Google Found a Way to Make Android (almost) as Secure as iOS.

Consider this, iPhone 5S was launched way back in 2013. It shipped with iOS 7. With the release of iOS 12, Apple surprised everyone by announcing that its all-new OS would be compatible with iPhone 5S too. In doing so, Apple broke its own previous record of supporting its devices for five years. iPhone 5S has now passed through a record-breaking six different versions of iOS. That’s five upgrades and tons of security updates over the past six years. Users can make an investment in a brand-new iPhone with the knowledge that they will continue to receive the latest upgrades, including security updates for at least half a decade.

Now, let’s move across the aisle to the Android world. The word ‘chaotic’ hardly does justice to the storm that has been brewing here. Manufacturers routinely stop issuing security updates when their devices get older than two years and often sooner when the userbase drops. This leaves the existing users wide open to hackers intending to take advantage of the flaws and security vulnerabilities.

For enterprise users, risk mitigation would mean either investment into the in-house talent that can fix the vulnerabilities or upgrading to the latest Android devices every two years or so. Both of them would require budget expansions and also take away focus from the primary objectives of the business.

Mandatory Updates

In 2018, Google made some decisive steps to make its smartphone ecosystem more attractive for enterprise users.

The first of them came in early 2018 when reports emerged that Google was adding a provision to its agreement with the manufacturing partners that mandated security updates for at least two years for their devices. The terms also required that they would provide four security updates in the first year. The security updates would continue in the second year too, but the conditions did not specify how many.

Wait, What About the Older Devices?

The agreements with manufacturers also included terms as per which they would provide security updates for older popular devices. By ‘popular’ Google refers to any device that had more than 100,000 users by the end of January 2018. So, older devices (less than 2-year old phones at the time) continued to receive security updates from their manufacturers.

Just Two Years? That’s Nothing!

True. That’s why Android One Program and Enterprise Recommended Program!

Under the Android One Program, the supported devices receive security updates every month for a total of 3 years.

Google also launched the Enterprise Recommended Program through which it rewards manufacturers for maintaining high standards of support. As part of the program, the manufacturers are required to ship security updates by the end of the month for all security flaws identified 90 days ago.

Google maintains a full list of devices that are part of the Android One and Enterprise Recommended programs.

Conclusion

Google has taken some significant steps to bring some consistency and reliability into its Android platform. Sure, even the promise of security updates for three years does not match the five years or six years of updates that Apple does, but it does put Android on a firm and secure (no pun intended) foundation on which Google can build a more stable and reliable platform for the enterpr