Android smartphones have quickly become popular among consumers, but their reach in business has been stymied by the fundamental lack of security and manageability features in the OS. Thus, 15 months after Apple introduced such capabilities in iOS 4, iPhones became mainstays in many enterprises, while Android is usually disallowed access to basics such as email because it can't encrypt data at rest or support complex pasword policies. (However, the "Honeycomb" tablet OS version of Android supports these security mechanisms, as do some Android smartpohnes from Motorola Mobility.)
The Android smartphone security gap is about to change. Last year, Motorola Mobility bought a startup called 3LM that was developing the kind of security and management features that the Research in Motion BlackBerry and Microsoft Windows Mobile (but not the newer Windows Phone) platforms have long had, and for which Apple added support in iOS 4. These include complex passwords and other password management policies, on-device encryption, and policy-based management of cameras, Wi-Fi access, and the like. Google is now buying Motorola Mobility and, with it, 3LM.
[ Learn how to manage iPads, iPhones, Androids, BlackBerrys, and other mobile devices in InfoWorld's 20-page Mobile Management Deep Dive PDF special report. | Keep up on key mobile developments and insights via Twitter and with the Mobile Edge blog and Mobilize newsletter. ]
3LM plans to make its technology available soon, for a fee of course, to enterprise, both directly and via licensed mobile device management (MDM) vendors, beginning with BoxTone, that incorporate the 3LM protocols into their multi-OS MDM tools. The reason for offering the security via MDM intermediaries is so IT has a single pane of glass for managing most mobile devices. BlackBerrys are the exception, as RIM hasn't opened up the protocols used in its own BlackBerry Enterprise Server MDM tool for use by other vendors.
Security capabilities won't be universal for Android devices
But there's a catch: These security and management capabilities will not be baked into the standard Android OS. Instead, device makers, including Motorola Mobility, will need to license the technology from 3LM. There's no fee to the device makers, as 3LM seeks to create a critical mass of devices against which to sell its service.
That's probably good for Google, which really dropped the ball on the security front and may soon be able to claim the situation is about to change for the better if 3LM gains traction.
The risk in 3LM's technology not being baked into Android itself is that the Android market will add a new dimension of fragmentation around security and, thus, business fit. Some Android devices will be securable, but others won't. That'll confuse users and confound IT for sure, especially compared to the approach taken by Apple and RIM.
Plus, let's not forget, the 3LM technology requires that you buy an MDM service from it or other provider. It won't work out of the box with Exch ante servers, as iOS and Windows Mobile do, for the core set of security capabilities.