Google details security features in Android 7.0 'Nougat'

Google shared information on the best new security features in its next major mobile OS update, Android 7.0 'Nougat,' including a faster direct boot, streamlined software updates and enhanced integration with corporate directories.

During an hour-long Hangouts web chat for the media and select IT professionals, Google today provided a glimpse of some of the new security features in its upcoming mobile OS, Android 7.0 "Nougat," which should be available on Google Nexus devices "in a few weeks," according to the company.

The online briefing wasn't meant to be exhaustive. Instead, it provided a top-level look at a set of new security and management tools in Android Nougat and Android for Work. Here's a breakdown of some of the most notable security improvements in Nougat, for Android users and IT administrators.

Android Nougat 7.0 platform-security enhancements

1. Direct boot and stronger encryption

Android Nougat users who encrypt their phones will no longer have to enter a security code after a reboot and then wait for their devices to restart in order to use core native features. Google apps including the phone and alarm will work on encrypted phones after a reboot, but the passcode will be required to access data using those apps, such as a phone contact list.

android 7 nougat direct boot Google

New file-based encryption works at a more granular level to better isolate users and profiles in Android. And hardware-backed encryption keys are required for all new Android phones that run Nougat.

2. Stronger MediaServer and platform hardening

Google caught a lot of flack related to flaws in its Android MediaServer components that enabled the Stagefright attacks earlier this year, and it says it strengthened the MediaServer in many ways. For example, Android 7.0 Nougat gives attackers who might breach MediaServer access to fewer permissions, according to Google.

Android Nougat also requires that all devices support verified boot, so corrupt phones or tablets won't start at all, or will only grant access to "safe" apps and services after they start, Google says.

3. App security and abuse prevention

Apps on previous Android versions used to be able to share user-granted permissions with other apps much more easily, according to Google. In Nougat, the company cracked down on permission sharing between apps. And apps with device admin permissions in Android Nougat can no longer prevent users from uninstalling them or change users' PIN, passwords or codes to lock them out of their devices.

4. 'Seamless' Android updates

When Nougat software updates are available for new phones, users can choose to download and install them in a separate on-device partition, so they don't need to stop using their phones or tablets during the process. The next time they reboot their phones, the new software will auto-install much more quickly than in the past, according to the company. Unfortunately, only new phones optimized for Nougat will have access to this feature.

Google also says it removed the annoying "app optimization" step of the Android upgrade process, so Nougat devices won't be useless for 10 minutes or more after a new OS patch is applied, while apps optimize for the changes.

Android Nougat 7.0 corporate-security enhancements

Google didn't provide as many specifics about the IT security features in Nougat, but it did offer a glimpse of some of the most interesting improvements.

1. Nougat's 'always-on VPN'

An enhanced "always-on VPN" feature lets IT force certain business apps to use a VPN to connect to the web. If a VPN isn't available or can't connect, the apps won't work or share any data.

2. Android 'work security challenge'

A "work security challenge" feature lets IT set separate, complex passcodes on users' devices to protect specific work data, using Android profiles, and users can employ simpler PINs or codes to access their personal data. IT can set lock restrictions for specific apps, and admins can choose to use different looking login screens so users visually know when they log into corporate services.

3. 'Work mode' in Nougat

A new "work mode" icon in the Android Nougat dropdown menu, which looks like a briefcase, lets user disable all work related apps after hours or when they don't want to be distracted.

android 7 nougat work mode Google

4. Nougat phone and dialer tweaks

The Android 7.0 Nougat dialer component further integrates with corporate systems and directories, according to Google, and users can search both work and personal contact lists from one place. If a business user receives a call from someone in their work directory, their caller ID can be set by admins to notify them that the call is likely work related. Call logs can be separated into business and personal lists. And other UX modifications aim to make it clear when calls or contacts are personal or work related.

android 7 nougat work dialer Google

Google also said many of the work-versus-personal changes are meant to serve as a "foundation for a second phone line for business" in addition to a personal line on a single device. In fact, APIs already exist that enable certain VoIP apps to create separate phones lines within a single dialer in Android Nougat, according to Google.

5. QR code provisioning in Nougat

A new Nougat feature lets IT admins provision devices that don't support the NFC "Android bump" feature, using a QR code.

6. New remote bug reports and process logging

Enhancements to Android's remote diagnostic tools in Nougat give admins more options to request remote bug reports, though in many cases, users must approve the requests for access to potentially sensitive information.

Google said it will provide additional details on Android 7.0 Nougat and Android for work when the new mobile OS is released in the coming weeks.

AS

Join the PC World newsletter!

Error: Please check your email address.

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Al Sacco

CIO (US)
Show Comments

Cool Tech

Crucial Ballistix Elite 32GB Kit (4 x 8GB) DDR4-3000 UDIMM

Learn more >

Gadgets & Things

Lexar® Professional 1000x microSDHC™/microSDXC™ UHS-II cards

Learn more >

Family Friendly

Lexar® JumpDrive® S57 USB 3.0 flash drive 

Learn more >

Stocking Stuffer

Plox Star Wars Death Star Levitating Bluetooth Speaker

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?