As many companies integrate return to the office plans with existing work-from-home strategies, a key component is building a device management and security strategy centered on remote access. In this era of hybrid work,  mobility is the critical link for workers who need the ability to connect to company resources from anywhere. 

A recent Forrester report highlights why IT administrators should use on-device security and enterprise management features to build a powerful and adaptive security strategy, noting how remote access is now paramount for business continuity. Organizations can enable the multilayered protections and management features in Android Enterprise to help their teams thrive in this hybrid world, giving teams powerful built-in security without layers of complexity.

Security built in as a foundation

In its research, Forrester found that 78% of IT admins surveyed are planning to increase their use of on-device security in the next year. When it comes to anti-malware defense, securely configuring devices and managing mobile applications, Android offers enterprise-grade security solutions that meet the needs of today’s organizations. 

Forrester recommends that operating system platform security be the key foundation to a device security strategy. With Android Enterprise, organizations benefit from on-device protection that is built to help secure data, protect employee privacy and equip IT admins with a rich set of management features. The report calls out how Android makes use of the anti-malware protections in Google Play Protect to provide an ongoing defense against potentially harmful apps.  In doing so, an IT security team can rely heavily on such built-in features to achieve the security posture that businesses of all sizes require to defend against complex attacks. 

Our recently updated Android Enterprise Security Paper provides a comprehensive review of the hardware and software security features available in Android which can be trusted for accessing critical and sensitive information.

Security admins need, privacy employees require

Android provides a depth of security features that are built to provide automatic defenses against many layers of threats. Google Play Protect uses machine learning to adapt to changing security threats, providing organizations a built-in solution at no cost.

The Android work profile gives organizations flexibility to securely enroll personal devices and provide greater privacy on corporate-owned smartphones and tablets. In its report, Forrester notes Android comes with strong data isolation and protection features with the Android work profile. By separating personal and work apps on devices with distinct encryption keys for each profile, Android gives admins a built-in solution to provide employees with secure access that aligns to their work styles without sharing any access to data from personal apps on devices with IT.

Managed Google Play lets admins specify which public or internal apps can be installed in the work profile. The granular levels of security available to admins from Android Enterprise APIs and the built-in security through services like Google Play Protect serve as a strong foundation for mounting a robust threat defense. In addition, the SafetyNet Attestation API integrates with partner Enterprise Mobility Management (EMM) solutions to verify that devices have not been compromised. This now includes hardware-backed evaluations as an indicator of a stronger device integrity evaluation. 

No matter where your teams are working, you can have confidence in the platform and management security features found in Android Enterprise. Learn more about building an on-device strategy from the Forrester report, and go in-depth on integrating features with our security paper.

As many companies integrate return to the office plans with existing work-from-home strategies, a key component is building a device management and security strategy centered on remote access. In this era of hybrid work,  mobility is the critical link for workers who need the ability to connect to company resources from anywhere. 

A recent Forrester report highlights why IT administrators should use on-device security and enterprise management features to build a powerful and adaptive security strategy, noting how remote access is now paramount for business continuity. Organizations can enable the multilayered protections and management features in Android Enterprise to help their teams thrive in this hybrid world, giving teams powerful built-in security without layers of complexity.

Security built in as a foundation

In its research, Forrester found that 78% of IT admins surveyed are planning to increase their use of on-device security in the next year. When it comes to anti-malware defense, securely configuring devices and managing mobile applications, Android offers enterprise-grade security solutions that meet the needs of today’s organizations. 

Forrester recommends that operating system platform security be the key foundation to a device security strategy. With Android Enterprise, organizations benefit from on-device protection that is built to help secure data, protect employee privacy and equip IT admins with a rich set of management features. The report calls out how Android makes use of the anti-malware protections in Google Play Protect to provide an ongoing defense against potentially harmful apps.  In doing so, an IT security team can rely heavily on such built-in features to achieve the security posture that businesses of all sizes require to defend against complex attacks. 

Our recently updated Android Enterprise Security Paper provides a comprehensive review of the hardware and software security features available in Android which can be trusted for accessing critical and sensitive information.

Security admins need, privacy employees require

Android provides a depth of security features that are built to provide automatic defenses against many layers of threats. Google Play Protect uses machine learning to adapt to changing security threats, providing organizations a built-in solution at no cost.

The Android work profile gives organizations flexibility to securely enroll personal devices and provide greater privacy on corporate-owned smartphones and tablets. In its report, Forrester notes Android comes with strong data isolation and protection features with the Android work profile. By separating personal and work apps on devices with distinct encryption keys for each profile, Android gives admins a built-in solution to provide employees with secure access that aligns to their work styles without sharing any access to data from personal apps on devices with IT.

Managed Google Play lets admins specify which public or internal apps can be installed in the work profile. The granular levels of security available to admins from Android Enterprise APIs and the built-in security through services like Google Play Protect serve as a strong foundation for mounting a robust threat defense. In addition, the SafetyNet Attestation API integrates with partner Enterprise Mobility Management (EMM) solutions to verify that devices have not been compromised. This now includes hardware-backed evaluations as an indicator of a stronger device integrity evaluation. 

No matter where your teams are working, you can have confidence in the platform and management security features found in Android Enterprise. Learn more about building an on-device strategy from the Forrester report, and go in-depth on integrating features with our security paper.

To support Android Enterprise customers with their mobility initiatives, we’ve created a series of webinars at Android OnAir that offer best practices in deploying and managing devices. Each webinar tackles an essential subject that is top of mind for IT decision makers and admins. Participants can join a live Q&A during the broadcast to get answers directly from Google. If you can’t make the live broadcast, webinars are all available on-demand.

Our current catalogue of on-demand webinars cover important topics like deployment strategies and Android security updates. Check out the upcoming schedule and register today to reserve your spot.

Google security services on Android 

April 15:Android devices are backed by industry-leading security to help keep devices safe. Learn how Google Play Protect, Safe Browsing, SafetyNet and other Google Security Services help safeguard company data and employee privacy, and discover strategies to incorporate them into your mobility initiative.

Using mobile to improve business continuity 

May 13: Android can transform how your teams connect with each other and work more efficiently, no matter where they are. Learn how you can take mobile devices beyond traditional use cases and give employees more convenience with access to internal services like private apps, corporate sites and key services to extend business continuity to any device.

How Google mandates Android security standards

June 17:Consistent security and management standards give companies the confidence to use a mix of devices from different OEMs to support various business use cases. Find out more about how Google works closely with device manufacturers and developers to implement security systems that are deployed on enterprise devices.

Preventing enterprise data loss on Android

July 15: Data loss can be catastrophic for any business. Learn how Android Enterprise management features give IT admins the tools to mandate secure app and data usage practices that help prevent leaks and guard against attacks from bad actors. Discover Android management strategies to give employees the level of access you want while helping protect critical company data.

Equip your frontline workers for success with Android

August 12: Frontline workers like sales associates, warehouse managers, delivery drivers and others perform critical tasks that drive customer success. However, mobile investment in these employees remains low. Businesses can use mobile devices to empower these teams with data-driven decisions and real-time access to company resources. Learn how business can use Android device diversity to provide the right device for each digital use case.

Explaining Android Enterprise
Recommended and security requirements

September 16: Android Enterprise Recommended simplifies mobility choices for businesses with a Google-approved shortlist of devices, services, and partners that meet our strict enterprise requirements. Find out how this initiative can help your team select devices with consistent security and software requirements and find validated Enterprise Mobility Management and Managed Service Provider partners.

Enterprises regularly contend with evolving security threats. Their mobile devices and operating systems must create trust so IT teams, managers, and employees have confidence that their information is backed by strong security measures.

To assist our enterprise partners and customers with accurate and timely information about the Android approach to security, we’ve published a new update to the Android Enterprise Security Whitepaper. This document serves as a comprehensive overview of how Android enables best-in-class security by using multi-layered protections, Google-powered artificial intelligence and the collective contributions of the wider community.

The newest edition of this whitepaper includes the latest Android 10 security enhancements, which make Android even more secure and helpful for businesses. Learn about how Android has made it simpler to distribute updates and security patches through Google Play System updates, new VPN capabilities, and how Google Play Protect works to help protect enterprise devices. Android 10 also has a number of improvements that provide better security and privacy for employees, whether they are bringing their own devices to work or using ones issued by their employer. 

Additionally, the paper outlines key updates to the personal and corporate data separation of the Android work profile; details on device and profile management; and how the Android team continues to enhance and extend our defenses with initiatives like the Android Security Rewards program and the App Defense Alliance.

We recently shared how Android 10 delivers an abundance of helpful features for enterprises. Today, we’re shining a spotlight on some of the new security and privacy features in Android 10, which give IT admins new tools and protections to help keep their device fleets prepared against the latest threats.

Updatability enhancements

Getting reliable security updates is critical for enterprises, who want the latest protections for their devices. Android 10 introduced Google Play system updates, building on the work of Project Mainline, which focused on a simpler and faster method to deliver updates to the Android ecosystem. Many essential components like media codecs, time zone data, DNS resolver, and Conscrypt are now modularized, enabling them to be updated through Google Play. 

Google Play system updates can be delivered more directly and uniformly across the ecosystem, as vulnerabilities can be patched from Google Play without a full operating system update.

Our security efforts are regularly evolving to better meet ecosystem needs. For example, the 2015 Stagefright vulnerability accelerated patching security vulnerabilities across different device makers with our monthly security updates program. This has led to substantial progress in ecosystem security. Google Play system updates create a stronger framework for quickly and comprehensively addressing future vulnerabilities. We can accelerate the delivery of a patch and make the update available through Google Play, giving greater consistency to the whole ecosystem.

Strengthening data protections

Protecting data in transit and on the device are essential elements to mobile security in an enterprise setting. In Android 10, we added support for TLS 1.3 and made it the default, but TLS 1.2 is still supported.  TLS 1.3 protects more of the handshake process and can be up to 40 percent faster than previous versions.  With better encryption, it enhances the protection of device identities and removes some obsolete and less secure features.

TLS 1.3 removes support for weaker cryptographic algorithms and uses a newly-designed handshake that fixes a number of weaknesses in TLS 1.2. Additionally, it no longer supports certificates that use SHA-1 hash algorithms.

Storage encryption is also critical to enterprise security. All Android 10 devices are required to encrypt user data. While most devices achieve this through the Advanced Encryption Standard (AES), Android 10 uses a new encryption mode called Adiantum, which expands encryption to a wider range of hardware, such as devices with lower-end ARM processors that do not support AES extensions.

Safeguarding app installs with Google Play

Google Play uses a number of tools to deter the installation of malicious apps on devices. Application signing validates that an app has been properly signed by the developer, which indicates it has been submitted unmodified for installation on Android devices. 

Android 10 supports the latest APK signature scheme, which better secures apps against malicious activity. Together with Google Play Protect, Android 10 continues our efforts in applying best-in-class data and device protection.