Android getting worked

3 key points Google will address for Android at Work success


3 key points Google will address for Android at Work success

A couple of days ago, Google officially launched Android for Work, their long awaited and much anticipated advance toward an relevant effort for enterprise integration of Android. They are a determined to compete with iOS, which currently commands about 75% of Enterprise activations. There are many reasons we can attribute to the success of Apple in the enterprise. The iPad, the number of applications designed for it and the user experience it provides are a few. But there are also reasons that are based less on technology and more on decision making and culture that give insight to these metrics. We will look at 3 specific examples of these in this article.

Google announced their plans for the Android for Work venture at I/O last year. Since then they have been priming the tools and creating the partnerships that will better their chances for disrupting the war footing that iOS has in the mobile work space. There are 4 key components to their strategy:

Work profiles – This is the isolation element of Work. It provides the security component for the business, and the privacy component for the user. Work Profiles allow IT to deploy applications and manage work data. This is currently only supported in Android 5.0 (Lollipop) which makes up 1.6% of the installed user base.
The Android for Work application – For the 45% of Android users on KitKat and Ice Cream Sandwich, this application will serve as the conduit for business application data like mail, contacts and documents and contains the approved applications the user can use.
Google Play for Work – Management, deployment and distribution of approved applications is vital to security. Play for Work will serve as the gatekeeper for these tasks, and is controlled by IT.
Built-in productivity tools – Mail, Contacts and Calendars that support Microsoft Exchange and IBM Lotus Notes. Docs, Sheets and Slides will probably make their appearance here as well

The partner side of the strategy relies heavily upon approved software vendors that will re-tool their code to conform with the API’s that keep the deployment secure. This means the user can have 2 versions of the same application installed, but one will be visually designated with a toolbox badge indicating control by IT. The management component of the partner strategy will come from veteran MDM service providers like AirWatch, Mobile Iron, SOTI and MaaS360. All of whom have been deploying client and management monitoring tools and services for quite some time.

While this all looks great on paper, there are some serious issues that Google needs to address if they are going to make a substantive impact in the mobile enterprise. Some of them stem from the competition. Others exist due to lack of competency and poor business decisions. Let’s have a look at this list of issues that prevent Android from being a serious competitor in the Enterprise.

Competing with Apple

Many will balk at the the thought that Apple is a problem for Google. This mostly due to the fixation on consumer market share. Android commands an impressive 80% of the world wide market share and recently activated it’s one billionth device. iOS earned almost 15%. So why the 180 degree out of phase metrics between consumer and enterprise?

Part of it is that they are a little late to the game as far as tools and support for business go. Apple has deployed tools for enterprise deployment partners for about 4 years. Tools like the iPhone configuration utility, Configurator, XCODE, Server and yes, even iTunes. Apple has programs like VPP in place which help deploy applications at a better cost due to volume, and a protocol to ensure the license for that application remains with the business, not the handset or tablet.

Apple has a deployment program for the procurement of the devices and the user identification security component (AppleID), so the devices are ready to go out of the box before anyone at the customer site has even unwrapped the cellophane.

Finally, the 2 things Apple does best: Partnership building and Customer Service. The reach Apple has in the context of 3rd party partners who provide tiered MaaS is unparalleled. They have a partnership program that requires competency, strength in staff and must also meet a revenue threshold just to have the chance to fill out the request. Customer Service in the enterprise is just as important to Apple as consumer. Apple has an organic effort to provide mobile deployment consultation on site, and AppleCare Enterprise which will support the post deployment transition.

For these reasons, the current business model for the consumer deployment of Android…which is flood the market with cheap or free devices and applications, won’t be effective. A shift in philosophy will be required, and that will mean Google will need to do something they don’t have much experience in. That brings us to our next issue.

Having a customer that doesn’t sell things to the user

If you want to see where your competitors customers are, all you have to do is look at the revenue breakdown. Pretty simple right? Well if we look at the Google revenue distribution numbers, it doesn’t look pretty. Not in the sense that they don’t make a lot of money, because they absolutely do. However, the diversification of that revenue isn’t very diversified at all. It comes from web services ad revenue. And the key to that revenue is engagement in the environment that will collect behavioral, historical and location data from the device user. This data gets collected, trended and archived until it becomes a viable product for Googles customer: Advertisers. These advertisers will then take those trends and target market the user who created that data.


In this process, Google makes billions of dollars every year. It’s why they spend millions of dollars every month just to maintain Maps, and Gmail and other web and mobile services, only to give it away for free. The software and services are the engagement element…the ‘bait’ if you will. People trade their private data for the use of Google software and services without a monetary investment. Wether or not the consumer understands the stipulations of this symbiotic relationship is irrelevant, because businesses do. They have to. Because Googles mobile enterprise plan is based on IT not breaking the privacy barrier between work and personal data. How the personal side of the private data/security equation will be handled, is something that must be addressed. Is there a possibility of privacy vulnerability on both the business and the personal side of the data store from someone other than the user and the Management element? What is the process for reporting a vulnerability if there is? Is there a periodic and scan and analysis inspection to ensure security is intact? How often will we get reports of this process?

If Google answers, “We promise that we will only collect private data from your employee.” I’m not convinced that will be a good enough answer for a prospective customer to agree to their program. If they say, “We promise to only collect private data from your employee when they aren’t on site.” It is a lose/lose for both parties. Google’s drop in revenue due to the reduced number of hours that users are the most active on the handset would be substantial. The opportunity for collecting private data could be halved, and the prospective customer still might have reservations about the company data being compromised.

For every BYOD user Google brings into the enterprise, they risk losing a datapoint generator. If a company handles sensitive material on their network infrastructure, they wouldn’t want that information on a handset that Google is also using to collect data with the intent to sell it. Especially government business.

It will be interesting to see how this plays out. Googles record for protection of private data and application deployment security are abysmal. The Android for Work deployment strategy might look good on paper, and they may have some great partners willing to help them. But the fact is they have very little record of success in this area. The success they have been able to achieve is completely overshadowed by the blogs that report another Android malware issue, or another hijack of a users phone that involves extortion, or another instance of an application raiding the mail and contact data of a user.

It will take a complete departure from their current philosophy to overcome this challenge.

Supporting the Customer (The Enterprise customer) when challenges arise.

If you look at the devices that are supported in the 4 key components to their enterprise strategy, the math will indicate that more than half of Googles installed user base is missing. It happens to be the largest segment of the Android community, and unfortunately the story is the most tragic. Jellybean users don’t seem to be recognized in the Android for Work strategy. This is surprising, considering the possible revenue reduction from the issues we have already discussed. You would think every effort to include all users in this launch would be paramount. The key word here is effort.

Google made a foolish decision less than 2 weeks ago to allow hundreds of millions of Android users remain vulnerable to a remote attack due to a UI WebView vulnerability in their WebKit based browser. Their reasoning behind the decision was based on the level of effort required to comb 5 million lines of code just to patch an exploit for an operating system that has aged. They didn’t think it made good business sense. Instead they suggested that these users who make up the majority of their installed base, avoid an environment where WebView might be an issue. They also told developers to update their respective environments so WebView would not be executed on these browsers. Then they simply advised vulnerable users to buy a new phone because Android 5 doesn’t have this problem.

I’m not cognizant of the reasons why Google left Jelly Bean out of the Android for Work program. It could be due to the age of the operating system and incompatibility issues. Perhaps it was the level of effort required to square it away so that it could be included. What I do know, is they would only be capable of making a decision like this in the enterprise just once before getting fired.

There is only one thing that Google will be left with if they plan on creating and maintaining business relationships by telling their customer to buy new phones when there is a security issue with the phones they sold them last year. And that will be the severe reduction in the level of effort required maintain their Enterprise customer base.

That will be because there won’t be any.

Jason Yeaman
Site Operator:

%d bloggers like this: