Android mobility best practice advisories
Today we’re publishing the first in a series of best practice advisories that share recommendations for deploying and using Android in the enterprise. This advisory focuses on five best practices for securely deploying and maintaining your Android devices:
- Distribute public and internal applications via the Play Store to take advantage of the security benefits and convenience of Play’s updates. Android recommends disallowing installation from “unknown sources,” as apps installed from outside the Play Store have a higher incidence rate of malware.
- Research OEM and carrier partner commitments to Android’s monthly security updates when deciding which devices to purchase and support. Consider restricting access to sensitive company information on devices that don’t receive regular updates.
- Store company data separately from personal data when using a personal device for work (BYOD). Separate storage ensures personal apps can’t access corporate information, and also ensures that the employee’s personal photos, music and apps remain private.
- Use policies to require encryption to protect stored corporate data on devices with access to company information. For additional security, customers should consider using full disk encryption and requiring a PIN or password to start the device.
- When managing a range of devices, ensure that your Enterprise Mobility Management (EMM) solution takes a best-available approach to management that uses the latest APIs supported on a given device. This enables newer management capabilities to be used even if there are older, less-capable devices across your fleet.
We recommend using these guidelines and those in future advisories as a reference when configuring your mobility environment to make the most of the extensive security and productivity benefits in Android.