Home

Android and its lack of true enterprise-level features.

- Posted on September 14th, 2010
Tagged:  

It seems as if Google is dropping the ball with regard to true enterprise-level features in their Android operating system.

When Android finally started gaining some traction and handset makers started releasing more devices with the mobile/tablet operating system, we were excited to try it out with our enterprise messaging system. There was a problem though - Android didn't support most the Exchange Active Sync protocol security features (such as device password enforcement, device encryption enforcement, etc). Without these features our corporate security team would not allow Android devices to synchronize mail, calendar, and contacts from the corporate messaging environment (Microsoft Exchange).

With the announcement of Android 2.2 (Froyo) it seemed as if Android finally had the necessary support for EAS security features. After setting up a Droid Incredible we've come to find out that there are still issues with handset encryption, as well as other issues in Android's enterprise-level feature set.

We use an internal corporate Public Key Infrastructure based on Windows 2008 Certificate Server to issue some certificates for various internal and external purposes. We were under the assumption that we could just import our internal Root CA chain onto an Android device and then our internally issue certificates would be trusted. Evidently that's not so easy on an Android-based handset.

In fact there is an issue open in the Google Code Android bug tracker that raises this issue and asks for it to be resolved. Today however, an Android developer declined the issue and resolved it stating that there were too many unrelated issues in the bug. He has since opened a new bug related to this issue.

If you would like to be able to use your own Root CA chain on an Android device, or be able to import currently untrusted public Root CA's that haven't been included in the Android firmware include on your handset, I encourage you to "star" this item:


http://code.google.com/p/android/issues/detail?id=11231

As of now, we still cannot support Android handsets in our corporate environment. Google, if you want to have enterprise embrace Android you need to have these rather basic features available. Hopefully Gingerbread (Android 3.0) will be much more enterprise-friendly.

Looking forward to sine tasty Gingerbread goodness.

Later,
Flux.

Related Story: 
Android 2.0 Lacking ActiveSync Provisioning Protocol Features
Bookmark/Search this post with
  • Twitter
  • Digg
  • del.icio.us
  • StumbleUpon
  • Facebook
  • Google
  • LinkedIn
  • MySpace
  • Newsvine
  • Reddit
  • SlashDot
  • Yahoo