- Enterprises are right to hold back on an endorsement of Android devices as part of their BYOD programs, but that may not stop employees from trying to go around policies that prohibit their use within the enterprise.
- IT shops that are developing or managing BYOD programs for their employers should evaluate the level of security that Samsung has built into its Knox containerization technology and, if they find that it is adequate, push their MDM/MAM suppliers and mobile application developers to support it.
As enterprises struggle to get their arms around the BYOD phenomenon, one of the stumbling blocks in creating policies for sanctioning the use of employee-owned devices to access enterprise applications and data is IT’s reluctance to embrace Android smartphones and tablets. While consumers are voting with their dollars more and more for Android devices (thanks to their cool factor), enterprise IT would much rather embrace Apple’s iPhones if it is to allow and support employee-owned device use. At the AirWatch Connect users conference in Atlanta this week, that preference was made abundantly clear by several customers.
Equifax, for example, currently provides some of its employees with iPhones to do their jobs. Security is the reason most give for that preference, giving a nod to Apple’s tight controls over its iOS APIs and the more thorough job it does in vetting applications before they are allowed to be distributed through Apple’s iTunes store. The proliferation of Android malware is well documented, and it is clear to most that Google has only paid lip service to the need to better protect its mobile operating system and app marketplace, Google Play.
Of course, most if not all MDM vendors claim to secure Android devices, including devices from HTC, Motorola and LG. Samsung, recognizing the need for more robust security, developed its new Knox containerization technology to try to break down those walls and help to encourage broader use of its devices within the enterprise. Knox creates a dual-persona on the phone and separates out personal user information and activity from corporate information and activity. A Samsung speaker addressing AirWatch customers at the conference assured them that Samsung is in it for the long term and all of its devices going forward will incorporate Knox (today, the Samsung GS 3, GS 4, Note 2, Note 3 and Note 10.1 tablet support it). In working with MDM/MAM partners including AirWatch, Samsung has expanded the set of APIs that those partners can use (from 700 to 1,100) to give those partners greater granularity to control Samsung devices. Furthermore, Samsung partners with leading mobile application providers to make their applications available within the Knox container. To help spur adoption of Knox, Samsung has preloaded its Note 3 smartphone and Note 10.1 tablet with Knox for consumers, not only to give them greater security, but also to widen the experience of Knox so that BYOD happens naturally within the enterprise.
Has it done enough, however, to convince IT that it provides an adequate level of security – enough to gain its endorsement of Samsung smartphones as part of enterprise BYOD plans? Only time and a lot of tire kicking will tell. As for Android devices from other suppliers, judging from MDM user feedback at AirWatch Connect, trust in the level of security available for any Android device is not really there yet, but there is hope.