With SOC 2 and SOC 3 reports, the focus is on controls relevant to data security, availability, processing integrity, confidentiality and privacy, which are verified through auditing reports. In managed Google Play, the data and private applications that enter Google’s systems are administered according to strict protocols, including determinations for who can view them and under what conditions. Enterprises require and receive the assurance that their information is handled with the utmost confidentiality and that the integrity of their data is preserved. For many companies, the presence of an SOC 2 and 3 report is a requirement when selecting a specific service. These reports prove that a service company has met and is abiding by best practices set forth by AICPA to ensure data security.

Our ongoing commitment to enterprise security

With managed Google Play, companies’ private apps for internal use are protected with a set of verified information security management processes and policies to ensure intellectual property is secure. This framework includes managed Google Play accounts that are used by enterprise mobility management (EMM) partners to manage devices.

Our commitment is that Android will continue to be a leader in enterprise security. As your team works across devices and shares mission-critical data through applications hosted in managed Google Play, you have the assurance of a commitment to providing your enterprise the highest standards of security and privacy.

How companies are finding the right device with Android Enterprise Recommended

We recently returned from Mobile World Congress, where many of our hardware partners showcased their latest devices and how Android is shaping the future of mobility. When we launched  the Android Enterprise Recommended program, our goal was to provide the mobile ecosystem with powerful and versatile solutions, validated for enterprise use. The first validated knowledge-worker devices debuted just over a year ago, and since then the program has expanded to rugged devices, enterprise mobility management solutions and most recently, managed service providers. Today, we’re sharing highlights about how our partners are embracing Android Enterprise Recommended for how it provides choice, cost savings, and empowers companies to choose devices with confidence.

Embracing device choice

SAP, a leader in enterprise application software, wanted to give its teams greater device choice and embrace the latest Android Enterprise management features. The company was looking for a solution to transition 9,000 corporate-owned devices onto modern Android Enterprise management for the separation of business and personal data delivered by the work profile.

Jarmo Akkanen, SAP Global Service Owner, Mobile Operations, said with Android Enterprise Recommended the company was able to confidently choose devices that it knew met strict security requirements and supported rapid deployment features: “We urgently wanted to offer our colleagues more choice for their mobile workplace. We found that Google’s Android Enterprise Recommended program is a good opportunity to broaden our portfolio of managed company-owned smartphones.”

Lower cost and speedy deployment

As part of this device strategy, the SAP IT team was also looking for a way to reduce the total cost of ownership with high-quality devices across various price points. Nokia has a diverse portfolio of Android Enterprise Recommended devices that range from high-end to more cost-efficient options. This gave SAP flexibility in choosing devices that met the same rigorous standards for the enterprise, regardless of cost.

Part of the equation in lowering costs is time—SAP is transitioning to zero-touch enrollment for all Android Enterprise Recommended devices so the company can deploy corporate devices in bulk without any manual setup. Employees will get their device with the right apps and management settings already configured.

Finding great devices

When Yorkshire Building Society (YBS), a financial institution based in the UK, had numerous devices that were either unmanaged or running a legacy operating system and management solution, the company’s IT team was eager to modernize its management framework. After investigating both iOS and Android-based approaches, the YBS IT team migrated its mobile device infrastructure to Android Enterprise Recommended devices. The company made the Nokia 7 Plus its new corporate standard phone and developed a company app store to distribute applications through managed Google Play.

YBS’ End User Computing Delivery Manager Andrew Ellison said employee feedback about the transition was positive, and the new phones bring together a mix of smooth and consistent software experience with excellent hardware. “Thanks to the migration to Android, we will give our employees a good user experience and offer an extended set of services and software to them,” he said. “With Android Enterprise we will be able to offer our colleagues a personal user experience on corporate owned devices without compromising security and manageability.”

These are just a couple of examples of what companies are doing with Android. We’re looking forward to hearing how more customers and partners are embracing the potential of Android.

Google and Samsung simplify choosing Android in the Enterprise

With Android Enterprise, we've always been focused on working alongside partners, like Samsung, to support businesses as they secure and manage millions of Android devices around the world. Samsung has also pioneered advanced security with its Knox enterprise platform, building a deep set of features upon the flexible and enterprise-grade framework of Android.

Over the past few years, we’ve worked with Samsung to harmonize our enterprise investments to simplify mobility for customers and reduce duplication. With the introduction of Knox Platform for Enterprise (KPE) in Android 8.0 Oreo, Knox features are now built on top of the core Android Enterprise framework. This means that our validated management partners can now offer a single foundation for customers to deploy Android Enterprise, while adding supplementary Samsung Knox features as they see fit.    

We’re here at Mobile World Congress this week, beginning the next chapter of our partnership with Samsung with two new joint projects that will enable more enterprise feature management and expanded enrollment options for partners and customers.

Samsung leverages Android OEMConfig to accelerate delivery of Knox features to customers

Today, Samsung announced support for OEMConfig, a new Android standard that enables OEMs to create custom device features and controls that can be immediately and consistently offered by Enterprise Mobility Management (EMM) providers. The premise of OEMconfig is simple: allow an OEM provided app to configure all of the customized OEM-specific features on the device, instead of having EMMs build support for each and every OEM-specific feature in their products. OEMConfig leverages a feature of Android Enterprise known as managed configurations, and is part of the standard published on the Appconfig community.

Expansive feature sets like Samsung KPE, which deliver a broad range of security and fine-grained hardware controls, have presented a challenge for EMMs to implement. With OEMconfig, EMMs can now offer their customers a full complement of KPE features on Android Enterprise without having to build the supplemental feature support in their consoles. They can also make these features available immediately as Samsung releases them.   

To support OEMConfig, Samsung will be releasing the Knox Service Plugin (KSP) app this spring. All EMM vendors that have validated their solutions for Android Enterprise can immediately support Samsung KPE features as they are updated through the Knox Service Plugin app.

Collaborating with Samsung to streamline bulk enrollment of enterprise devices

Android Enterprise offers a simple bulk, over-the-air enrollment method called zero-touch enrollment.  Samsung also offers Knox Mobile Enrollment, which provides similar functionality for Samsung devices as part of their Knox Deployment Program (KDP). Both automate device and user enrollment, providing a seamless out-of-the-box configuration experience.

While these enrollment methods have been valuable to customers in setting up large Android deployments, it has been a burden for operators and resellers to integrate and offer both services. To help alleviate this challenge, Google and Samsung have developed a common client library for service providers with a single set of APIs that will integrate with both Android zero-touch capable devices and Samsung devices. Distribution of the library will begin this spring 2019 with Google and Samsung supporting ecosystem partners as they move to this simplified integration model.

A simplified path forward

By working together to reduce complexity, customers can confidently choose a single foundation for modern Android device management using Android Enterprise. Partners will now be able to offer automated enrollment services, as well as rapidly support feature enhancements like Samsung Knox Platform for Enterprise. We’re looking forward to continuing our partnership with Samsung as we collaborate on improving enterprise mobility for customers.

Android Enterprise Recommended expands to include Managed Service Providers

As organizations increasingly turn to Android as their enterprise mobility platform, we want to make sure they can easily identify partners with experts who are best equipped to support them.

That’s why we’re expanding the Android Enterprise Recommended program to Managed Service Providers (MSPs) and companies with MSP business units who provision, manage and support millions of devices around the world on behalf of customers. Under the Android Enterprise Recommended program for MSPs, validated partners are trained on the latest best practices from Google to help customers simplify and expand their mobility deployments.

We’re pleased to announce that Accenture, Brodos, Cognizant, DXC Technology, Econocom, Honeywell Enterprise, Mobile Mentor, Mobility MEA, Offshore Tech, SCC, SHI, Skywire, Stratix, Tech Data and Vox Mobile have been validated as Android Enterprise Recommended partners. Over time, we plan to add more MSP partners to the program.

Android Enterprise Recommended MSPs are required to deliver the following capabilities for customers (the full list of requirements can also be found here):

  • Technical expertise and leadership with dedicated personnel trained by Google on implementing and supporting Android

  • Certified experience with Android Enterprise Recommended Enterprise Mobility Management (EMM) systems

  • A close working relationship with Google with an assigned account manager and access to a 24/7 Google partner escalation desk

  • A commitment to staying current on the latest Android product features and training requirements as part of annual program re-validation

When we launched the Android Enterprise Recommended program a year ago, we set out to make it simple for businesses to find Android devices and services that have been validated by Google for meeting elevated enterprise requirements. Since then, we’ve applied this framework to knowledge worker devices, then rugged devices,and—most recently—services with last month’s launch of Android Enterprise Recommended for EMMs. With each step, we’re aiming to give customers more confidence in deploying Android and ensuring their deployment is as consistent and current as possible.

Since Android Enterprise Recommended launched, we’ve received great feedback from customers who are putting the program to use. Research firm IDC found that 82 percent of European Android Enterprise Recommended customers said their devices are more secure and more enterprise grade than other devices. We’ll continue to look for ways to expand this program and consistently raise the bar to help customers get more value from their investment in Android.

Migrating to modern Android management solutions

A modern enterprise mobility solution requires a flexible and secure platform with advanced management capabilities. It’s what we’ve delivered with Android Enterprise, and today we’re offering additional resources for organizations that are moving off of legacy deployment methods. The Android Enterprise Migration Handbook is a guide for IT managers who want detailed steps and best practices for switching away from legacy APIs.

Why choose Android Enterprise?

Customers and partners like the flexible device management choices found in Android Enterprise. The clear separation of work and personal profiles on the same device is powerful—IT manages corporate applications and data, preserving employee privacy while  protecting the security and privacy of essential company information. Additionally, rapid deployment methods—like zero-touch enrollment, QR codes, a DPC Identifier or configuration through NFC—simplify the process of getting your team up and running.

Learn more about migrating to Android Enterprise

Transition updates

Device Admin-based management solutions rely on a number of complex workarounds, such as side loading applications and using personal Gmail accounts. These solutions are limited and are not as suited to the needs of modern enterprise use cases.

As part of the transition away from Device Admin, APIs for password enforcement, disable camera and disable keyguard features have been marked as deprecated in Android 9 Pie. These APIs will no longer be available in the 2019 Android release. We recommend that customers migrate to management deployments using the Android Enterprise framework through an EMM provider.

Modern management and security

Compared to Device Admin, Android Enterprise provides extensive management controls and solutions for personal devices, work only, personally-enabled and dedicated device scenarios. This extends to enrollment, offering a variety of options to get a team up and running.

The modern Android security APIs are part of a more vigorous security structure, with more privacy for users and protection for user data. The work profile and managed device APIs create a better experience for both IT admins and employees.

Helping your organization make the move

We recommend that organizations consider a move to work profile and managed device APIs to better serve their mobility needs. Our Android Enterprise Migration Handbook will serve as a helpful document for organizations that want additional direction.

Mobility transitions can be a large and important undertaking. We encourage reaching out to your EMM partner for additional guidance on migration.

Android Enterprise Recommended validates top management solutions

Enterprise Mobility Management (EMM) providers play a vital role in enabling and managing the business features and services in Android — helping customers deploy devices and applications consistently at scale. Today, we’re launching the Android Enterprise Recommended program for Enterprise Mobility Management to help customers find the best equipped EMMs to successfully deploy Android.

Since we’ve collaborated closely with EMM partners over the years, we understand what it takes to demonstrate excellence in this area. With this program, we’re recognizing partners who provide the most comprehensive technical solutions and have knowledgeable teams focused on modern Android security and management. 

We’re pleased to welcome BlackBerry, Google Cloud, I3 Systems, IBM, Microsoft, MobileIron, Softbank, SOTI, and VMware to the program. These partners have validated solutions or will be launching their offerings throughout 2019, and we’ll add more approved partners over time. More details about our partners can be found here.

Customers can expect Android Enterprise Recommended EMMs to demonstrate the following qualities (and the full list of guidelines can be found on our site):

  • Experience across multiple Android Enterprise management sets  

  • Proven ability to deliver advanced security and management features

  • A consistent deployment experience, with admin consoles that simplify set-up of Android Enterprise

  • Documentation and guides that provide best practices for Android Enterprise set-up and configuration

  • Google-trained personnel across field sales, technical pre-sales and deployment support

  • Commitment to staying current on the latest Android product features and training requirements

Similar to last year’s launch of the Android Enterprise Recommendedprogram for devices, where we validated knowledge worker and rugged devices against an elevated set of requirements, we’re taking a similar approach to EMMs. By raising the bar of excellence, we’re helping customers select which partners are best equipped to help them fully leverage the robust security and management capabilities in the Android platform.  

There’s so much more companies can achieve through mobility. With the Android Enterprise Recommended program, Google and the Android ecosystem are stepping up to help customers enjoy a more powerful, versatile and best-in-class enterprise mobility experience.

Building a connected workforce in the new year

A new year has arrived, and with it fresh opportunities to transform your business.

Android can help power a more productive workforce and enhance customer experiences. As we look ahead to the rest of 2019, here are a few ways Android can help power a connected workforce, capable of meeting the evolving needs of digital enterprise.

Raising the bar with Android Enterprise Recommended

Last year we launched Android Enterprise Recommended, which makes it simpler for organizations to select, deploy and manage enterprise devices and services.

The program establishes best practices and common requirements for devices and services, backed by a thorough testing process conducted by Google. Devices in the program meet an elevated set of specifications for hardware, deployment, security updates, and user experience.

In September, we expanded the program to a new category of rugged devices for more demanding environments, which helps organizations in purchasing and deploying trusted Android hardware.

Enterprises are increasingly relying on Android as their go-to platform for rugged mobile deployments, with Android on pace to become the largest rugged OS by shipments in 2019, according to IDC.

Fueling global growth

Strengthening development tools has been central to helping companies grow with Android. We recently streamlined app publishing tools to help enterprises more quickly get the right apps to their employees. And the Android Management API, which came out of beta last year, brings a complete suite of management features for nearly any use case.

Additionally, companies are using Android to build great solutions for their customers and enhance team collaboration. Whether it’s Uber deploying Android devices to grow internationally or Pitney Bowes improving office shipping and mailing to expand their business, there are plenty of ways that Android helps companies meet their goals.

In 2019, we’re eager to see how companies will use the power of Android to move their business forward.

Security intelligence, backed by Google

While a new year is typically filled with optimism, it’s likely that fresh security challenges will be lurking. That’s why strong platform security is built into each Android device, backed by multiple layers of protection.

In 2018, Android 9 Pie delivered fresh helpings of security smarts. The Android platform uses industry-leading tools like exploit mitigation and sandboxing techniques to prevent bugs from being exploited. And Google Play Protect, the world’s largest threat detection system, is always working to protect devices, data, and applications.

The work profile is another powerful security tool, keeping company data in a separate, secure container on the device. Administrators can manage and secure a separate corporate profile and data, while the user gets full control over the rest of the device. And on Pixel and Android One devices, Digital Wellbeing can help sustain an employee’s new year's resolution for a better work-life balance.

Looking ahead to 2019

We’re continuing to invest in Android, and businesses are using the platform to build next-generation experiences for their workforce and customers. In the new year, we’ll continue to work with our hardware, software, services, and mobility management partners, who are building build custom app and device solutions for employees and customers. Our goal is to enable companies to connect every worker from boardrooms, out in the field, to the factory floor.

Android Enterprise Recommended is a centerpiece of these efforts, and we’re looking forward to extending its impact in the new year.