Google details security features in Android 7.0 'Nougat'

Google shared information on the best new security features in its next major mobile OS update, Android 7.0 'Nougat,' including a faster direct boot, streamlined software updates and enhanced integration with corporate directories.

During an hour-long Hangouts web chat for the media and select IT professionals, Google today provided a glimpse of some of the new security features in its upcoming mobile OS, Android 7.0 "Nougat," which should be available on Google Nexus devices "in a few weeks," according to the company.

The online briefing wasn't meant to be exhaustive. Instead, it provided a top-level look at a set of new security and management tools in Android Nougat and Android for Work. Here's a breakdown of some of the most notable security improvements in Nougat, for Android users and IT administrators.

Android Nougat 7.0 platform-security enhancements

1. Direct boot and stronger encryption

Android Nougat users who encrypt their phones will no longer have to enter a security code after a reboot and then wait for their devices to restart in order to use core native features. Google apps including the phone and alarm will work on encrypted phones after a reboot, but the passcode will be required to access data using those apps, such as a phone contact list.

android 7 nougat direct boot Google

New file-based encryption works at a more granular level to better isolate users and profiles in Android. And hardware-backed encryption keys are required for all new Android phones that run Nougat.

2. Stronger MediaServer and platform hardening

Google caught a lot of flack related to flaws in its Android MediaServer components that enabled the Stagefright attacks earlier this year, and it says it strengthened the MediaServer in many ways. For example, Android 7.0 Nougat gives attackers who might breach MediaServer access to fewer permissions, according to Google.

Android Nougat also requires that all devices support verified boot, so corrupt phones or tablets won't start at all, or will only grant access to "safe" apps and services after they start, Google says.

3. App security and abuse prevention

Apps on previous Android versions used to be able to share user-granted permissions with other apps much more easily, according to Google. In Nougat, the company cracked down on permission sharing between apps. And apps with device admin permissions in Android Nougat can no longer prevent users from uninstalling them or change users' PIN, passwords or codes to lock them out of their devices.

4. 'Seamless' Android updates

When Nougat software updates are available for new phones, users can choose to download and install them in a separate on-device partition, so they don't need to stop using their phones or tablets during the process. The next time they reboot their phones, the new software will auto-install much more quickly than in the past, according to the company. Unfortunately, only new phones optimized for Nougat will have access to this feature.

Google also says it removed the annoying "app optimization" step of the Android upgrade process, so Nougat devices won't be useless for 10 minutes or more after a new OS patch is applied, while apps optimize for the changes.

Android Nougat 7.0 corporate-security enhancements

Google didn't provide as many specifics about the IT security features in Nougat, but it did offer a glimpse of some of the most interesting improvements.

1. Nougat's 'always-on VPN'

An enhanced "always-on VPN" feature lets IT force certain business apps to use a VPN to connect to the web. If a VPN isn't available or can't connect, the apps won't work or share any data.

2. Android 'work security challenge'

A "work security challenge" feature lets IT set separate, complex passcodes on users' devices to protect specific work data, using Android profiles, and users can employ simpler PINs or codes to access their personal data. IT can set lock restrictions for specific apps, and admins can choose to use different looking login screens so users visually know when they log into corporate services.

3. 'Work mode' in Nougat

A new "work mode" icon in the Android Nougat dropdown menu, which looks like a briefcase, lets user disable all work related apps after hours or when they don't want to be distracted.

android 7 nougat work mode Google

4. Nougat phone and dialer tweaks

The Android 7.0 Nougat dialer component further integrates with corporate systems and directories, according to Google, and users can search both work and personal contact lists from one place. If a business user receives a call from someone in their work directory, their caller ID can be set by admins to notify them that the call is likely work related. Call logs can be separated into business and personal lists. And other UX modifications aim to make it clear when calls or contacts are personal or work related.

android 7 nougat work dialer Google

Google also said many of the work-versus-personal changes are meant to serve as a "foundation for a second phone line for business" in addition to a personal line on a single device. In fact, APIs already exist that enable certain VoIP apps to create separate phones lines within a single dialer in Android Nougat, according to Google.

5. QR code provisioning in Nougat

A new Nougat feature lets IT admins provision devices that don't support the NFC "Android bump" feature, using a QR code.

6. New remote bug reports and process logging

Enhancements to Android's remote diagnostic tools in Nougat give admins more options to request remote bug reports, though in many cases, users must approve the requests for access to potentially sensitive information.

Google said it will provide additional details on Android 7.0 Nougat and Android for work when the new mobile OS is released in the coming weeks.

AS

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Al Sacco

CIO (US)
Show Comments

Cool Tech

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Breitling Superocean Heritage Chronographe 44

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?