Yesterday at Google I/O Sundar Pichai, Google senior vice president of Android, Chrome, and Apps, announced that the next version of Android will finally get the enterprise mobility management enhancements we’ve been waiting for for years.
While iOS’s management capabilities have steadily progressed over the years, Android’s core management capabilities have remained stagnant. To fill the gap, many Android device makers have created their own management frameworks. While some of these are quite good, they have created a larger problem where the specific capabilities of Android management varies depending on whose device you (or, more likely, your users) happen to buy.
But today Google announced Samsung will be contributing the core of their Knox technology back into Android. Android will gain advanced management APIs for security, mobile app management, and keeping work and personal data separate. (If you're not familiar with Knox, read here, here, and here.) Google will start a “certified Android for work” program that includes every major Android device maker and ensures that devices get security features and guaranteed updates.
This means that Android management fragmentation could essentially be gone!
Sure, you’ll have to wait for older devices to filter out, but we’re talking about devices that have a two year replacement cycle. Plus we’re still at the stage where most people aren’t doing EMM yet, anyway.
Since this is an OS-based framework, you can manage any unmodified app with it. Just like when iOS 7 came out, you might be wondering if this means we don’t need to have MAM features built into applications anymore, and again, the answer is no. App-level MAM was a great way to deal with fragmentation or the lack of work/personal separation features, but the inherent differences between these two types of MAM mean that there will always be use cases for both
For devices that won't be running this upcoming version of Android, Google announced that similar features would be available as an app. We can assume that this app will be based on the recently acquired Divide email app and app-level MAM platform. The question here is if and how this app will be manageable by third-party EMM platforms.
One major question is what Samsung’s motivations were for this move. By putting the Knox management APIs into the core version of Android, Samsung is giving up a competitive differentiator to other Android device makers. My best guess is that by improving the management capabilities of all versions of Android, Samsung hopes to make Android in general—and thus also Samsung’s own devices—more attractive to the enterprise, which also helps them win against Apple. Samsung losing this differentiator against other Android OEMs isn’t that big of a deal since they’re already dominating anyway.
This idea of Google adding more enterprise features to Android has been floating around for as long as we’ve felt the pain of fragmentation. In general I’ve been fairly pessimistic, since for years Google made so little motion on the subject.
I even wrote in an article earlier this year saying that I didn’t think Google adding enterprise capabilities would be that big of a deal. That was assuming Google would be doing this on their own, which would have been a long journey. But of course by using Knox, that long journey just got skipped. I also said there would still be room for OEMs to add value, but now there will probably be very little space for OEMs to differentiate their enterprise management features—as well as less of a need to, considering the upcoming certification program.
Interestingly, this idea has been on the minds of Samsung executives for a while. A year ago I had the opportunity to interview Injong Rhee, senior vice president of the Samsung Knox business group. I asked him about this idea, and he mentioned that Samsung was working to adopt an anti-fragmentation policy, that they wanted to embrace a single, homogenous Android, and that his goal was to have Knox technology on devices from other OEMs. (Check out the video, about 13 minutes in.)
Going back even farther, there was a previous effort at fixing Android’s management deficiencies called 3LM, but it failed. I won’t go into it here, but Galen Gruman wrote an excellent overview.
There were other enterprise announcements at Google I/O—in fact they spent a whole 7 minutes on the enterprise! Google will create an Android app bulk deployment program using Play (presumably a counterpart to the Apple Volume Purchase Program), Google Apps will now be able to edit Office documents in their native format, and Google Drive will get some enterprise features. We’ll save the details of these for another time.
Overall, this is a big moment for enterprise mobility and for Android. There’s still a long way to go before we know everything works out, and there could be hidden catches or other problems. But assuming everything goes right, we can cross “Android fragmentation” off the list of enterprise mobile management and mobile device management challenges.