Google pulled the covers off its Nexus One smartphone today at a press event at its corporate headquarters, touching off for some talk about whether or not it will be able to compete with other smartphones in the enterprise.
This of course leads to a larger question of how Google’s latest play in the mobile space stacks up security-wise with other smartphones, as well as how enterprises should secure the devices when their employees bring them into the workplace.
“Nexus One is running on Android 2.1, the latest update, so is equivalent to iPhone 1.0 and the first version of webOS,” opined Dan Dearing, vice president of marketing at Trust Digital. “webOS has improved its security to be on par with iPhone 2.0. (But) the iPhone 3GS provides the most comprehensive security controls with the addition of hardware-based encryption.”
Businesses are increasingly adopting the iPhone 3GS because of its security and management features, Dearing said. iPhone 3GS however has had its security issues as well, as a researcher demonstrated last year in a pair of YouTube videos.
“Nexus stacks up favorably against other smartphones,” said Forrester Researcher analyst Andrew Jaquith. “Each running application runs in its own process, and is isolated by the OS from other apps. The applications themselves are self-contained and must be digitally signed, so they can’t be tampered with. Perhaps most important, inter-application communications can be restricted by creating a manifest that enumerates what parts of an application other apps can access. There is a lot of granularity in the security policy, underpinned by the Java Runtime Environment that all apps run on top of. As a Java dork, it’s actually quite cool what they are doing.”
Unlike the iPhone however, Android does not have a centralised model for distributing signed applications, he added.
“In Android, you can sign your own applications, and what those applications do is left up to the developer, for good or ill,” he said, adding both models have their pros and cons. “With the iPhone, Apple’s stated intent with their approval process is to make sure the applications aren’t doing anything naughty or using banned APIs. Unlike Android, Apple can yank a developer’s certificate if it needs to.”
Google did not comment on any security features it built into the phone. However, analysts agree the single biggest threat to smartphones remains the physical loss of the device.
“With Blackberry and later generation Windows Mobile phones, enterprises can enforce the needed security policies – mandatory password, mandatory timeout timer, data encryption on device, remote wipe,” said Gartner analyst John Pescatore. “However, we estimate that less than 30 percent of enterprises actually enforce these polices on those devices and worse – until very recently on the iPhone you couldn’t do all four.”
“Android phones should have all four available through 3rd party software, it all depends on how the phone will be setup, he added.
When it comes to managing smartphones, here are some common best practices for enterprises to consider:
US Commerce Department finalises $6.6bn subsidy to TSMC for leading-edge chip plants in Arizona, as…
SpaceX to begin tender offer in December valuing company at $210bn, as Elon Musk's xAI…
US Department of Homeland Security releases advice for development and deployment of AI in critical…
World's biggest PC maker Lenovo beats sales predictions, raises forecast for 2025 as AI capabilities,…
Chip production slows in China in October ahead of expected export controls, while annual EV…
Apple effectively locked 40 million UK users into iCloud and overcharged them, claims £3bn legal…