Google Android security improves, but trails iPhone and BlackBerry

With the growing popularity of Android, IT administrators are facing demands to support smartphones from employees that use the open source mobile operating system.

With the growing popularity of Android, IT administrators are facing demands to support smartphones from employees that use the open source mobile operating system. But while security of Google Android is improving, IT pros say it hasn't quite caught up to the more mature platforms.

"Android still needs to make some improvements in its security model," says Randy Nunez, mobile computing lead at Ford Motor Co., which supports employee use of iPhone, BlackBerry, Symbian and Windows Mobile, but does not currently support Android. "Windows Mobile and BlackBerry had a head start and they have some very mature products in the space."

Android 2.2 on Motorola Droid: First impressions of Froyo|A Brief History of Android

The iPhone as well has become an accepted enterprise device, even though it was initially aimed at consumers.

Android is "following a parallel path with the iPhone," Nunez says. "With the iPhone 2.0, once they released support for Exchange ActiveSync and the passcode and security policies, it made it more difficult to say no," Nunez says. "And Android, with their 2.2 release, is following in the iPhone's footsteps in that way."

David Glenn, director of enterprise operations for Del Monte Foods, a San Francisco-based food production and distribution company, says smartphones need to provide at least three key security features in order for his company to support it. The phone must force users to type a password in order to bring it up from an idle state; IT must be able to remotely wipe data from the phone; and data on the phone must be encrypted.

"It has to meet those requirements or we cannot roll it out," Glenn says.

Del Monte Foods has approved employee use of a limited number of Android phones. Glenn himself uses a Motorola Droid X.

"We do support the Droid X and we're looking at the Droid 2 right now," Glenn says.

As Nunez mentioned, the 2.2 version of the Android operating system has bolstered security. Motorola has even launched an Android phone aimed at the BlackBerry market, called the Droid Pro, with security features including the ability to remotely wipe data from the phone and the MicroSD card. (Play the Google Android quiz.)

Android encryption

Google's Android now supports numerous features in Microsoft's Exchange ActiveSync, including SSL encrypted transmission and remote wipe.

"Android 2.2 provides a number of enhanced Exchange features, like the addition of the numeric pin password options, remote wipe capabilities, things like that which make it more palatable for enterprises to adopt," Nunez says.

Although software-level encryption in Android 2.2 is an improvement, Android still does not support hardware-based encryption, according to Kaspersky Lab virus researcher Tim Armstrong.

With software-level encryption, it's easier for a hacker to take data off a Micro SD card, whereas with hardware-level encryption the data on the removable storage card is "really locked to a chip on the electronics within the phone," according to Armstrong.

Software encryption is "less of a roadblock, basically," he says. There's been talk of adding hardware encryption in Android 3.0, but for now that's "all speculation," Armstrong says.

Android app concerns

The Android Market may also open up security holes, Armstrong says. Whereas Apple reviews the code of apps before they go on the iPhone App Store, Google does not, he says. Further complicating matters is that Android lacks the kind of back-end administrator-level policy enforcement that would let IT shops block installation of certain types of applications.

"You can't really lock the phone down like you can with iPhone and BlackBerry," Armstrong says.

Locking phones down is important because "data leakage is a big challenge," Nunez says. "These phones are very easy to lose. If we don't have a way of securing the data there is a chance for misuse of the data."

The reality IT shops face is that users who own Android phones may attempt to hook them up to Exchange so they can access work e-mail, even if the IT department doesn't technically support the phone.

If an IT department sets strict security policies, Android owners who try to hook their phones up to the company's Exchange server may receive an error message saying the server requires security features the phone does not support.

However, there are third-party e-mail applications that convert Outlook Web Access into a standard-looking smartphone e-mail interface. This means Android users can get push e-mail, store e-mail messages on their phones, and get new e-mail without having to type in a password each time, even if their IT departments don't support Android.

This type of activity is more worrisome to IT than a user accessing Outlook Web Access on a phone's Web browser, because the browser doesn't store e-mails and it forces the users to type in a password each time they navigate to the site.

Businesses are, however, increasingly spending money on Android phones, in addition to BlackBerries and iPhones. A ChangeWave survey of 1,600 corporate IT buyers found that 16 per cent are providing Android to users, up from three per cent last November.

While BlackBerries are typically issued to employees by IT departments, the advent of the iPhone and Android has consumers demanding to use their personal smartphones at work. Ideally, Nunez says IT departments should be able to enforce separation of personal and business data. But that probably won't be a deal-breaker when it comes to deciding which phones are approved for corporate use. "The separation of personal data and business data is ideal," Nunez says. "But as long as the enterprise IT department can manage the device and secure the corporate data and wipe the device, it can go a long way toward enterprises adopting personal devices for corporate use."

Follow Jon Brodkin on Twitter:

Read more about anti-malware in Network World's Anti-malware section.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags smartphonesMotorolaGooglewirelessNetworkingsymbianFordPhonesconsumer electronics

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jon Brodkin

Network World
Show Comments

Cool Tech

Toys for Boys

Family Friendly

Stocking Stuffer

SmartLens - Clip on Phone Camera Lens Set of 3

Learn more >

Christmas Gift Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Aysha Strobbe

Microsoft Office 365/HP Spectre x360

Microsoft Office continues to make a student’s life that little bit easier by offering reliable, easy to use, time-saving functionality, while continuing to develop new features that further enhance what is already a formidable collection of applications

Michael Hargreaves

Microsoft Office 365/Dell XPS 15 2-in-1

I’d recommend a Dell XPS 15 2-in-1 and the new Windows 10 to anyone who needs to get serious work done (before you kick back on your couch with your favourite Netflix show.)

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Cathy Giles

Brother MFC-L8900CDW

The Brother MFC-L8900CDW is an absolute stand out. I struggle to fault it.

Luke Hill


I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?