Avoiding Android Angst

It didnt take long for Android to get itself noticed. It took just two years from the debut of Googles mobile OS for sales of smartphones running Android to exceed unit sales of Apples iPhone. While smartphones arent the only mobile game in town any more (the tablet market is still very much in flux), there can be no doubt that Android will remain at the centre of the mobile platform wars for the foreseeable future.

For enterprise IT departments that are ready to support it, Android can be a mixed bag. Android has many strengths as an OS, including its openness, diversity of form factors, and ease of development and application distribution.

Together, these characteristics make it a fabulous platform for the enterprise. But there are challenges as well, and those challenges will be particularly arresting for those that have grown used to the development model employed by the iPhone. While these two competing platforms may have achieved a relative parity in their popularity, the development and management philosophy behind them couldnt be more different.

Slings and arrows of open source
In the iPhone world, predictability reigns. Firmware updates are dictated by Apple, as are the interfaces for providing device management. Regardless of how many manufacturers may become licensed to sell an iPhone, from an IT perspective, there will be little, if anything, to differentiate those device offerings.

The Android operating system, on the other hand, was forged in the crucible of the open standards movement. As demonstrated years ago with Linux, for better or worse, openness is a leading cause of fragmentation. There are dozens of mobile device manufacturers implementing Android, and every one of them has the option to implement device management features however they choose.

Different Android devices, even from the same manufacturer, will be running a different version of the OS, and it is up to each manufacturer (in concert with the carrier partner) to decide when to push firmware updates directly to the devices.

The reward for tolerating the challenges of fragmentation is device specialisation. With dozens of available form factors, each with widely varying characteristics, its easy for businesses and consumers alike to find the exact device they need. Specialisation makes Android as appropriate in the enterprise as it is for consumers. But it doesnt prevent the ensuing management headache.

Groping for control
Android may be the equal of its mobile OS competitors in most respects, but because of its openness, it has comparatively few enterprise management capabilities built in. Unlike the iPhone, for which Apple has codified dozens of specific mobile device management (MDM) interfaces that are consistent across all iPhone devices, Google has given the Android OS just six management controls, and leaves the rest up to device makers. 

Slowly but surely, hardware vendors are coming to the realisation that providing a formal MDM may be worthwhile. Samsung has been a leader in this undertaking; it has released an MDM comprising more than 80 controls that enterprises and platform vendors can use to reliably and securely manage Samsung devices.

Other vendors could follow Samsungs example in the future. But that wont happen quickly. Until the watershed moment when a device-specific MDM is available from every manufacturer (or from Google itself), enterprises will need a simple and effective alternative for management and manipulation of OS features.

Androids user-based security model can be equally problematic. The platforms unrivalled ease of development helps fuel an active, but unmonitored, application marketplace: Google Market. The low barrier to entry means that the market has nearly 100,000 apps available for download at any time, and any one of them could be harbouring malware that enterprises dont want anywhere near their corporate data.

With few management capabilities built into the base OS, a user-based security approach, and a very fragmented device marketplace, Android provides plenty of challenges for the enterprise. All of which makes it critically important that organisations have a strategy to take control of these issues. This strategy should include the employ of a management platform, which does the heavy lifting of dealing with device differentiation behind the scenes, saving IT uncountable hours in addressing device management security on a model-by-model basis. It should also establish clear ground rules and policies in full recognition of these unique challenges of supporting Android.

Essential preparation
The following five ground rules are essential preparation for Android-inclusive mobile device support:

Figure out which devices your users have or want to use with the corporate network – When supporting Android, youll need to know the rough mix of device models and manufacturers – not just the OS.

Determine which back-office systems users want to access – To discover your management task list, you will first need to know which devices will be accessing which applications.

Sort user devices by the Android version in use, and set appropriate policies for each group – If you are in the habit of determining governance policies for mobile users based on workgroup or job function, you will have to evolve your methods to support Android. Expect to set your governance policies based on the OS version instead.

Set up filters to control access – By blocking access to corporate data from untrusted applications, you can limit organisational risk from new downloads that may harbour malware.

Add password and encryption policies, plus remote wipe – These are the bare minimum for securing a personally-owned mobile device, regardless of OS.

For all of these tasks, a mobile device management platform can ease the IT burden by absorbing device-specific complexity. Regardless of the actual mix of devices that access your network, enterprises can rest easy that corporate assets will not be endangered, and that all users – Android or otherwise – will be adequately supported.

Mark Jordan is Afaria product manager at Sybase