With the growth in BYOD, large corporate tablet deployments have been limited outside the education sector, but American Airlines represents one of the larger corporate deployments with an installed base of 33,000 units. Recently the airline snubbed Apple (after initially taking 10,000 iPads), by opting to order 17,000 Galaxy Tabs in addition a large order (also 17,000) Galaxy Note "phablet" devices as highlighted here: http://www.businessinsider.com/american-airlines-picks-samsung-not-apple-2013-3
The key reasons for opting for the Samsung devices were cited as usability and Samsung's SAFE security features that more easily enabled the devices to be made compliant with AA's infrastructure (we suspect cost per unit and volume discount was also a factor, although that obviously wasn't cited!)
So how secure is Android becoming and is it viable for corporate deployments yet? In our blog entry back in 2010, it was a resounding "no", but since then OEMs and third party MDM vendors from Airwatch and Good to Mobile Iron have made securing Android a priority for their MDM offerings. Moreover, the NSA has developed a version of Android called SE Android (Security Enhanced) that has resolved a number of the issues around the on-device OS itself and has been adopted by Samsung for Knox.
Samsung has done an admirable job on security with the addition of Knox to its SAFE program which adds:
- A Fully Secure Boot Chain and platform security through the use of SE Android (Security Enhanced Linux for Android.
- A Container Solution that allows for delineation and management of personal and business profiles and is similar to those offered by Good for Enterprise and other third party vendors.
Samsung has done a good job of opening the relevant APIs to third party MDM providers (now over 700 APIs available and over 353 IT policies) to enable management and control of various elements that are at risk. The introduction of Knox makes the Operating System much more secure and builds on the incremental improvements to Android security over the recent versions of the platform.
With Samsung seemingly leading the way among OEMs on Android security (Google has seemingly disbanded the 3LM group at Motorola Mobility), questions over standardisation and fragmentation among different versions of Android and different OEMs are inevitably raised. Who is driving security standards for Android? With open source platforms, these challenges will remain. Nevertheless, with the high security standards that have been set in place with SAFE and now Knox mean that Samsung will increasingly be more credible through the corporate direct channel as well as in the hands of the users via BYOD.
A detailed analysis of SAFE and Knox is available in this Strategy Analytics Mobile Workforce Strategies (MWS) report: Is Samsung making Android SAFE for Enterprises with Knox? A detailed mobile platform analysis and assessment of end-to-end architecture and the importance of a layered security approach is available in this Strategy Analytics Mobile Workforce Strategies (MWS) report: TCO & Security of Enterprise Grade Mobility.