In conjunction with the newly released Android 12, Google has improved Android Enterprise’s native security, enticing the management of large numbers of Android 12 devices in enterprise environments and networks.
The updates focus on securing Android devices using a zero trust strategy. Among other things, the shift to zero trust requires end users to authenticate more frequently. Google partnered up with authentication specialists Okta, Ping Identity and ForgeRock to correctly transform WebView (Android Enterprise’s former authentication standard) to the newer Custom Tabs protocol.
While WebView is a powerful and flexible standard for rendering web content, Custom Tabs offers more modern authentication capabilities. Said capabilities include trust signals, improved employee security and single sign-on options for various applications and websites
Other security functionality
Additionally, readily available Android 12 security measures make their appearance in the Android Enterprise management environment. Furthermore, the Android Work Profile Tool enables administrators to provide end users with both business and private profiles.
With the update of Android Enterprise comes a bug bounty program. Google is openly inviting security professionals to hack the platform. By taking part in this so-called Android Enterprise Vulnerability Rewards Program and discovering an exploit on a Google Pixel smartphone managed through Android Enterprise, security professionals are awarded upwards of 215,000 euros ($250,000).
Android Management API
Moreover, Android Enterprise introduces the Android Management API and an adherent API framework. On itself, the Android Management API allows developers to manage Android devices and apps through custom-built enterprise mobility management (EMM) solutions. In conjunction with the framework, the API’s capabilities can be adjusted on the fly using on-device signals to trigger immediate policy changes.
More than 60 partners, including Microsoft, Citrix and Google Workspace, have already built specific API functionality using the aforementioned framework.