Android Security Gets Better with Lollipop - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Partner Perspectives
Commentary
3/18/2015
11:20 AM
Liviu Arsene
Liviu Arsene
Partner Perspectives
Connect Directly
Twitter
Google+
LinkedIn
RSS
100%
0%

Android Security Gets Better with Lollipop

It's reassuring to see Google deploying new and improved security features as its mobile OS matures.

Android has been around for years, and it has seen its share of malware, even in Google’s official Play store. Although third-party security vendors had to jump in and come up with a line of defense against ill-intended apps, Google had the inspiration to introduce the Bouncer app-vetting system that kicked malicious apps out of its marketplace.

Increasing demand for new security features encouraged Google to slowly add mechanisms designed to protect against both malicious apps and cybercriminals trying to exploit system vulnerabilities.

Hoping for the Best

Right before KitKat was released, we had our fingers crossed for a few security improvements we hoped would make a difference in the quest for flawless device security. Among our wishes were antivirus scanner APIs, control over individual app permissions, the ability for some apps to survive a full wipe (in case a device is stolen and wiped, antitheft apps should survive), special sandboxing for apps downloaded from untrusted sources, and even separate profiles for business and personal uses.

Of course, all of this seemed a bit much, especially from one distribution to another. Progress takes time, and Google wasn’t in enough of a rush to simply release security features without properly testing them. So, by the time we saw the new Android Lollipop, some of our wishes took a step closer to reality.

One Small Step for Android …

Some of our predictions, such as antivirus scanner APIs, will probably not make it any time soon to Android, but they are likely on some product manager’s roadmap.

New connectivity APIs, though, made their way onto Lollipop, favoring a more seamless communication between Android smartphones and the plethora of Android devices out there such as TVs, smartwatches, and smartbands. While our predictions were half right, Google went a different way by aiming for compatibility with the Internet of Things instead of going for security vendors.

But all is not lost, as security has been upgraded thanks to the default SELinux enforcing mode for all applications, meaning that malware will have a hard time exploiting system vulnerabilities.

Among some of the new security features, there’s now a geo-fencing option (Trusted Places) that allows devices to stay unlocked when inside a trusted perimeter such as your home. It’s a pretty nifty feature that takes away the need to always input your security pin code even at home, as there’s no risk of strangers eyeballing your personal information.

There’s also a new data encryption feature that’s most useful when you’re using an Android device for both personal and business activities, as you can rest assured that your company documents will safely stay undecipherable in case your phone or tablet is lost or stolen. Google has taken into account Bring Your Own Device policies and seems to have added more than just encryption, as support for multiple profiles has also been improved.

The Future’s Bright

While only some of our predictions have come true, it’s heartwarming to see Google deploying new and improved security features as its mobile OS matures. In light of the recent boom in smart gadgets that rely on Android communication APIs to work properly, we just might see more improvements on the security side, now that they’ve got the user interface covered by the new material design.

Liviu Arsene is a senior e-threat analyst for Bitdefender, with a strong background in security and technology. Reporting on global trends and developments in computer security, he writes about malware outbreaks and security incidents while coordinating with technical and ... View Full Bio
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
BobDad
100%
0%
BobDad,
User Rank: Strategist
7/30/2015 | 12:13:55 PM
Lollipop not mature, many bugs
My Samsung Note 4 Edge with Android 5.0.1 crashes hourly even though applications have updated many times since the OS revision on July 2nd. Facebook and Firefox are the worst and seems to be related to scrolling most times. Screen freezes, or turns white or black. Terrible beta os that shouldn't have been released into the wild until more QC had been done. Contact just got a lame excuse, "Well, we needed to release a security update." Lame, lame, lame! Both Samsung and VerizonMobile stated that their supposed "vetting" of Android 5.0.1 only related to their own additions to the OS and not to the IS specifically... Total cop-out from everyone!
hho927
50%
50%
hho927,
User Rank: Ninja
7/29/2015 | 12:46:59 PM
Root problem.
The software was from a startup company. They wanted to grap (growth) the market as fast as possible.

There was no app QC.  They wanted to get many apps(MS is doing the same thing now).

The design was relax, easy for geeks to program toy with it.

Google must realize that the OS is mature now to fix the original design flaws.
SunitaT0
50%
50%
SunitaT0,
User Rank: Ninja
3/22/2015 | 10:48:11 PM
Android security needed a big boost
With so many wavering cloud failures and device hacks, we needed something from the root levels, and that is within the Android file system. However I think if Android made some changes for allowing third party software onto the lollipop, that would be great. Most mobile security companies (McAfee for e.g.) provide thorough security but on board management on the android no matter what your processor speed is or how many gigs of ram you have, is very difficult because after a couple days android starts to lag with the security software.
The State of IT & Cybersecurity Operations 2020
The State of IT & Cybersecurity Operations 2020
Download this report from InformationWeek, in partnership with Dark Reading, to learn more about how today's IT operations teams work with cybersecurity operations, what technologies they are using, and how they communicate and share responsibility--or create risk by failing to do so. Get it now!
Commentary
Gartner Forecast Sees 7.3% Shrinkage in IT Spending for 2020
Joao-Pierre S. Ruth, Senior Writer,  7/15/2020
Slideshows
10 Ways AI Is Transforming Enterprise Software
Cynthia Harvey, Freelance Journalist, InformationWeek,  7/13/2020
Commentary
IT Career Paths You May Not Have Considered
Lisa Morgan, Freelance Writer,  6/30/2020
Register for InformationWeek Newsletters
Video
Current Issue
Key to Cloud Success: The Right Management
This IT Trend highlights some of the steps IT teams can take to keep their cloud environments running in a safe, efficient manner.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll