Android allows an enterprise to not only secure corporate data, but also
respect enterprise employees’ personal privacy, across a broad range
of devices with a consistent management approach
BYOD is often promoted to IT as an opportunity for cost savings.
But, in many cases, the promised reduction in device purchases
are overshadowed by the cost of supporting a complex,
heterogeneous device fleet. Furthermore, users of BYOD often
raise questions about employer’s visibility over personal data, and
motivations to get them to do more work in their personal time.
Data regulation and concerns about personal data loss mean
companies are very cautious when managing users’ personal
The Android difference
With Android, the original promise of BYOD can be realized.
Android allows an enterprise to not only secure corporate data,
but also respect employees’ personal privacy, across a broad
range of devices with a consistent management approach. With
over 85% of the world’s smartphones using Android, it is critical to
support Android in your BYOD program. Let’s see how it works…
Android’s work profile
From Android 6.0 Marshmallow and later, Android devices
support an OS-level container called a work profile. The work
profile contains all corporate applications and data and ensures
that the data is separated from any personal apps and data a user
The two profiles run side by side in the home screen of the device,
with work apps and notifications badged with a briefcase. Users
can arrange apps however they wish without affecting where data
is stored. Users can also multi-task between work and personal
apps through the familiar ‘recents’ screen while data remains
Securing work data
Separation between a user’s personal data and work data is
enforced at the OS kernel level across processes, memory and
storage. All applications from Google Play work out of the box with
separate data storage and there’s no need for modification
The lifecycle and policies for the work profile are managed through
a comprehensive range of EMM providers that integrate with
Android. IT admins can enforce a range of policies, including the
following critical elements for preventing data loss:
Screen lock – Enforce a minimum lock complexity or set a lock
screen just for the work profile.
Encryption – Ensure compliance with encryption policies.
Copy/paste – Prevent data being copied from work apps
And pasted into personal apps.
Inter-app sharing – Specify which work apps can share data
with personal apps or block entirely.
App whitelisting – Use managed Google Play to curate your
enterprise app store. You explicitly authorize which apps can be
installed in the work profile to get access to corporate data.
VPN – Apps in the work profile may be secured on the network
through a variety of VPN options, including the ability to ensu