Google Android Keeps Kissing Away Enterprise Customers

News Analysis: If Google wants Android to succeed in the enterprise it's going to have to address some basic security and privacy issues that make IT managers refuse to give Android devices access to corporate applications or even ban them from the office altogether.

The Motorola Droid is about to get Android 2.2, a big step in the Android universe. With the new version of the operating system will come support for Flash, better security and presumably more stable operation.

The automatic update, which will start for the original Droid the week of Aug. 2, has been eagerly anticipated, but there's still a lot that needs to be done if the Droid and its cousins are going to find a warm welcome in the enterprise. Don Reisinger has pointed out 10 issues that could derail Android's early record of success, including the need for greater attention to privacy, security and support for enterprise users. 

Improving enterprise support is a particularly important factor. For example, while Android 2.2 supports Microsoft Exchange and ActiveSync, it's not totally functional for some of the limits that ActiveSync has the ability to impose. You can require users to use a password or PIN to use the device, and you can perform a remote wipe. But even though ActiveSync has the ability to turn off features like the camera or Bluetooth, the Droids won't comply. 

For many organizations, cameras are especially troublesome since they give users a way to quietly record documents or other intellectual property, or to compromise security. This is why you can buy a BlackBerry without a camera, for example. 

There are other fairly glaring security failures as well. One of the really nice things about the Android family is that you can use applications that aren't centrally controlled through an application store. This means that you don't need to check with Google before developing a custom application for your Android device. In addition, Google is famous for being very open about the applications that it allows in its application store. 

But the revelation that the company had to pull an application from its store that was funneling information to a site in China is enough to give enterprise security managers pause. Is it now necessary to buy malware detectors and antivirus software for your phone? Of course, they wonder the same thing about Google itself, which is famous for collecting data from Android phones for aggregation into its products. 

There are more mundane issues for enterprise consideration as well. A number of enterprises aren't comfortable using Google's mail product. Given Google's history of data loss and Gmail's history of going down randomly, it's easy to see why. Moreover, Google's cloud-based data storage is a hard compliance nut to crack. Google doesn't guarantee that its consumer applications meet compliance standards, and there's every indication that they don't.