Friday, October 15, 2010

More security for your Android

Android has been criticized by a few of not having stricter security policies, on which a user could count on if his device is lost or stolen. Since more and more data, both personal and confidential are finding there way into our smart phones, we do need a more secure system to ensure that our data never fall into the wrong hands. Well, with Android 2.2(Froyo), your Android phones can be more secure by using the new Device Administration API.

What could this API do?
Using these APIs, the IT-Admins can install a Admin App, which enforces system wide security policies.

- Enable Passwords (Only lock screen as of now)
- Set minimum password length
- Alphanumeric password required
- Maximum password attempts
- Maximum inactivity time lock
- Lock device immediately
- Wipe the device data (to factory settings) (Remote/Local)

The key to all these features are that you have to have that admin app installed and activated as well. Also, you can have multiple admin apps that enforce multiple security policies. In situations of clash, the most strict policy will be enforced. This admin app controls how your device behaves in different situations. You can set parameters as to when and under what conditions your device should be wiped out. Say, after 20 failed password attempts, you want to wipe out the data to factory settings, the Admin app can do this using the Device Administration API.

For more information and samples on how to start with this API, visit the official documentation here.

With more and more features being packed into Android, now it is probably targeting the enterprises. Not having a way of enforcing such policies have indeed been a setback for Android to entice the Business users, but now, I can hear them come running. :D