3LM Enables Android Device Management for the Enterprise3LM Enables Android Device Management for the Enterprise
Droid devices are behind iOS in many areas important to enterprises, including Mobile Device Management. 3LM aims to fill that void.
October 18, 2011
One of the biggest problems with bringing your Droid to work has been the lack of enterprise-level security for Android devices. Without a way to protect against attack and insure the safety of intellectual property, many organizations are loathe to allow this bit of consumer technology in the workplace. However, a recent development in mobile device security might resolve this problem.
3LM, a subsidiary of Motorola Mobility Holdings, Inc., has introduced an enterprise-grade solution to add security and data protection to mobile devices. The development is significant in that 3LM's solution specifically involves a partnership with device manufacturers such as Samsung and HTC, insuring that the devices made will be enterprise ready. The enhanced functionality can be easily activated by IT admins via an enterprise server console.
Historically, with other Mobile Device Management (MDM) systems, and now with 3LM's solution, enterprise administrators get enhanced device-level security through encryption of both onboard RAM and the storage card. MDM systems support application white and black lists, and enforce strong passwords. They also let admins remotely install, uninstall, and disable applications. Provisioned devices that become lost can be tracked via locations service--or remotely wiped. VPN support for domain-controlled resources is also available.
But Android MDM is a new market; players were almost nonexistent a year ago. It's a promising market, but 3LM has its work cut out for it. For one, most Android MDM systems, including 3LM, support only Android 2.2 or greater--which means there are a number of legacy devices out there that need to be controlled. Also, although 3LM's ROM-only solution has its security advantages, competitors such as Air Watch or Zenprise make device-side components available in the Android Market for free, allowing enterprise admins to support a wider variety of devices.
The questions that remain about 3LM's solution all are root related. Although the practice might be banned in some companies--and unsupported by some of 3LM's competitors--installing custom ROMs in Android devices is common because of all the extra phone features users can get.
It's unknown exactly what 3LM's position on rooting is just yet, but these were the facts at press time:
The device-side piece of 3LM is not going to be provided in the Android Market as an installable app. 3LM partnered with specific hardware manufacturers and the device portion of the solution must be baked into the device's standard ROM. So, if your device comes with 3LM installed and you root the device and don't have a backup of the original ROM, you're out of luck. Rooted devices cannot be controlled via 3LM.
It's not yet clear whether 3LM could be used to block access to ADB and FASTBOOT in a provisioned device, rendering it unrootable.
If you root your device after 3LM is activated, the encrypted data will survive, according to 3LM--and it might be possible to recover it with the encryption key. But it won't be easy.
3LM can disable an application on the device's System partition--for example, carrier-installed bloatware--but cannot remove it.
It was also unclear as to how HTC's commitment to ship all devices with unlocked bootloaders would be affected by their partnership with 3LM, or if the 3LM provisioning process would lock an unlocked bootloader on any given supported device.
Rich MDM support will be necessary before Android is widely accepted by businesses for their users. It’s much easier to build such products for BlackBerry or Apple, who control every aspect of their entire product lines. The OEM wild west nature of the Android device market makes the job much harder--and it’s too soon to tell how good a job they will do.
Chris Spera is BYTE's Managing Editor of Reviews. He has over 15 years of professional writing experience as a freelancer and columnist for AOL/CompuServe, Computer Power User Magazine and The Aurora Beacon, a SunTimes Media newspaper. Chris has over 20 years of senior IT management experience and can be reached at ch[email protected]. You can also follow him on Twitter at @chrisspera.
About the Author(s)
You May Also Like
US privacy in 2023: Top 3 compliance priorities
TeamDynamix Spotlight - Frontwave Credit Union Adopts Digital First
City of Buffalo Automates IT Service Management and Improves Self-Service Delivery
Ultimate Guide to the CISSP
Hybrid Mesh Firewall: An Essential Solution for Today's Distributed Enterprise