Any organization that deploys Android mobile devices without management and security considerations puts itself at great risk. Still, organizations can turn to programs such as Android Enterprise Essentials for automated security controls.
Many organizations deploy mobile device management (MDM) and unified endpoint management (UEM) platforms to manage their fleet of devices by setting policies and user profiles on the devices. However, many of these suites burden smaller organizations as they require resources to deploy and manage. Smaller organizations may not have these at their disposal.
To secure Android devices used in business, Google has adopted a security model for some Android devices in the enterprise. Google increased the device security functionality over standard off-the-shelf Android devices by creating the Android Enterprise program. For many organizations, mobile device security and management remain difficult. Fortunately, these organizations can turn to Android Enterprise Essentials, which offers a lighter, less management-heavy method to secure devices.
Android Enterprise Essentials features
To keep it simple for organizations deploying Android Enterprise Essentials -- and to minimize or eliminate the IT resources needed to manage mobile devices -- Google has implemented several features that come preconfigured on devices. Users can't turn off these features, so it is best for corporate-owned device scenarios. These default functions provide a device and data security capability that organizations previously only had available via an MDM platform.
The following security functions come with Android Enterprise Essentials:
- Screen lock enforcement, which prevents outside parties from accessing sensitive content without the device owner's permission.
- Always-on mobile malware protection that provides mandatory scanning of installed apps and any apps that the users install. It also prevents app sideloading for apps that the app store has not vetted. Sideloading is a major cause of device malware infection.
- With Android Enterprise Essentials, all mobile security features remain in place, even when an employee resets their device. This eliminates an avenue of security exposure by end users bypassing required security.
Android Enterprise Essentials also includes several device management features, such as:
- remote over-the-air device activation so users can start working as soon as they receive their devices without needing IT to "touch" the device first;
- automatic application of device policies to each device, so there's no need to configure any settings on individual devices as IT deploys them; and
- the ability to remotely wipe devices and reset screen locks to maintain data security if the device is lost or stolen.
Android Enterprise Essentials via a distributor
Android Enterprise Essentials is available for organizations through a list of authorized distributors that provide the devices and the key management functions. This relieves organizations from having to dedicate IT staff to the management of these devices.
For a small fee -- approximately $2 per device, per month -- these authorized distributors provide the Android device management functionality with minimal need for organizational involvement, other than some upfront profile and requirements setting. This is an attractive capability for many organizations that need to deploy mobile devices but don't have the resources or desire to manage them.
Does Android Enterprise Essentials replace MDM or UEM?
Android Enterprise Essentials is not a direct replacement for full functionality via MDM or UEM suites within large organizations or those with high levels of security needs, such as financial services, healthcare and government agencies. These products offer much greater functionality and provide organizations with a way to manage many more features, functions and policies.
However, for organizations with no real device management in place for their mobile endpoints or rely on the end user to provide that function, Android Enterprise Essentials offers a simplified way to adopt light device and data security management.
Dig Deeper on Mobile operating systems and devices
Related Q&A from Jack Gold
To simultaneously tackle the issues of mobile user privacy and security, IT can deploy Android Enterprise Recommended devices and partition them with... Continue Reading
The Knox Service Plugin helps Samsung smartphone admins roll out security features through EMM tools more quickly. The program lowers the programming... Continue Reading
Project Mainline promises to make the Android update process more segmented. This new structure allows IT to push out critical updates without ... Continue Reading