Android faces constant security threats because of its popularity and flaws inherent to its structure.
While Android remains the most popular mobile operating system (OS), it's also been criticized for issues related to security -- particularly regarding app-level malware. The fundamental openness of Android and its popularity serve as a magnet for cybercriminals. As a result, Google has implemented robust, layered Android security features.
Android is Linux-based and derived from Unix, which introduced a wide variety of security mechanisms that are still in use today. Among the most important of these features are file system permissions and file system encryption. File system permissions prevent applications from accessing areas of the file system that they do not have access to, while Android disk encryption, which is enabled with a password, uses a kernel-level Advanced Encryption Standard (AES) algorithm to protect key OS elements from those without proper access. Android has a safe mode, which disables third-party applications for troubleshooting purpose, if all else fails. Android also includes Security-Enhanced Linux Enforcement, which moves OS security to the kernel layer and requires apps to abide restrictions set at that level, for additional protections.
Building on the security features native to Linux systems, Android offers application sandboxing. Sandboxing is when an OS isolates apps as separate processes from each other, typically through app wrapping in the case of mobile devices. This isolation protects the apps from any errant behavior in other apps, like the opening of malware. Android also supports a wide variety of APIs and security protocols, including AES and RSA for encryption, the Digital Signature Standard for authentication, SHA cryptographic hash functions and Secure Sockets Layer (SSL)/ HTTP over SSL.
The Android team has overall done a great job establishing and maintaining an environment, and even culture, of security. System administrators and users who take advantage of security best practices should have no problems integrating Android devices into secure network environments. As always, education, support, security policy and centralized management are necessary to ensure users know which apps are safe to install and give privileges to.
The latest Android security features
The next Android release, known as Android 5.0 Lollipop (formerly Android L), includes Android for Work, a number of features designed to enhance the appeal of the platform in business environments. Android for Work offers some mobile content management and mobile application management features, including elements of the Samsung Knox security platform. An excellent argument can be made for the inclusion of enterprise mobility management functionality directly into the OS, where hackers will have a much more difficult time working their evil; basic device administration has in fact been in Android since 2.2.
With Android's popularity, it's a sure bet that the hacker community will continue to poke at every API and test every limit of the operating system. In some ways, this experimentation is actually encouraging. One of the benefits of an open source platform is the more rapid identification and resolution of bugs and vulnerabilities. But even with the benefits of experience and the enhancements to Android security features in Lollipop, IT organizations must remain ever vigilant and current in their knowledge of threats, best practices and their own security policies and procedures.