Skip to main content

How Android 10 enhances mobile security

We recently shared how Android 10 delivers an abundance of helpful features for enterprises. Today, we’re shining a spotlight on some of the new security and privacy features in Android 10, which give IT admins new tools and protections to help keep their device fleets prepared against the latest threats.

Updatability enhancements

Getting reliable security updates is critical for enterprises, who want the latest protections for their devices. Android 10 introduced Google Play system updates, building on the work of Project Mainline, which focused on a simpler and faster method to deliver updates to the Android ecosystem. Many essential components like media codecs, time zone data, DNS resolver, and Conscrypt are now modularized, enabling them to be updated through Google Play. 

Google Play system updates can be delivered more directly and uniformly across the ecosystem, as vulnerabilities can be patched from Google Play without a full operating system update.

Our security efforts are regularly evolving to better meet ecosystem needs. For example, the 2015 Stagefright vulnerability accelerated patching security vulnerabilities across different device makers with our monthly security updates program. This has led to substantial progress in ecosystem security. Google Play system updates create a stronger framework for quickly and comprehensively addressing future vulnerabilities. We can accelerate the delivery of a patch and make the update available through Google Play, giving greater consistency to the whole ecosystem.

Strengthening data protections

Protecting data in transit and on the device are essential elements to mobile security in an enterprise setting. In Android 10, we added support for TLS 1.3 and made it the default, but TLS 1.2 is still supported.  TLS 1.3 protects more of the handshake process and can be up to 40 percent faster than previous versions.  With better encryption, it enhances the protection of device identities and removes some obsolete and less secure features.

TLS 1.3 removes support for weaker cryptographic algorithms and uses a newly-designed handshake that fixes a number of weaknesses in TLS 1.2. Additionally, it no longer supports certificates that use SHA-1 hash algorithms.

Storage encryption is also critical to enterprise security. All Android 10 devices are required to encrypt user data. While most devices achieve this through the Advanced Encryption Standard (AES), Android 10 uses a new encryption mode called Adiantum, which expands encryption to a wider range of hardware, such as devices with lower-end ARM processors that do not support AES extensions.

Safeguarding app installs with Google Play

Google Play uses a number of tools to deter the installation of malicious apps on devices. Application signing validates that an app has been properly signed by the developer, which indicates it has been submitted unmodified for installation on Android devices. 

Android 10 supports the latest APK signature scheme, which better secures apps against malicious activity. Together with Google Play Protect, Android 10 continues our efforts in applying best-in-class data and device protection.

These security features in Android 10 are a part of our continuing investment in the enterprise and dedication to improving security and privacy for Android users. In the following weeks we’ll be sharing more about the many ways that Android 10 builds on our strong security foundation. Learn more about getting started with Android Enterprise and our ongoing security work.

by Mike Burr via The Keyword

Comments

Post a Comment

Popular posts from this blog

certain keys on my keyboard dont work when "cold"

Hi guys, i have a Lenovo Y520-15IKBN (80WK) and certain keys on the keyboard don't work (e,g,h,8,9,Fn...) but only when the weather is cold. for example in the winter it used to work after certain amount of time when i first boot the laptop and stops working when i stop using it for a while, but now that the weather is hot it works just fine except for the first couple of minutes or when its colder. of course i do realise that it has nothing to do with the outside weather but with the temperature of the computer itself. can someone explain to me why this is happening and how it should be fixed as i cannot take it to the tech service until july even though it's still under warranty because i need it for school. ps: an external keyboard works fine. Submitted April 29, 2018 at 03:35PM by AMmej https://ift.tt/2KiQg05
Post a Comment
Read more

Old PC with a Foxconn n15235 motherboard needs drivers! Help!!

So my Pc corrupted and I had to fresh install windows on it, but now its missing 3 drivers and one of them is for the Ethernet controller! I've tried searching everywhere for the windows 7 drivers but all I seem to find are some dodgey programs saying they will install it for me. Problem is without the ethernet driver I can't bloody connect to the internet. I've been using a USB to try get some drivers on there, but they just end up being useless programmes . I'm also a bit of a noob at these things, I don't understand where to find the names of things in my PC, I've opened it up but I don't understand whats significant and what isnt. If someone has the drivers and can teach me how to install them I'd be very appreciative! Submitted April 29, 2018 at 02:47PM by darrilsteady https://ift.tt/2r76xMZ
Post a Comment
Read more