Android Enterprise

Fragmentation, cesspool of malware, no enterprise support were all comments I have encountered time and time again when discussing devices and OS choices with many prospects and customers over the past few years. The bottom line always came down to the customers cost vs security posture. Android only won on cost and never on security. Fast forward a few years and I think this has changed quite a bit. Let’s take a look back at what had to happen to get to the start line for Android to be taken seriously in the enterprise.

Early 2015 (approximately 21 years ago using the mobile IT dog years calculator) Google announced Android for Work (AfW). A big step forward being the first time the OS vendor (Google) had ever dipped its toes in the enterprise. Up until this point if you wanted to do something as simple as use your Mobile Device Management (MDM) toolset to provision email you needed to use a 3rd party in Samsung SAFE, Nitrodesk Touchdown or a container solution like Good for Enterprise. Crazy right. This was just 3 years ago… Unfortunately as with most software V1 products AfW didn’t really deliver on the promise with extremely limited hardware choice and devices slowing to a crawl when implemented. Nice try but not cigar this time.

Later in 2015 Google announced the separation of security patching from the core OS in an attempt to provide the enterprise with some assurance that even if your device does not receive an OS update it can receive a security patch. This program was a great foundation to start to name and shame device manufacturers who were selling but not supporting devices. Would you ever purchase a PC that was never going to receive a security patch?

Just over a year later Google embarked on a re banding exercise of Android for Work renaming it to Android Enterprise as it is still known today. I like to think of this as V2 and ready to deliver on the brochure ware with wider adoption of hardware vendors and Enterprise Mobility Management (EMM) providers along with a more refined software stack. This Android story is now starting to get interesting.

Half a year later in May 2017 it was time for project Treble. Like the separation of the security patching in 2015 this time project Treble introduced the separation of the lower level device calls that hardware manufacturers implement to make their radio stack or silicon dependencies work with the OS. Introduced as optional at the time, today this is included with all new devices running Android 8 or above by default. Bottom line, device manufacturers need to do a lot less testing to release a new OS on their devices. Previously a mid range Android would never receive an OS update due to the cost incurred to take the new OS from Google and put it through testing and modifying drivers etc. Project Treble would become the cornerstone of what was to come next.

Late 2017 the master plan starts to come together with the launch / re branding of Android One. For those that are in the know Android One was originally marketed as a lite low cost version of Android for developing markets in 2014. It was re branded to Android Go in 2017 to make way for the current Android One which is marketed as everything you want and nothing you don’t. To benefit from the brand power of Google, device manufacturers must meet strict guidelines to ‘earn’ the Android One badge. The first is committing to delivering security patching for 3 years from the device release date. Remember back in August 2015 when they separated out the security patching from the OS updates. The second is to provide at least 2 dessert updates (OS versions). Project Treble to the rescue so we aren’t just stuck with flagship phones receiving updates and speed to release being greatly increased due to the reduced testing requirements.

The final piece of Android’s journey to the enterprise arrived in February of this year with the announcement of the Android Enterprise Recommended (AER) list. Essentially a souped up version of the Android One program with device manufacturers having to submit their devices to Google for testing to ensure there are no nasties on the device at any level. Remember superfish and Lenovo anyone? Once again a strict set of conditions on what you have to include on the device such as Google Play Protect and what you cant have on the device such as a bloatware stack along with security patching and OS updates for 3 years. This list has been growing nicely over the months that have passed in 2018 and now offers a great range of choice with many price points and feature sets such as rugged devices, big, small, cheap or expensive. Take your pick. They are all guaranteed to work with your EMM tool set and will be supported not just forgotten.

So sometimes it takes a look back through a timeline like this to unpack the strategy that was set in place back in 2015 now reaching maturity in 2018 and beyond. Android is certainly ready for the enterprise on many fronts. Are you deploying Android in 2018 or are you sticking with the current king of the enterprise in Apple? Please comment below.