Android fragmentation remains a challenge for IT teams, but tools are now available to work around the problem.
When deploying and managing mobile devices in the enterprise, organizations must carefully consider the device's OS. Android is the most popular mobile OS worldwide, holding about 70% of the market, according to StatCounter. Despite the overwhelming popularity of Android in the market, enterprise IT teams often treat devices running the OS as a security risk. Fragmentation in the Android ecosystem often drives these concerns.
The term Android fragmentation refers to multiple different devices running different versions of the Android OS. Android is open source -- meaning anyone can use and modify its source code -- and runs on a wide range of devices. As a result, the OS is highly accessible and flexible, but it can present IT with development, management and security inconsistencies. This also makes it harder to guarantee data protection and compliance on corporate Android devices.
Google has made some efforts to address the issue in recent years, but fragmentation is tied to some foundational aspects of Android. IT teams should understand how the problem has changed and how to mitigate it through proper management.
How Android fragmentation affects enterprise organizations
Android fragmentation can affect developers, IT support staff and end users in a few different ways. While fragmentation itself is always an obstacle, it comes as a natural consequence of Android being an open source OS. Android administrators can weigh the benefits of an open source ecosystem against fragmentation and the additional drawbacks that come with it.
Advantages of Android's open source ecosystem
Android's fragmented ecosystem does come with some benefits. Because the OS is open source, it's available on a wide range of devices, including budget-friendly smartphones that can serve a wide range of users. The diversity of Android devices also stimulates consumer choice, enabling users to find devices that best suit their personal needs.
Android supports specialized devices and offers economical options for kiosk deployments. Organizations deploying rugged Android devices can manage and secure them using a unified endpoint management (UEM) or mobile device management (MDM) platform. That wasn't the case in the early days of rugged devices. Some of the leading devices ran on proprietary OSes that mobile security platforms of the time didn't support.
The open source roots of Android also enable organizations to adapt their platform to their specific requirements. For example, the National Security Agency built a custom version of Android to meet its rigorous security standards and installed the OS on its corporate-owned devices.
Disadvantages of Android fragmentation
There are plenty of drawbacks to Android fragmentation that should concern organizations. First, Android fragmentation brings security concerns because different Android versions don't receive security updates all at the same time, leaving some devices vulnerable.
Providing consistent support to Android users is challenging because different OS versions and OEM modifications require extra troubleshooting steps. There can be compatibility issues with enterprise apps and cloud services due to differences in device specifications and Android versions. This can disrupt application functionality and user experience.
Even with the open source ecosystem, organizations can face vendor lock-in due to heavy customization on the part of the device OEMs. For example, Samsung has extensively customized its Android UI. Such vendor-based fragmentation can disrupt workflows and make change harder for employees.
Managing a fleet of mixed Android devices raises security and compliance risks further. When security teams have to focus on dealing with varying Android versions and configurations, it gives them less time to handle other critical tasks. Although the UEM and MDM market is evolving, it's easy to fall into the trap of implementing two management platforms, increasing the complexity of an organization's IT infrastructure. The process of documenting and enforcing uniform security and app policies also becomes more complex, which might draw the attention of auditors and create more management challenges for internal teams.
App developers also face the potential of increased development and testing costs with Android. It can be expensive and resource-intensive to develop and test enterprise apps in a way that ensures compatibility across a range of Android devices and OSes, which further hampers deployment.
How Google is addressing Android fragmentation
Since 2017, Google has required developers of new and updated apps to comply with its most recent APIs, which is central to the push to reduce the Android fragmentation problem. However, these efforts continue to drag out, and even now, fragmentation is a deterrent for many Android customers. Google also launched an Extension SDK framework to bring the latest Android features to older versions of the OS.
In the end, the success of Android in the enterprise is about more than just the mobile operating system. Instead, IT administrators should focus on the device OEMs. Samsung, for example, has prioritized the needs of the enterprise when it comes to Galaxy devices. The device manufacturer's security foundation, Samsung Knox, is now part of its enterprise value proposition. Google Pixel devices also target the enterprise. Key features include personal and work profiles for users to separate and secure their corporate data at the OS level. If an organization uses Google Workspace for office productivity, Pixel users gain secure access to that platform.
Another point to consider is that standardizing on mobile device OEMs such as Samsung or Google Pixel removes some of the challenges that fragmentation presents. Setting a device standard alleviates some of the risks that come with having to manage Android devices from a myriad of OEMs. Standardized devices are easy for enterprise organizations to purchase. Also, mobility managed service providers will only roll out Android devices based on a standard set by a contract and their established partnerships with mobile device OEMs.
There's no rule saying a BYOD program must support Android. When an organization does want to support Android, its BYOD policy can specify the device models it'll support. To identify supportable device models, IT can look to Google's Android Enterprise Recommended program, which provides a list of devices that meet requirements for enterprise use. Any employees not using an approved model won't be able to onboard their devices to the corporate network.
Further, IT administrators can perform more management on the application and data side to ensure mobile devices are securely accessing business resources. Services such as cloud storage and mobile productivity applications can keep all data in managed locations and gated behind whatever authentication methods an organization dictates. For example, if an organization is standardized on Google Workspace and secured by identity access management, that's how its Android users can access email, group chat and corporate files.
Android fragmentation remains a reality for many enterprise organizations today. Fortunately, strategic options exist to ensure that Android doesn't overtax IT and security teams.