Android Security Gets Better with Lollipop - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Partner Perspectives
Commentary
3/18/2015
11:20 AM
Liviu Arsene
Liviu Arsene
Partner Perspectives
Connect Directly
Twitter
Google+
LinkedIn
RSS
100%
0%

Android Security Gets Better with Lollipop

It's reassuring to see Google deploying new and improved security features as its mobile OS matures.

Android has been around for years, and it has seen its share of malware, even in Google’s official Play store. Although third-party security vendors had to jump in and come up with a line of defense against ill-intended apps, Google had the inspiration to introduce the Bouncer app-vetting system that kicked malicious apps out of its marketplace.

Increasing demand for new security features encouraged Google to slowly add mechanisms designed to protect against both malicious apps and cybercriminals trying to exploit system vulnerabilities.

Hoping for the Best

Right before KitKat was released, we had our fingers crossed for a few security improvements we hoped would make a difference in the quest for flawless device security. Among our wishes were antivirus scanner APIs, control over individual app permissions, the ability for some apps to survive a full wipe (in case a device is stolen and wiped, antitheft apps should survive), special sandboxing for apps downloaded from untrusted sources, and even separate profiles for business and personal uses.

Of course, all of this seemed a bit much, especially from one distribution to another. Progress takes time, and Google wasn’t in enough of a rush to simply release security features without properly testing them. So, by the time we saw the new Android Lollipop, some of our wishes took a step closer to reality.

One Small Step for Android …

Some of our predictions, such as antivirus scanner APIs, will probably not make it any time soon to Android, but they are likely on some product manager’s roadmap.

New connectivity APIs, though, made their way onto Lollipop, favoring a more seamless communication between Android smartphones and the plethora of Android devices out there such as TVs, smartwatches, and smartbands. While our predictions were half right, Google went a different way by aiming for compatibility with the Internet of Things instead of going for security vendors.

But all is not lost, as security has been upgraded thanks to the default SELinux enforcing mode for all applications, meaning that malware will have a hard time exploiting system vulnerabilities.

Among some of the new security features, there’s now a geo-fencing option (Trusted Places) that allows devices to stay unlocked when inside a trusted perimeter such as your home. It’s a pretty nifty feature that takes away the need to always input your security pin code even at home, as there’s no risk of strangers eyeballing your personal information.

There’s also a new data encryption feature that’s most useful when you’re using an Android device for both personal and business activities, as you can rest assured that your company documents will safely stay undecipherable in case your phone or tablet is lost or stolen. Google has taken into account Bring Your Own Device policies and seems to have added more than just encryption, as support for multiple profiles has also been improved.

The Future’s Bright

While only some of our predictions have come true, it’s heartwarming to see Google deploying new and improved security features as its mobile OS matures. In light of the recent boom in smart gadgets that rely on Android communication APIs to work properly, we just might see more improvements on the security side, now that they’ve got the user interface covered by the new material design.

Liviu Arsene is a senior e-threat analyst for Bitdefender, with a strong background in security and technology. Reporting on global trends and developments in computer security, he writes about malware outbreaks and security incidents while coordinating with technical and ... View Full Bio
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
BobDad
100%
0%
BobDad,
User Rank: Strategist
7/30/2015 | 12:13:55 PM
Lollipop not mature, many bugs
My Samsung Note 4 Edge with Android 5.0.1 crashes hourly even though applications have updated many times since the OS revision on July 2nd. Facebook and Firefox are the worst and seems to be related to scrolling most times. Screen freezes, or turns white or black. Terrible beta os that shouldn't have been released into the wild until more QC had been done. Contact just got a lame excuse, "Well, we needed to release a security update." Lame, lame, lame! Both Samsung and VerizonMobile stated that their supposed "vetting" of Android 5.0.1 only related to their own additions to the OS and not to the IS specifically... Total cop-out from everyone!
hho927
50%
50%
hho927,
User Rank: Ninja
7/29/2015 | 12:46:59 PM
Root problem.
The software was from a startup company. They wanted to grap (growth) the market as fast as possible.

There was no app QC.  They wanted to get many apps(MS is doing the same thing now).

The design was relax, easy for geeks to program toy with it.

Google must realize that the OS is mature now to fix the original design flaws.
SunitaT0
50%
50%
SunitaT0,
User Rank: Ninja
3/22/2015 | 10:48:11 PM
Android security needed a big boost
With so many wavering cloud failures and device hacks, we needed something from the root levels, and that is within the Android file system. However I think if Android made some changes for allowing third party software onto the lollipop, that would be great. Most mobile security companies (McAfee for e.g.) provide thorough security but on board management on the android no matter what your processor speed is or how many gigs of ram you have, is very difficult because after a couple days android starts to lag with the security software.
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Slideshows
What Digital Transformation Is (And Isn't)
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/4/2019
Commentary
Watch Out for New Barriers to Faster Software Development
Lisa Morgan, Freelance Writer,  12/3/2019
Commentary
If DevOps Is So Awesome, Why Is Your Initiative Failing?
Guest Commentary, Guest Commentary,  12/2/2019
Register for InformationWeek Newsletters
Video
Current Issue
The Cloud Gets Ready for the 20's
This IT Trend Report explores how cloud computing is being shaped for the next phase in its maturation. It will help enterprise IT decision makers and business leaders understand some of the key trends reflected emerging cloud concepts and technologies, and in enterprise cloud usage patterns. Get it today!
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll