Android Security Gets Better with Lollipop - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Partner Perspectives
Commentary
3/18/2015
11:20 AM
Liviu Arsene
Liviu Arsene
Partner Perspectives
Connect Directly
Twitter
LinkedIn
RSS
100%
0%

Android Security Gets Better with Lollipop

It's reassuring to see Google deploying new and improved security features as its mobile OS matures.

Android has been around for years, and it has seen its share of malware, even in Google’s official Play store. Although third-party security vendors had to jump in and come up with a line of defense against ill-intended apps, Google had the inspiration to introduce the Bouncer app-vetting system that kicked malicious apps out of its marketplace.

Increasing demand for new security features encouraged Google to slowly add mechanisms designed to protect against both malicious apps and cybercriminals trying to exploit system vulnerabilities.

Hoping for the Best

Right before KitKat was released, we had our fingers crossed for a few security improvements we hoped would make a difference in the quest for flawless device security. Among our wishes were antivirus scanner APIs, control over individual app permissions, the ability for some apps to survive a full wipe (in case a device is stolen and wiped, antitheft apps should survive), special sandboxing for apps downloaded from untrusted sources, and even separate profiles for business and personal uses.

Of course, all of this seemed a bit much, especially from one distribution to another. Progress takes time, and Google wasn’t in enough of a rush to simply release security features without properly testing them. So, by the time we saw the new Android Lollipop, some of our wishes took a step closer to reality.

One Small Step for Android …

Some of our predictions, such as antivirus scanner APIs, will probably not make it any time soon to Android, but they are likely on some product manager’s roadmap.

New connectivity APIs, though, made their way onto Lollipop, favoring a more seamless communication between Android smartphones and the plethora of Android devices out there such as TVs, smartwatches, and smartbands. While our predictions were half right, Google went a different way by aiming for compatibility with the Internet of Things instead of going for security vendors.

But all is not lost, as security has been upgraded thanks to the default SELinux enforcing mode for all applications, meaning that malware will have a hard time exploiting system vulnerabilities.

Among some of the new security features, there’s now a geo-fencing option (Trusted Places) that allows devices to stay unlocked when inside a trusted perimeter such as your home. It’s a pretty nifty feature that takes away the need to always input your security pin code even at home, as there’s no risk of strangers eyeballing your personal information.

There’s also a new data encryption feature that’s most useful when you’re using an Android device for both personal and business activities, as you can rest assured that your company documents will safely stay undecipherable in case your phone or tablet is lost or stolen. Google has taken into account Bring Your Own Device policies and seems to have added more than just encryption, as support for multiple profiles has also been improved.

The Future’s Bright

While only some of our predictions have come true, it’s heartwarming to see Google deploying new and improved security features as its mobile OS matures. In light of the recent boom in smart gadgets that rely on Android communication APIs to work properly, we just might see more improvements on the security side, now that they’ve got the user interface covered by the new material design.

Liviu Arsene is a Global Cybersecurity Researcher for Bitdefender, with a strong background in security and technology. Researching global trends and developments in cybersecurity, he focuses on advanced persistent threats and security incidents while assessing their impact ... View Full Bio
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
2021 State of ITOps and SecOps Report
2021 State of ITOps and SecOps Report
This new report from InformationWeek explores what we've learned over the past year, critical trends around ITOps and SecOps, and where leaders are focusing their time and efforts to support a growing digital economy. Download it today!
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

News
Remote Work Tops SF, NYC for Most High-Paying Job Openings
Jessica Davis, Senior Editor, Enterprise Apps,  7/20/2021
Slideshows
Blockchain Gets Real Across Industries
Lisa Morgan, Freelance Writer,  7/22/2021
Commentary
Seeking a Competitive Edge vs. Chasing Savings in the Cloud
Joao-Pierre S. Ruth, Senior Writer,  7/19/2021
Register for InformationWeek Newsletters
Video
Current Issue
Monitoring Critical Cloud Workloads Report
In this report, our experts will discuss how to advance your ability to monitor critical workloads as they move about the various cloud platforms in your company.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll