Is Android safe enough for business?
With its new Safe offering, Samsung is aiming to make Android devices more palatable to enterprise IT, but not everyone is convinced it's a good idea. Unlike the BlackBerry OS, Android was not built with enterprise IT in mind, and patching security features on top of it doesn't necessarily help, writes Rob Enderle in a post at CIO magazine.
A main advantage of BlackBerry (NASDAQ: BBRY) is that its original target audience was the business user, writes Enderle, principle at the Enderle Group. From the beginning, the vendor sought to understand IT's needs and the importance of protecting business users.
"BlackBerry ties its systems into IT policy, assuring that IT can easily get the devices to conform. This is critical; IT doesn't have the time to manage everything that's currently on the table, and BlackBerry is designed to assure compliance without significantly increasing IT overhead," Enderle writes.
Android, meanwhile, does not inspire the confidence of a lot of security pros, as illustrated recently by McAfee, Kaspersky and Sophos Labs. But rather than developing a more secure version of the operating system, Enderle writes, Samsung added on mobile device management, encryption and installed a VPN.
"[I]n the case of a vulnerable platform, [MDM] only makes IT more responsible for adverse results but doesn't address the core security problems," Enderle writes. The VPN "actually makes a compromised device more dangerous, because VPNs tunnel through the perimeter security of a business, potentially granting even greater access to the attacker."
What's more, he adds, improvements were made to email connectivity, which also can be a boon to an attacker over a compromised device.
- see Rob Enderle's post at CIO