As a long-time user of Gmail and several other Google services, I've come to appreciate the company's Spartan UIs, ever-evolving capabilities, and pervasive integration. This is online services done right—and while I'll reserve an examination of Google's business-oriented Google Apps service for a futurecomparison piece, suffice it to say that the online giant is doing something right besides selling ads attached to search results.
Stray a bit farther from the Google services nest, however, and things get a bit messier. And in the case of Android, Google's mobile OS, things aren't just messy. They're disastrous.
Not from a business perspective, of course. According to Google, it's now activating over 550,000 Android OS-based devices every single day. That's more than double the rate at which Apple activates iOS devices (such as the iPhone and iPad) and good for almost 200 million units per year. Two hundred million.
Thus, Android devices are like locusts, or cancer, or whatever unstoppable plague you care to mention. Unless of course you're Google. I've written at length in the past about my personal objections to Android: I believe Google is literally dumping Android into the marketplace and that the US government should investigate the company for this illegal behavior. (Shocker: The FTC is investigating Google for Android antitrust abuse.) I think that, despite its current dominance, the Android ecosystem is fragile and potentially heading for a fall. And while Google's recent $12.5 billion decision to purchase Motorola Mobility solely for its patent portfolio does answer one very obvious criticism of the platform—which is that it uses the patented technologies owned by many other companies without ever actually paying for that usage—it doesn't address the broader dumping issue I raised earlier.
No, I don't like Android. I don't like the silly number of UIs, OS versions, the different phones that seem to appear every single week, each one-upping the previous "best smartphone ever" with the additional of a single new feature, like a 1/10th of an inch larger screen, 4G hot spot, NFC, whatever. The market for Android devices is impossible to keep up with. And that's just the phones.
But my beef with Android this week is a bit different. Thinking just of IT—that is, the people who need to support the deployment and management of mobile devices—Android is a disaster waiting to happen. And if you're in one of those forward-leaning (or, frankly, smaller and newer) businesses in which the consumerization of IT is more reality than theory, chances are that you've already got Android all over the place. It's embedded in your organization. You know, like a tick.
I can't roll back the clock. But I can tell you that I think Android is far too dangerous to allow anywhere near your vital corporate data. Then, it’s up to you to decide what you should do.
Remember when Windows used to be the number-one target for malware writers? That day is long over. On the PC, hackers have moved on to lower-hanging fruit, which mostly consists of popular applications such as Adobe Reader and Flash. But hackers are also investigating mobile devices. And no mobile platform is more popular or less secure than Android. According to smartphone security firm Lookout, Android malware is skyrocketing, and attackers are taking control of phones and users' personal data, including financial data. Malware is easy to deploy via Android for a number of reasons, but one of the biggest gaffes, I think, is the open nature of the platform, which makes it easier for users to install apps from untrusted sources. On curated platforms such as iPhone or Windows Phone, this can't happen unless the user explicitly jailbreaks the device.
But it's not just that. Platforms such as iOS (iPhone) and Windows Phone OS implement sandboxing techniques to ensure that individual applications are isolated from each other and from the host OS. On Android, apps present the user with a list of required permissions when installed. These permissions provide the apps with access to vital on-device data stores. Expecting users to make an educated decision every single time they install a mobile app is a bit of a stretch. It's like asking them if they'd like to turn off User Account Control (UAC) for particular Windows apps. You know they'd always make the wrong decision.
In the good old days, when you chose a platform vendor, you chose a company you trusted—IBM, Microsoft, VMware, whatever—because you had a history with that company or you knew others who did. But who exactly owns the Android OS that's on your devices? The OS is given away for free, to anyone who wants it, and it can be modified in any number of ways before reaching users via any number of devices. Each of these Android installations uses a different OS version and thus has different capabilities and, just as important, different known vulnerabilities.
We call this issue fragmentation—as if simply naming a problem solves it. But there are very serious issues caused by fragmentation, and it's never clear with any particular device when or even if it will ever be updated to some future OS version. That fact that Google has forked Android even more for smartphone and table-specific Android versions only further complicates matters.
As I've noted elsewhere, Google doesn't care about any of this, and it benefits from the confusion and mess because it can attract far more licensees (the OS is free, after all), which will make far more devices, and sell them via far more wireless carriers. Consumers, not knowing any better, see their 2-year wireless plan about to expire, head to the wireless store (or website) and research the current "best" phone available. And because these things are shipping literally almost every week, that phone is almost always some Android device. (The exception, perhaps, occurs during the month of any Apple product rollout.) Thus, you can see the genius of Google's evil plan in motion.
I'm not going to tell you not to deploy Android in your business. But I am going to recommend that you think about this issue more carefully, consider using Exchange ActiveSync (EAS) policies to lock down these devices as much as possible, and—yes—look at other options, such as the iPhone, iPad, or Windows Phone, any one of which I prefer over Android. The more I look at Google and Android, the less I like what I see. I suspect that will be the case for many of you as well.