Android Security Gets Better with Lollipop - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Partner Perspectives
11:20 AM
Liviu Arsene
Liviu Arsene
Partner Perspectives
Connect Directly

Android Security Gets Better with Lollipop

It's reassuring to see Google deploying new and improved security features as its mobile OS matures.

Android has been around for years, and it has seen its share of malware, even in Google’s official Play store. Although third-party security vendors had to jump in and come up with a line of defense against ill-intended apps, Google had the inspiration to introduce the Bouncer app-vetting system that kicked malicious apps out of its marketplace.

Increasing demand for new security features encouraged Google to slowly add mechanisms designed to protect against both malicious apps and cybercriminals trying to exploit system vulnerabilities.

Hoping for the Best

Right before KitKat was released, we had our fingers crossed for a few security improvements we hoped would make a difference in the quest for flawless device security. Among our wishes were antivirus scanner APIs, control over individual app permissions, the ability for some apps to survive a full wipe (in case a device is stolen and wiped, antitheft apps should survive), special sandboxing for apps downloaded from untrusted sources, and even separate profiles for business and personal uses.

Of course, all of this seemed a bit much, especially from one distribution to another. Progress takes time, and Google wasn’t in enough of a rush to simply release security features without properly testing them. So, by the time we saw the new Android Lollipop, some of our wishes took a step closer to reality.

One Small Step for Android …

Some of our predictions, such as antivirus scanner APIs, will probably not make it any time soon to Android, but they are likely on some product manager’s roadmap.

New connectivity APIs, though, made their way onto Lollipop, favoring a more seamless communication between Android smartphones and the plethora of Android devices out there such as TVs, smartwatches, and smartbands. While our predictions were half right, Google went a different way by aiming for compatibility with the Internet of Things instead of going for security vendors.

But all is not lost, as security has been upgraded thanks to the default SELinux enforcing mode for all applications, meaning that malware will have a hard time exploiting system vulnerabilities.

Among some of the new security features, there’s now a geo-fencing option (Trusted Places) that allows devices to stay unlocked when inside a trusted perimeter such as your home. It’s a pretty nifty feature that takes away the need to always input your security pin code even at home, as there’s no risk of strangers eyeballing your personal information.

There’s also a new data encryption feature that’s most useful when you’re using an Android device for both personal and business activities, as you can rest assured that your company documents will safely stay undecipherable in case your phone or tablet is lost or stolen. Google has taken into account Bring Your Own Device policies and seems to have added more than just encryption, as support for multiple profiles has also been improved.

The Future’s Bright

While only some of our predictions have come true, it’s heartwarming to see Google deploying new and improved security features as its mobile OS matures. In light of the recent boom in smart gadgets that rely on Android communication APIs to work properly, we just might see more improvements on the security side, now that they’ve got the user interface covered by the new material design.

Liviu Arsene is a senior e-threat analyst for Bitdefender, with a strong background in security and technology. Reporting on global trends and developments in computer security, he writes about malware outbreaks and security incidents while coordinating with technical and ... View Full Bio
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Strategist
7/30/2015 | 12:13:55 PM
Lollipop not mature, many bugs
My Samsung Note 4 Edge with Android 5.0.1 crashes hourly even though applications have updated many times since the OS revision on July 2nd. Facebook and Firefox are the worst and seems to be related to scrolling most times. Screen freezes, or turns white or black. Terrible beta os that shouldn't have been released into the wild until more QC had been done. Contact just got a lame excuse, "Well, we needed to release a security update." Lame, lame, lame! Both Samsung and VerizonMobile stated that their supposed "vetting" of Android 5.0.1 only related to their own additions to the OS and not to the IS specifically... Total cop-out from everyone!
User Rank: Ninja
7/29/2015 | 12:46:59 PM
Root problem.
The software was from a startup company. They wanted to grap (growth) the market as fast as possible.

There was no app QC.  They wanted to get many apps(MS is doing the same thing now).

The design was relax, easy for geeks to program toy with it.

Google must realize that the OS is mature now to fix the original design flaws.
User Rank: Ninja
3/22/2015 | 10:48:11 PM
Android security needed a big boost
With so many wavering cloud failures and device hacks, we needed something from the root levels, and that is within the Android file system. However I think if Android made some changes for allowing third party software onto the lollipop, that would be great. Most mobile security companies (McAfee for e.g.) provide thorough security but on board management on the android no matter what your processor speed is or how many gigs of ram you have, is very difficult because after a couple days android starts to lag with the security software.
2020 State of DevOps Report
2020 State of DevOps Report
Download this report today to learn more about the key tools and technologies being utilized, and how organizations deal with the cultural and process changes that DevOps brings. The report also examines the barriers organizations face, as well as the rewards from DevOps including faster application delivery, higher quality products, and quicker recovery from errors in production.
The State of Chatbots: Pandemic Edition
Jessica Davis, Senior Editor, Enterprise Apps,  9/10/2020
Deloitte on Cloud, the Edge, and Enterprise Expectations
Joao-Pierre S. Ruth, Senior Writer,  9/14/2020
Data Science: How the Pandemic Has Affected 10 Popular Jobs
Cynthia Harvey, Freelance Journalist, InformationWeek,  9/9/2020
Register for InformationWeek Newsletters
Current Issue
IT Automation Transforms Network Management
In this special report we will examine the layers of automation and orchestration in IT operations, and how they can provide high availability and greater scale for modern applications and business demands.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll