This post is from the Apperian blog and has not been updated since the original publish date.
Are You Handling Android in the Enterprise the Right Way?
The release of the first iPhone seven years ago led to the inevitable use of personal smartphones in the office and sent enterprises scrambling to come up with policies to regulate the burgeoning bring your own device (BYOD) movement. While a majority of organizations now have mobile device policies in place in one form or another, the growing popularity of Android in the enterprise has brought to light a number of additional issues to contend with.
What does it mean to 'support Android'?
Unlike iOS, which is proprietary to Apple, Android is available on thousands of different devices produced by dozens of various manufacturers. In fact, a recent survey of Android devices conducted by OpenSignal -- a wireless coverage mapping company -- found nearly 12,000 different Android devices currently in use
This level of fragmentation -- which includes unique combinations of OS version, chipset, and hardware -- sheds light onto what it really means to ‘support Android in the enterprise’. The challenge for companies is to come up with a set of policies that adequately cover the range of devices available on the market today.
The elephant in the room: Mobile App Security
Compared to the iPhone and iPad, Android devices exist in the tech equivalent of the Wild West, and bringing Android into the enterprise opens up a multitude of mobile app security concerns. A recent report revealed that 97% of mobile malware is on Android -- not something organizations want to hear. Viruses and other malware can potentially siphon information from devices, transforming a smartphone from a useful tool to a dangerous weapon.
Android in the Enterprise: Solutions and Policies
Organizations must walk a fine line when defining enterprise mobility management policies. While it is vital to ensure that sufficient measures are in place in order to protect sensitive data, organizations should also be careful not to infringe upon the rights of device owners. This is easily done at the app-level by implementing a mobile application management (MAM®) approach.
Containerize Enterprise Apps
Perhaps the best single-solution for dealing with Android in the enterprise is to containerize enterprise applications. App containerization effectively insulates applications (and their data) from the rest of the device, and can act as a protective barrier against potentially malicious software located elsewhere on the device. Containerized apps can feature useful security measures such as; encryption, single sign on (SSO) authentication, and the ability to remotely wipe corporate data.
Require Anti-Virus Software
Organizations wary of Android’s susceptibility to malware may want to think about implementing a policy requiring device owners to download anti-virus software before using them in the workplace. There are several effective free antivirus apps currently available on the Google Play store.
Keep BYOD-ers up to date
A little information can go a long way and it’s good to keep in mind that device owners are just as interested in keeping their device safe as enterprises are in keeping their data secure. Do some research and put together a list of recommended applications (i.e. ‘safe apps’) for employees. Offer guidance on how to identify potentially malicious apps, and keep BYOD-owners up to date on the latest security breaches and threats.
Be proactive, not reactive
Protecting the enterprise without overstepping boundaries is a challenging dilemma for technologists, and is an issue that will naturally evolve as the mobile industry continues to shift. The key for organizations wanting to take advantage of the BYOD movement is to stay informed and work to create proactive policies to ensure security, rather than simply reacting to known threats.