BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
The Android fragmentation problem can make managing mobile devices difficult for the IT department.
From the perspective of manageability, features and functionality, not all Android devices are the same. Android tablets and smartphones can be useful extensions of the way people work, so it makes sense that some businesses want to enable Android device use. But companies don't have to allow employees to bring their own devices to the office, then find a way to support them after the fact. It might help reduce Android fragmentation problems if the company simply buys the devices and integrates them with the corporate network, but there are drawbacks to Android devices even when they're corporately owned.
Choosing an Android device
If Microsoft launches a new version of the Windows operating system, you can be assured that a few months later you won't be able find anything but the latest release of that operating system on the market. The interesting thing about Android devices is that there are so many device types and versions of the OS.
Android operating system versions are tightly integrated with the hardware platforms they are used on, and lots of different versions of Android are on the market, each with different features. Features that are available on one device might not be available on another device. That means corporate IT needs to standardize on one OS version to provide services on all the Android tablets and smartphones in the company. When considering which devices to purchase for employees, however, companies must also consider the availability of those devices in the future. Devices that are for sale now might only be available with a different version of the OS down the line, which makes it hard to develop a consistent IT strategy.
With a proprietary operating system, such as Windows 8 or Apple iOS, it is relatively easy to lock down the OS and force users to use it in one specific way. The Android operating system is built on the open source Linux operating system, which makes it difficult to control devices. On Android it is much easier for users to get under the hood of the operating system, so it's tough for IT to properly develop and execute security policies for the device. Even though administrators can use mobile device management (MDM) to control some parts of the OS, each version has different ways that users can customize their devices, and one MDM system can't cover all those loopholes.
And compared to alternatives such as Apple's App Store, Android's app market, Google Play, is less monitored for malware. Though the openness of Google Play is good for developers who want to get their apps to Android users, IT administrators need to find ways to deal with un-vetted apps on devices that connect to the corporate network. One option is to develop an enterprise app store to make sure that only secured applications can be installed on corporate Android devices.
Device Policy for Android
Most OSes have some kind of policy to enforce specific security settings on users. The default policy on Android devices with Google Apps for Business, Government or Education is the Google Apps Device Policy. Administrators can apply the policy to enforce some security settings, such as password policies and methods that employees can use to access their email. But in companies that don't use Google Apps, Device Policy isn't an option for enforcing settings.
For those companies that do not use Google Apps, applying a strict security policy is not that easy. There are MDM tools that can help apply policies, but companies have to buy the MDM software. It's important to consider how to implement corporate security procedures and standards, and how to deal with the Android fragmentation problem before buying devices.