Google quietly starts adding enterprise security to Android in Honeycomb
Although not mentioned in Google's media preview, Honeycomb includes device encryption with the promise of more enterprise security features to come.
I was quick to point out some of the major advances that Honeycomb will bring to Android after yesterday's Google media preview. After the preview, Engadget discovered a feature that Google didn't mention during the event and that hasn't been covered in the developer preview release including in the Honeycomb SDK that was made available last month: whole device encryption.
[ Free download: Crafting a successful BYOD and mobile IT strategy ]
It's actually somewhat ironic that Google chose not to highlight this feature. One of the big concerns about Android (on a tablet or a smartphone) in business and enterprise environments is security. While RIM's BlackBerry (but not its upcoming PlayBook tablet) remains the gold standard for enterprise security and manageability, Apple's iOS (on both the iPad and iPhone) has made some stellar strides with the release of iOS 4 this summer. Meanwhile Android has still ranked towards the bottom from a security perspective.
Note: It's mentioning noting that iOS went from being pretty low on the enterprise totem pole (behind the BlackBerry when paired with RIM's BlackBerry Enterprise Server and Windows Mobile 5/6 when paired with Exchange) to being second only to RIM's BlackBerry/BES combo when paired with one of several management consoles, leapfrogging ahead of Windows Mobile, Windows Phone 7, Android, and webOS.
On-device data security is a big deal for almost any business or professional field, but it is particularly critical in fields like finance and healthcare, where workers routinely access confidential data that must be kept secure both as a matter of practice and to comply with various laws and regulations. In fact, the security issue has been a card RIM has been able to play to keep some of its major companies invested in the platform and one that has been important to Apple's iPad and iPhone becoming more trusted in business environments (iOS has support whole device encryption since the release of the iPhone 3GS in 2009).
Offering whole device encryption (or any form of solid data security) is a big advance for Android. It has the potential to open several new doors in the business world for the platform on both tablet and smartphone levels. With the influx of choice that Android tablets will offer, this could tip the scales in favor of Android tablets over the iPad for some businesses. Certainly, the fact that Google is looking at dealing with enterprise concerns will help IT managers sleep a bit easier as the BYOD (bring your own device) model becomes ever more prevalent in the workplace.
Even better news is that device encryption isn't the only enterprise feature that Google is looking to add to Android. According to Engadget, the company is working on developing an API that can be used to enforce policy restrictions on Android devices. My guess is that this will look somewhat similar to Apple's approach with iOS 4, although Android's open source nature might actually enable broader choices of management consoles. The same staffer that shared that tidbit also noted that device encryption will be available as a standard component of Honeycomb and will not be exclusive to the Motorola Xoom (the demo device on which Engadget noticed the feature).
While no more details are available yet in terms of the cryptography used for encryption or exactly what policy management capabilities might ultimately find their way into Android, the news is very encouraging because it illustrates that Google understands the needs of enterprise and business customers and the innate concerns that IT has about mobile devices as a whole and the current limitations of Android in particular.