As the lines between work and private life get blurred in this age of hybrid and remote work, employees increasingly expect their personal data and apps to be protected on their work devices. At the same time, IT teams need to ensure corporate data remains secure while delivering a productive user experience.
With Android 12, we’re focused on helping organizations achieve the right balance between protecting employee privacy and equipping IT with necessary security and controls. For employees, that means additional privacy controls over which work apps can access their device data, similar to their experience with personal apps. For IT admins, it means more controls to apply the right set of management configurations for work devices.
Enhancing employee privacy and transparency
Android 12 introduces user privacy enhancements for all managed devices, including improved transparency of admin controls. Work profile users will be able to approve (if allowed by their IT admin) or deny sensor-related permissions, such as location and camera, to work profile apps. On fully-managed devices, IT admins can choose to give their users this same control.
Work and personal apps have separate controls to keep data secure and private.
To further protect user privacy, admins will be able to set up WiFi networks for employees through a new network API that doesn’t require user location permissions.
Hardware device IDs for personal devices have also changed. Now, instead of solely hardware-based identifiers, companies can use a combination of hardware and employer-specific identifiers that help preserve employee privacy if they leave their organization.
Android 12 provides users with additional privacy tools, such as microphone and camera indicators and controls, to determine how much information users share with apps. We’ve worked to ensure these privacy features all perform seamlessly for managed devices.
Users can adjust controls for camera and mic access through quick settings.
Expanding IT controls and management consistency
Android 11 brought the same work profile privacy features from employee-owned devices to company-owned devices. For Android 12, we’ve added additional controls to help enterprise IT teams reduce security risks and ensure tighter monitoring of business data.
A key addition is network logging for the work profile, to give organizations added control and reporting for their work data, while still protecting user privacy in the personal profile.
We’re also empowering IT to decide what input method editors (IMEs) employees can use in their personal profiles to reduce the risk of using a rogue keyboard that could capture data on the device. IT will also have the ability to disable USB signaling for anything but charging, reducing the risk of USB-based attacks.
Historically, IT admins enforced strict password requirements, forcing users to create highly-complex passwords that were hard to remember. Employees have sometimes resorted to writing down these complicated passwords or they’ve forgotten them altogether, leading to factory resets. Thanks to hardware security improvements that prevent brute-force attacks, these kinds of passwords aren’t needed anymore.
Admins can now easily set password requirements that meet modern security best practices by choosing between pre-set password complexity levels. This will help users and administrators find balance between security and simplicity. We’ve also made it easier for users to set up a separate password for their work profile. Read our newest report, Simplifying Password Quality in Android 12, to learn more.
Users can set up an extra passcode for the work profile.
IT admins will also have the option to slice their 5G network and dedicate connectivity to all apps on a fully-managed device, or specifically to apps in the work profile. In partnership with their carrier, admins will be able to have wider control over quality of service and security of work data.
Join us for the Art of Control digital event
Learn more about all of the ways we’re improving security and management at The Art of Control on October 27. Register for our first Android Enterprise security and management digital event, where we’ll share the latest features in Android 12 through demos and analyst briefings. You’ll also hear from customers like Schneider Electric about how they’re using Android Enterprise to achieve effortless control.