Dec 16, 2011

How much more control will EAS protocols give admins over smartphones running Android 4.0 vs. earlier Android versions?

For iOS 4, Apple adopted, Exchange ActiveSync security protocols, and it decreased the perceived security risks for businesses using iPhones. Now it looks like Android 4.0 is also going to use EAS protocols. How much difference does this make from a security standpoint?

Here's a good background article on EAS that might help to answer some of your questions, henyfoxe.

Exchange ActiveSync

"Exchange ActiveSync (EAS) is an XML-based protocol that communicates over HTTP (or HTTPS) designed for the synchronization of email, contacts, calendar, tasks and notes from a messaging server to a mobile device. The protocol also provides mobile device management and policy controls."

It adds quite a bit more administrative control.  EAS (Exchange ActiveSync) protocols on Android 3.x tablets and on smartphones with Android 4.0 enable the "device administrator" to function for remote control of some Android security features, such as the ability to wipe all data, set password rules, monitor screen-unlock, et al.  It also adds support for VPN, something that was previously only found in Android tablets.  I believe it also will give admins the ability to disallow installation of non-Android Market apps, which is a good thing, but of course that doesn't eliminate the potential presence of malware apps that sometimes make it onto the Android Market itself.

Answer this