Learn how Android Enterprise helped Leroy Merlin deploy 15,000 mobile devices across Spain.
Learn how Android Enterprise helps Brink’s Brazil manage sensitive data and improve IT support for its employees.
Work profile can help you prevent data breaches, easily manage devices and improve employee productivity.
Learn how Scottish law firm Brodies uses Android Enterprise to protect company data and employee privacy.
Learn how Scottish law firm Brodies uses Android Enterprise to protect company data and employee privacy.
Android 13 gives businesses using Android Enterprise new ways to get more out of their devices — including an upgraded Android Management API, an easier-to-use work profile, and more ways for IT admins to manage and protect company and employee devices. Let’s take a closer look at these new business features.
Starting with Android 13, the Android Management API goes beyond just managing device policies. It can now customize employee experiences on corporate devices, like device provisioning and user settings. This also means the Android Enterprise team can roll out helpful new features and management capabilities more frequently, starting with devices running Android 13.
Work profile already helps keep company data accessible and secure, and personal profile data private and separate — all on a single device. In Android 13, work profile gives employees an even smoother experience, offering a simpler design, improved productivity and new cross-device capabilities.
Navigating between work and personal profiles is now more intuitive, all while respecting cross-profile admin policies. Employees can choose to open an app in either their work or personal profile, depending on where it’s installed. If they’d prefer to keep work-related content out of their personal apps — so a work-related training video on YouTube doesn’t affect their personal watchlist, for example — they can choose to access that content in their browser instead. Employees can also switch between work and personal photo galleries when sharing pictures with an app, granting access only to selected files rather than their entire media library.
You’ll find more productivity tools in work profile, too. Smart dictation is now available in work profile apps on Pixel devices, so Android's dictation recommendations stay separate — keeping corporate jargon dictated for work emails out of personal chats. All Android 13 devices can also now use Near-field communication (NFC) from work apps to enable use cases like digital access badges and tap-to-pay from work profile.
More productivity features are coming soon to Android 13, thanks to new integrations between Phone Hub and Android and ChromeOS. Employees will be able to securely respond to and access work information that’s on their phones — including messages, notifications and pictures — from their corporate Chromebooks. And those interactions will be protected by end-to-end encryption and company management policies.
With each new release, Android Enterprise’s security protections get even stronger with new management capabilities, user controls and platform improvements.
For example, on a new central hub, employees can manage device security and privacy settings, and view company policies applied on the device as well as device data shared with IT admins.
Android 13 also gives IT admins more control over device Wi-Fi connectivity for features like Wi-Fi Direct and Wi-Fi tethering. It adds security logs for Wi-Fi, Bluetooth and password activities in line with National Information Assurance Partnership (NIAP) requirements. And for faster security patches, Android 13 has added Bluetooth and ultra-wideband (UWB) to the list of more than 30 modules that can be updated remotely through Google System Updates.
New features like Lost Mode and Stay Private on Work Wi-Fi are coming soon to Android 13. When Lost Mode is activated, IT admins can lock down and locate company-owned devices, prevent unauthorized access and display company contact information on the device screen. Meanwhile, Stay Private on Work Wi-Fi will further improve employee privacy by automatically encrypting and routing network traffic for personal profiles when employees are on company Wi-Fi. Both features will be available through the Android Management API.
Ready to put Android 13 to work for your business? Sign up for our webinar on September 29 to learn more about how Android 13 is supporting today’s working world.
Today’s employees are just as likely to work from home as they are from the office. As a result, maintaining security on mobile devices has never been more challenging — and failing to do so has never been riskier.
Businesses of all sizes rely on Android Enterprise as their front line of defense to help keep enterprise data secure and employee data private. Through a hardened operating system, strict hardware requirements, security services and comprehensive enterprise mobility management (EMM) policy controls, Android Enterprise provides businesses and organizations with the multi-layered security and tools they need to secure their workforce.
Even still, we wanted to put Android Enterprise to the test. So Google engaged NCC Group, an IT security assessment firm, to evaluate how well Android Enterprise performed based on the U.S. Department of Defense’s (DoD) own security configuration requirements.
NCC Group tested a Google Pixel device with Android 12 against the DoD’s Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIG), which provides standardized guidance for information technology systems across the U.S. federal government. After thorough testing, NCC Group found no “CAT I” issues, which indicate the most serious security concerns — like the ability to gain complete and immediate control over a device. They identified two “CAT II” risks, which imply a relatively low threat to the device and have since been resolved. Finally, NCC Group found only three “CAT III” risks, which are purely informational and pose no immediate threat to the device.
Read the full report.
In short, Android Enterprise held up exceedingly well under testing. That’s good news for all Android Enterprise customers, especially since both public and private sector organizations use the DISA STIG as a baseline configuration when deploying Android smartphones and tablets.
Visit the Android Enterprise security page to learn more about our security features, like built-in anti-malware through Google Play Protect and personal and work data separation through the Android work profile.
Editor's note: Today’s post is by Simon Hardy-Bistagne, Director of Solution Architecture for Schneider Electric. The global company specializes in energy management and automation, with operations in more than 100 countries.
At Schneider Electric, we are responsible for providing sustainability and energy management systems for a global customer base. As the Director of Solution Architecture for our digital workplace, I lead a team that ensures our employees have access to all of the collaborative tools they need from wherever they’re working.
Android Enterprise is key to securely and flexibly managing Schneider Electric’s global workforce devices. We support a wide range of device-use scenarios for our employees, from fully-managed devices to personal smartphones securely enrolled with the Android work profile. The extensive, customizable and secure controls available with Android Enterprise ensure we are giving our teams the resources they need no matter where they’re working while protecting critical corporate applications and data.
We manage devices in over 117 countries. Android Enterprise has helped us shift to new working styles and embrace employee choice and work-life balance with powerful controls that meet our security needs. By enrolling personal devices with the Android work profile, we know that we are not only protecting our data and services, but we can prove to our employees that, with the work profile, “What you have here is your work life, what you have here is your personal life.” And that has revolutionized the way our teams use their mobile devices.
Security is at the core of everything we do, both from the perspective of servicing our customers and protecting our own corporate resources. So when we talk about implementing security and management services through Android Enterprise, it’s fundamental to get those basics right. Through Android Enterprise, we have powerful tools for safeguarding devices — like preventing the installation of unknown applications, disabling debug mode and preventing devices from being rooted. Putting these requirements and other key security configurations in place for both personal and company-owned devices is essential for our global business.
Thanks to the flexibility of Android Enterprise, we can also support a wide range of device use cases. For some employees, we use fully-managed mode for devices dedicated to specific tasks. Others who only want one phone for work and personal use can use a device with the work profile. And with managed Google Play, we can make both internal and public apps available on devices.
Enrollment choice is important as well. We use devices from a variety of vendors, and we can set up those devices with the method that works best for each situation — like zero-touch enrollment or Samsung Knox Mobile Enrollment. With these options, end users can get the applications they need on their corporate devices and use them right away.
We also value the flexibility of allowing our end users to purchase their own Android device, or ask our IT team to enroll a personal device they’ve used for a couple of years. They can bring their device and easily enroll it into our managed estate with Android Enterprise.
Hybrid work is our present and future, and Android Enterprise is helping us navigate that. It gives our employees the flexibility in device choice and management mode, and it gives my team comprehensive and effortless management tools that meet the security needs of our global operations.
To hear more about our mobility strategy, watch my discussion with Android Enterprise Security Specialist Mike Burr from The Art of Control digital event.
With hybrid and remote work as the new norm, effectively managing the growing number of mobile devices has become even more important for businesses. In fact, 84% of IT leaders are investing more in enterprise mobility, with mobile security and device management topping their list of priorities.
But just spending more on security and management solutions doesn’t necessarily provide the right level of control over enterprise data. And it can often make device management overly complex and costly to maintain. For mobility to truly work in the long term, it’s critical to balance strong platform security with effortless, flexible management that scales to specific needs around user choice, privacy and control.
Android Enterprise has made big investments to help businesses manage mobility on their terms, with strong, built-in and proactive security that is proven at scale; a spectrum of capabilities for every business; and effortless, consistent and cost-effective management. Today, we’re sharing a number of new features and updates to help you successfully balance your needs and achieve your mobility goals with Android Enterprise.
For years, we’ve developed multiple layers of security for business customers — from hardware to Google security services and enterprise management tools. In fact, research firm Gartner has consistently awarded the highest security ratings for a mobile OS to Android’s operating system with Google apps and services.
Android 12 extends our commitment to the multi-layered protections of Android.
With Android 12, we’re introducing even more features for enterprise customers — including improving password complexity controls to make it easier to protect company data, and disabling USB signaling on company-owned devices to limit USB-based attacks. We’ve also launched additional privacy-preserving security controls for the Android work profile, like network logging of work apps. Read more about these Android 12 enterprise features.
Android 12 includes new privacy controls and transparency for employees
Android 12 already meets the most rigorous deployment requirements, including the United States Department of Defense's Security Technical Implementation Guide. And since we believe scrutiny and transparency are key to improving security, we’ve launched a new Android Enterprise category as part of the Android Security Rewards Program. We’re offering a reward of up to $250,000 for a full exploit on a Pixel device running Android Enterprise.
As more mobile workers access data from remote devices outside of traditional security perimeters, companies are increasingly pursuing a Zero Trust security model. This means trust is never assumed, and access to corporate resources is continuously verified. We’ve developed many APIs and tools to support Zero Trust on Android, allowing organizations to tier access based on extensive device-based signals and security information.
We’re now supercharging the role of identity providers in Zero Trust environments on Android. Connecting their first-hand understanding of the user with a full breadth of device trust signals, identity providers can build a comprehensive analysis of trustworthiness before granting access to corporate resources. To make this happen, we are working with industry leaders to move beyond WebView for authentication and embrace Custom Tabs, which we believe is the best way for developers to integrate authentication into their apps.
While WebView is a flexible and powerful component for rendering web content, Custom Tabs are more modern and full-featured, allowing identity providers to gather device trust signals, improve employee security and enable single-sign-on across apps and the web. We’re partnering with Okta, Ping Identity, and ForgeRock to move the industry towards modernizing authentication.
Every organization is different, and has different management needs. So we’ve built a range of device management capabilities that can easily serve businesses across all sizes and sectors — whether you are managing a startup or a highly complex enterprise.
Android Management APi is the recommended method of management for customers and partners
For companies who use Android Enterprise with an Enterprise Mobility Management (EMM) solution, we’re making management even more powerful, secure and user friendly with Android Management API. Built by the Android team at Google, this cloud-based API ensures customers receive the fastest delivery of all of our enterprise features, with best practices and Android Enterprise Recommended requirements set by default. And with the newly launched Android Management API Extensibility framework, EMMs can adjust Android Management API capabilities on the fly using on-device signals to trigger immediate policy changes and solve for unique and evolving business needs.
With this update, we’re publicly recommending Android Management API to customers and partners as our preferred method of management. More than 60 EMMs — including Microsoft, Citrix, and Google Workspace — have already launched solutions based on Android Management API with many more coming soon.
For our customers with fewer management requirements and IT resources, we launched Android Enterprise Essentials earlier this year to help provide automatic security. We’re now expanding reseller support to Mexico, Italy and Spain this quarter.
One of the unique features of Android is the work profile, which has helped employees boost productivity, keep their personal apps and data private, and achieve a better work-life balance. And for organizations, it’s improved security for business apps and data. Previously, the work profile was only available on managed devices. Now, we’re planning to bring those same work profile benefits to unmanaged users with a business identity, too.
The Android work profile will become available to unmanaged Google Workspace users next year
This will eventually allow anyone using Android for business purposes to separate work and personal apps in one interface and pause all work-related apps in one click. This will be available to Google Workspace users first starting next year, with plans to expand to more identity providers soon after.
On October 27, we're hosting a special event to talk about these new security and management solutions — and even more to come — to help you manage mobility your way. Register for the Art of Control, and find out how we’re bringing together security and management into one, uncomplicated offering. You’ll also hear from customers like the FBI, Walmart, and Schneider Electric about how they’re using Android Enterprise to achieve effortless control.
Editor’s note: Today’s guest post is from William Vincent, Financial Controller, S. Morris Ltd.
S. Morris Ltd. is a family-owned business that creates and delivers high-quality construction materials to customers throughout southwest England. With products like concrete blocks and bricks, ready-mix concrete and flooring materials, we provide our customers with many of their building project essentials.
Strong customer service and timely delivery are key to our success, and we’re always looking to refine our operations. In fact, we recently shifted our ordering and delivery confirmation processes from paper to digital. As part of this move, we wanted to provide mobile devices to our delivery drivers so they could easily confirm orders and accept digital signatures.
To protect company data, we needed to have the right device management. But we didn’t want an overly complex solution. My team has many responsibilities, so we needed a smooth and efficient way to manage these devices. Android Enterprise Essentials was just what we were looking for — an easy way to manage Android devices with the security controls we needed to ensure data security and privacy for our small business.
Simple, secure device management
Setting up devices and getting them into the hands of our delivery drivers was quick and easy. We selected Samsung Galaxy A02 devices from our service provider Tela, which arrived at our office ready to use, right out of the box.
With Essentials, we were able to enforce necessary security policies, like requiring a PIN code to unlock the device and ensuring that the malware protection provided by Google Play Protect is always in place. Our devices are regularly shared among different drivers we contract with, some of whom will also work for our competitors. So when a contractor has completed their assignment, I simply jump into the portal and assign a new PIN to a device.
Our delivery teams have a lot to keep track of. With Android devices, they now have access to business-critical apps that make the delivery process smoother for our team and customers. And Essentials ensures that this customer data is secure on the device. No more paper receipts, and our inventory is automatically up to date.
New digital efforts through Essentials
Our success with Essentials has inspired us to look at other areas of the business that would benefit from digitization through Android — like capturing, sharing and saving information more efficiently. With Essentials’ security features and simple management tools, we’ll have the ability to scale our efforts with ease.
