With Microsoft having officially ended their extended support for Windows Mobile edition in 2019 and Windows CE at the end of 2021, your device fleet may currently be unsupported and vulnerable. To ensure your devices are updated regularly and have the latest security patches, Microsoft recommends that you upgrade your fleet to new Android device. In this article, we will explain why you should migrate your devices to Android as soon as possible.

Security

The migration isn’t a prediction that will happen in the future, both Windows Mobile Edition and CE are now unsupported. Operating with a legacy operating system is never recommended as without the regular security updates your legacy estate is at serious risk.

 

Security has been a major focus of every Android release, with the security and power now on the same level if not exceeding what you get with Windows. Built on four pillars of security, Android ensures your business and customer data remains safe and out of the hands of criminals.

 
Want to find out more?
Hardware Security

All Android devices come with a strong layer of security built directly into the hardware. All security functions run in a separate trusted execution environment (TEE) to make sure that the OS stays safe. Apps and data are also kept in separate instances, increasing the security of your devices

Android GMS devices have built-in hardware security for enterprise deployments

  • Verified Boot alerts you to OS compromises when you start up.
  • Anti-exploitation techniques prevent vulnerabilities from becoming exploitable.
  • Critical security functions happen in the Trusted Execution Environment separate from the operating system
  • Android Keystroke System
  • Tamper Resistant hardware
  • Biomentric authentication
  • Hardware mitigation

‘Android Enterprise Recommended’ devices have a higher level of requirements for Hardware and security, see some of the elevated security requirements below.

  • Secure enrolment methods including Zero Touch
  • Support the current shipping release + one letter upgrade.
  • Devices MUST support Key Attestation
  • Device manufacturers MUST support the Emergency Security Maintenance Release (ESMR) process
Operating System Security

You need to be confident that the Operating System has the right level of security measures and controls to protect your company data and end user personal data.
Android has onboard OS security for enterprise deployments, here are some of its protection features

  • Security Enhanced Linux (SELinux)
  • Process isolation and sandboxing.
  • Kernel hardening.
  • OS Security and privacy features, Multi-layered defence
    • Permission Usage Reminder & Permission Settings
    • Activity Recognition Permission.
    • Google Play System Updates.
    • Location Control.
    • Background App Launching.
    • Device ID Restrictions.
    • MAC Randomization.
    • Accessibility Usage Setting.
Application Security

It is essential that you know that your employees are protected when using their devices, whilst minimising the risk to the whole business. Android’s application security ensures that you can download apps without downloading threats.

Android Enterprise Security defends against many categories of malware:

Backdoor, Billing fraud, Commercial spyware, Denial of service, Hostile downloaders, Non-Android threat, Phishing, Elevated privilege abuse, Ransomware, Rooting, Spam, Trojan and Uncommon & Mobile Unwanted Software (MUwS).

Here are some of the protections providing better privacy and robustness against known attacks include

  • Google Play Protect detects and blocks malware threats.
    • Scans are done before installation.
    • Google Play Protect scans and verifies more than 50 billion applications daily.
    • Protects from PHAs being installed from unknown sources, because GPP scans any app that is installed, not just those from Google Play
  • Google Safe Browsing protects users from web-based threats such as malware, unwanted software, social engineering, phishing and deceptive sites.
  • SafetyNet API checks managed devices before they can access data.
Network Security

When you connect your company-owned devices to a network you need to know that it has the best level of control to secure your data-in-transit.

Android enterprise provides network security for data-in-transit and communications over the Internet for web browsing, email, instant messaging, and other Internet apps. Below are some support capabilities the controls available.

  • DNS security.
  • TLS by default
  • VPN capabilities.
  • Certificate services.
  • Wi-Fi enhancements.

Ease of Use

As many of us now use android devices in the everyday life, most of your collegues will already be familiar with; the phone designs, user interface and how the device works – making an easy transition with minimal training.

In addition to this, the operating system has been designed for the ground up for the mobile phone, the user interface is intuitive and simple to use. Additionally, Android has a thriving developer scene due to their open source platform with a thriving app store. A global network of developers makes migrating your current applications over much easier and less costly.

How Should You Manage your Android?

With the frequent updates to Android, some could say that Android is a little more difficult to manage, however with the range of fantastic Mobile Device management software, Android not only becomes easy to manage but you receive a range of added benefits.

Benefits of MDM

  • Rapidly device enrolment, ‘Over-the-Air’
  • Remote app and configuration management
  • Patch and update management
  • Comprehensive monitoring and reporting functions
Want to find out more?

Ready to see how we can connect your business?

Get in touch with us today