Google Android security improves, but trails iPhone and BlackBerry

With the growing popularity of Android, IT administrators are facing demands to support smartphones from employees that use the open source mobile operating system.

With the growing popularity of Android, IT administrators are facing demands to support smartphones from employees that use the open source mobile operating system. But while security of Google Android is improving, IT pros say it hasn't quite caught up to the more mature platforms.

"Android still needs to make some improvements in its security model," says Randy Nunez, mobile computing lead at Ford Motor Co., which supports employee use of iPhone, BlackBerry, Symbian and Windows Mobile, but does not currently support Android. "Windows Mobile and BlackBerry had a head start and they have some very mature products in the space."

Android 2.2 on Motorola Droid: First impressions of Froyo|A Brief History of Android

The iPhone as well has become an accepted enterprise device, even though it was initially aimed at consumers.

Android is "following a parallel path with the iPhone," Nunez says. "With the iPhone 2.0, once they released support for Exchange ActiveSync and the passcode and security policies, it made it more difficult to say no," Nunez says. "And Android, with their 2.2 release, is following in the iPhone's footsteps in that way."

David Glenn, director of enterprise operations for Del Monte Foods, a San Francisco-based food production and distribution company, says smartphones need to provide at least three key security features in order for his company to support it. The phone must force users to type a password in order to bring it up from an idle state; IT must be able to remotely wipe data from the phone; and data on the phone must be encrypted.

"It has to meet those requirements or we cannot roll it out," Glenn says.

Del Monte Foods has approved employee use of a limited number of Android phones. Glenn himself uses a Motorola Droid X.

"We do support the Droid X and we're looking at the Droid 2 right now," Glenn says.

As Nunez mentioned, the 2.2 version of the Android operating system has bolstered security. Motorola has even launched an Android phone aimed at the BlackBerry market, called the Droid Pro, with security features including the ability to remotely wipe data from the phone and the MicroSD card. (Play the Google Android quiz.)

Android encryption

Google's Android now supports numerous features in Microsoft's Exchange ActiveSync, including SSL encrypted transmission and remote wipe.

"Android 2.2 provides a number of enhanced Exchange features, like the addition of the numeric pin password options, remote wipe capabilities, things like that which make it more palatable for enterprises to adopt," Nunez says.

Although software-level encryption in Android 2.2 is an improvement, Android still does not support hardware-based encryption, according to Kaspersky Lab virus researcher Tim Armstrong.

With software-level encryption, it's easier for a hacker to take data off a Micro SD card, whereas with hardware-level encryption the data on the removable storage card is "really locked to a chip on the electronics within the phone," according to Armstrong.

Software encryption is "less of a roadblock, basically," he says. There's been talk of adding hardware encryption in Android 3.0, but for now that's "all speculation," Armstrong says.

Android app concerns

The Android Market may also open up security holes, Armstrong says. Whereas Apple reviews the code of apps before they go on the iPhone App Store, Google does not, he says. Further complicating matters is that Android lacks the kind of back-end administrator-level policy enforcement that would let IT shops block installation of certain types of applications.

"You can't really lock the phone down like you can with iPhone and BlackBerry," Armstrong says.

Locking phones down is important because "data leakage is a big challenge," Nunez says. "These phones are very easy to lose. If we don't have a way of securing the data there is a chance for misuse of the data."

The reality IT shops face is that users who own Android phones may attempt to hook them up to Exchange so they can access work e-mail, even if the IT department doesn't technically support the phone.

If an IT department sets strict security policies, Android owners who try to hook their phones up to the company's Exchange server may receive an error message saying the server requires security features the phone does not support.

However, there are third-party e-mail applications that convert Outlook Web Access into a standard-looking smartphone e-mail interface. This means Android users can get push e-mail, store e-mail messages on their phones, and get new e-mail without having to type in a password each time, even if their IT departments don't support Android.

This type of activity is more worrisome to IT than a user accessing Outlook Web Access on a phone's Web browser, because the browser doesn't store e-mails and it forces the users to type in a password each time they navigate to the site.

Businesses are, however, increasingly spending money on Android phones, in addition to BlackBerries and iPhones. A ChangeWave survey of 1,600 corporate IT buyers found that 16 per cent are providing Android to users, up from three per cent last November.

While BlackBerries are typically issued to employees by IT departments, the advent of the iPhone and Android has consumers demanding to use their personal smartphones at work. Ideally, Nunez says IT departments should be able to enforce separation of personal and business data. But that probably won't be a deal-breaker when it comes to deciding which phones are approved for corporate use. "The separation of personal data and business data is ideal," Nunez says. "But as long as the enterprise IT department can manage the device and secure the corporate data and wipe the device, it can go a long way toward enterprises adopting personal devices for corporate use."

Follow Jon Brodkin on Twitter: www.twitter.com/jbrodkin

Read more about anti-malware in Network World's Anti-malware section.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags Motorolasymbianconsumer electronicsGoogleNetworkingsecuritywirelesssmartphonesPhonesFord

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jon Brodkin

Network World
Show Comments

Cool Tech

Breitling Superocean Heritage Chronographe 44

Learn more >

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?