It seems we are living in an Android world, with 60 per cent of the consumer mobile device market dominated by the OS. And with the bring your own device (BYOD) trend gathering momentum, Android’s presence is also growing in the enterprise space - to the dismay of CIOs who want to protect corporate data and provide a standardised systems management environment.
There are now more than 550 Android device types, 48 manufacturers, and a multitude of carriers worldwide. To complicate things further, many of these firms have installed custom variants of the OS and added software to differentiate their offerings from the rest of the Android herd. This is great news for consumers as it offers them choice, but it sends chills up the spines of CIOs who have previously achieved management efficiency by standardising on only a few devices.
Each version of Android has improved management and security, but the vast array of devices on the market means it’s unlikely that enterprises will ever deal with only one device type. This doesn’t rule Android out, it simply means CIOs must arm themselves with the right protective measures. The heterogeneity of the platform means that enterprises looking to run the OS face a multitude of management uncertainties, including device controls, data usage and encryption - something all CIOs dread.
When a CIO makes the decision to adopt Android, one of the first issues he or she faces is user management. There is no inherent capability in the platform for extending and revoking privileges to individuals, tracking their usage, or notifying IT when devices violate policies. This is a stark contrast to the standardisation offered by Apple iOS Exchange ActiveSync (EAS) Support. Android natively does not support many of the EAS policies, leaving the responsibility to the CIO to figure out what does and doesn’t work.
On top of managing users, the CIO now has to handle increasing volumes of data, spread across various parts of the business. The more recent versions of Android support 4G networks, which consume data with a voracious appetite. However, as many carriers charge by gigabytes consumed as well as minutes of talk time, the business can be liable for significant overage charges if a device surpasses the limit. Users are often unaware of how much data they’re using.
But perhaps the biggest concern is encryption. Encryption of data is a key requirement for enterprises, from the standpoints of corporate policy as well as compliance. Prior to the release of version 3.0 Honeycomb in 2011, Android devices did not have any kind of hardware encryption. Sadly, Honeycomb was solely for Android tablets. A year later, close to 80 per cent of the existing Android phones on the market are running Android versions that do not support encryption, with the most prevalent being versions 2.2 and 2.3. This presents a substantial risk of email, calendar, and contact information being compromised by prying eyes.
The latest version of Android 4.0 does support device encryption and runs on both tablets and smartphones, but as it was released late in 2011, it’s not running on most devices. As a result, with more employees bringing Android phones into the workplace, CIOs must take extra measures to encrypt devices. Certain CIOs are already exploring a more flexible approach to enterprise application management, which lets them automate security rules, continuously monitor devices and detect any threats.
Android is here to stay, and there can be no denying that it has the potential to become the operating system of choice for many enterprises. Its open source nature with no licensing fees alongside its flexibility for application integration is an attractive proposition for CIOs. However, its lack of maturity in the enterprise space and openness leave it exposed to external threats. Only by deploying the right mobile device management solution can CIOs have any hope of ensuring that enterprise adoption of the world’s most popular mobile OS turns into a dream, and not a nightmare.
• Neil Florio is VP marketing at Fiberlink