News Analysis: If Google wants Android to succeed in the enterprise it's going to have to address some basic security and privacy issues that make IT managers refuse to give Android devices access to corporate applications or even ban them from the office altogether.
The Motorola Droid is about to get Android 2.2, a big
step in the Android universe. With the new version of the operating system will
come support for Flash, better security and presumably more stable operation.
The automatic update, which will start for the original
Droid the week of Aug. 2, has been eagerly anticipated, but there's still a lot
that needs to be done if the Droid and its cousins are going to find a warm
welcome in the enterprise. Don Reisinger has pointed
out 10 issues that could derail Android's early record of success,
including the need for greater attention to privacy, security and support for
Improving enterprise support is a particularly important
factor. For example, while Android 2.2 supports Microsoft Exchange and
ActiveSync, it's not totally functional for some of the limits that ActiveSync
has the ability to impose. You can require users to use a password or PIN to
use the device, and you can perform a remote wipe. But even though ActiveSync
has the ability to turn off features like the camera or Bluetooth, the Droids
For many organizations, cameras are especially
troublesome since they give users a way to quietly record documents or other
intellectual property, or to compromise security. This is why you can buy a
BlackBerry without a camera, for example.
There are other fairly glaring security failures as well.
One of the really nice things about the Android family is that you can use
applications that aren't centrally controlled through an application store.
This means that you don't need to check with Google before developing a custom
application for your Android device. In addition, Google is famous for being
very open about the applications that it allows in its application store.
But the revelation that the company had to pull an application
from its store that was funneling information to a site in China
is enough to give enterprise security managers pause. Is it now necessary to
buy malware detectors and antivirus software for your phone? Of course, they
wonder the same thing about Google itself, which is famous for collecting data
from Android phones for aggregation into its products.
There are more mundane issues for enterprise consideration
as well. A number of enterprises aren't comfortable using Google's mail product.
Given Google's history of data loss and Gmail's history of going down randomly,
it's easy to see why. Moreover, Google's cloud-based data storage is a hard
compliance nut to crack. Google doesn't guarantee that its consumer
applications meet compliance standards, and there's every indication that they
Wayne Rash is a Senior Analyst for eWEEK Labs and runs the magazine's Washington Bureau. Prior to joining eWEEK as a Senior Writer on wireless technology, he was a Senior Contributing Editor and previously a Senior Analyst in the InfoWorld Test Center. He was also a reviewer for Federal Computer Week and Information Security Magazine. Previously, he ran the reviews and events departments at CMP's InternetWeek.
He is a retired naval officer, a former principal at American Management Systems and a long-time columnist for Byte Magazine. He is a regular contributor to Plane & Pilot Magazine and The Washington Post.