Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Enterprise Android - Mind the gap

Enterprise Android - Mind the gap

As presented at OPAL event in Vienna on Nov. 23rd 2017.

Android is now including enterprise features needed by rugged devices like the ones from Zebra Technologies. In this presentation I'm explaining which are these new features and which gaps still remains with end-user requirements.

Pietro F. Maggi

November 23, 2017

More Decks by Pietro F. Maggi

Other Decks in Technology


  1. MIND THE GAP Rugged Devices and Enterprise Android PIETRO F.

    MAGGI EMEA SW Consultant Sales Engineer
  2. Zebra Spotlight 3 R&D Spend 10%+ of Sales ~$3.65B Global

    Sales 6,500+ Employees Worldwide 4,600+ US & Int’l Patents Issued and Pending
  3. 45+ Years of Innovation 4 First All-touch Android Inventory Solution.

    Increases Productivity by 14%. First Rugged Enterprise Digital Assistant First Rugged RFID Handheld and First Enterprise Digital Assistant (EDA) First Thermal Printer for On-demand Barcode Labeling Founded as Data Specialties by Ed Kaplan and Gary Cless First Handheld Laser Barcode Scanner First Barcode Printer First Laser-Scannable Two-dimensional Barcode First Wearable Computer First Mobile RFID Printing Solutions First Smart Environment for Thermal Printers First IoT Platform for Enterprise Applications (Zatar) First Android- based Enterprise Wearable Computer Only Migration Path to Modem OS for Legacy Windows Applications 1969 1982 1986 1991 1997 2004 2008 2013 2015 2016
  4. Enterprise Asset Intelligence™ 5 RFID Cloud-Based Device Management Card Printing

    Mobile Computing Location and Motion Sensing Data Capture Barcode Printing INTERNET OF THINGS CLOUD MOBILITY
  5. MOBILE COMPUTING Zebra Products Overview 6 Handheld Tablets Vehicle Mount

    DATA CAPTURE RFID Hands-free Handheld PRINTERS Industrial RFID Card Mobile Desktop Print Engines Scan Engines Wearables
  6. 2013 EMC PORTFOLIO RhoMobile Mobile Device Management Document Capture WiFi

    PTT VoIP Telephony Client SOFTWARE Mobile Workforce Management Platforms Utilities MobiControl Application frameworks Voice Enabled TE ACCESSORIES IHV COMPATIBLE VALIDATED MC55A HC, FIPS MC75A HC, HF, HzL, FIPS MC9500 HzL, FIPS MC65 ES400 ET1 Android MC17 CUSTOMER FACING FIELD MOBILITY MC40 Android, HC SB1 FIPS MC45 FIPS MC67 FIPS EP10 TC55 Releases NA Q1 Android TASK SPECIFIC INDUSTRIAL MOBILITY KNOWLEDGE WORKER LINE WORKER MC1000 MC2100 MC9XX0 HzL, FIPS, uhf VC5000 VC6000 FIPS VC70 FIPS vehicle WT41N0 FIPS RS419 RS507 HC1 wearable VH10/VH10f WAP3 Omnii XT15 ni, f 8585/95 8515 8525/30 MC3190 Brk, Gun, Rotate, Uhf, FIPS

    PARCEL POST MC40 HC, FIPS SB1 HC, FIPS TC55 MC45 MC17 MC18 TC70, TC70x WLAN TC75, TC75x WWAN MC55A LAN ONLY, FIPS MC67 Base, NA, Dual WAN ET50 ET55 8”, 10”, Win 8.1, Android Healthcare: TC51 WLAN TC56 WWAN NEXTGEN PRODUCTS BUSINESS TOOLS PRODUCTIVITY TOOLS MANAGEMENT TOOLS DEVELOPMENT TOOLS WorkForce Connect TekSpeech Pro SmartDex SimulScan All Touch TE Swipe Assist PowerPrecision Enterprise Keyboard DataWedge App Gallery StageNow EMM Toolkit Enterprise Home Screen Enterprise Browser EMDK for Android, Xamarin Mx Mobility Extensions - Superior Security, Manageability, Data Capture, And Connectivity Mobility DNA MC2100 WAREHOUSE, MANUFACTURING, BACK OF STORE VC70 FIPS WT41N0 RS419/507 WT6000 RSX000 (4 & 5, 6) Workabout Pro 4 8595 MC3200 Brick, Gun, Rotate, MC31 UHF MC9200 Hazloc, MC91 UHF VH10 F, NB Omnii XT15 NI, F, NB VC80 TC8000 NEXTGEN WEARABLE

  9. Applications Lower risk and expense with purpose built ready-to-use enterprise

    applications – all backed by Zebra. Trust these vetted industry-specific applications to help you optimize productivity and operations. Development Tools Gain the ease of consumer smartphone platforms, without sacrificing the critical data functionality of enterprise solutions. Building, promoting, and delivering applications is the backbone of Zebra ISV’s. Our goal is to make their job easier and more efficient. SimulScan AppGallery RhoMobile All-Touch Terminal Emulation EMDK for Android Mobility DNA: What’s Inside? Utilities Using our robust set of utilities, companies gain simpler management, tighter security, and enhanced product performance. Which collectively keeps workers – and business – moving forward. Workforce Connect Enterprise Browser PowerPrecision Battery Stage Now Enterprise Keyboard Mobility Extensions (Mx) Swipe Assist Enterprise Home Screen
  10. StageNow Grow your business Offer Staging as a service or

    share StageNow with your customers Save Money “StageNow saved us 13.5 man-years of staging effort” Reduce Complexity From 50-100 detailed steps to a few simple steps! Simplify Process 1 barcode, or 1 NFC tag. Not 20 barcodes!
  11. Android for LoB Applications The Enterprise is the Device Owner

    As such, the Enterprise needs a scalable way to manage devices to ensure they are configured in a manner that meets business needs and as is less at risk from Device User mistakes Making Android Enterprise Ready since 2012 Source: https://developer.android.com/work/cosu.html Android for Consumers The User is the Device Owner Configuration of the device is manually done by the User, via the in-device Settings UI.
  12. MX was created to fill the Enterprise “Manageability Gap” for

    Zebra Android devices, by giving access to: • Privileged functions that would otherwise require an MDM Agent to be signed • Proprietary functions that would require an MDM Agent to be OEM specific Evolution of Mobile Device Manageability Zebra MX – Proprietary is better than nothing Zebra created MX to fill the Enterprise “Manageability Gap” for Zebra Android devices 2010s
  13. Single-use APIs for COSU Runtime permissions Improved certificate support Data

    usage tracking Work security challenge File-based encryption Always on VPN Temporarily suspend apps Turn off work mode Managed work profile for BYOD Work managed device for corp-liable devices Managed Google Play for app distribution & management Consistent device management APIs for EMMs Zero-touch enrollment Work profiles on corp-liable devices Employee privacy disclosures Streamlined profile setup Lollipop Marshmallow Nougat Oreo
  14. Enterprise Browser – Build feature-rich web apps that integrate seamlessly

    into our mobile computers DataWedge APIs – operate through Android intents--specific commands that can be used to control data capture Xamarin EMDK – Use Xamarin to build enterprise application targeting Zebra’s Mx features through profiles and custom APIs like: • Barcode • Simulscan • Serial • Cradle • Scan and Pair Android EMDK – Use Android native tools to control Zebra’s Mx features through Profiles and custom APIs like: • Barcode • Simulscan • Serial • Cradle • Scan and Pair Same features* * SecureNFC, for TC75, is only available in Android EMDK
  15. Config.xml for basic setup Keyboard reconfiguration Advanced debug capabilities DOM

    Injection for powerful Web App modernization Enterprise Browser: Client side customization
  16. Recompiling an existing .NET Compact Framework application using Xamarin is

    not an easy task: 1. There’s no WinForm library 2. There’s no ADODB library 3. The applications built 10 years ago and grown organically over time usually doesn’t have (anymore) a MV* architecture. 4. New devices allows new use cases that require new development ITR Mobility’s iFactr can help on the first two point providing a virtualization framework, but there’s really no easy solutions for the other two points. Xamarin: Reuse of code?
  17. Using Xamarin has advantages especially when planning to reuse skills:

    1. Team still needs to support existing .NET Compact Framework apps and work on new Android application 2. Developers doesn’t need to learn a new environment (Android Studio) or a new language (Java) Future proof application Can be a nice way to reduce the cost to bring an application to a new/different OS in the future. Xamarin: Reuse of skills?
  18. A Xamarin app on Android is running on the Mono

    VM, the rest of the OS/Frameworks are written in Java and running on a different VM with a different Garbage Collector. Managing object across the two environment/GC is not an easy task. Xamarin is still improving this part: http://blog.xamarin.com/xamarin.android-garbage-collection-improvements/ Most of the Android ecosystem is linked to the Java language. Open-Source libraries, answers on forums like Stack Overflow and third-party libraries may be only available in Java; A Xamarin binding is not always available. It’s all good in Xamarin land?
  19. Real-World Data on Vulnerabilities/Exploits Vulnerability Initial Claim Headline Unique APKs

    Peak exploitation after public release (per install) Exploitation before public release (absolute) Master Key 99% of devices vulnerable 1231 < 8 in a million 0 FakeID 82% of Android users at risk 258 <1 in a million 0 Stagefright 95% of devices vulnerable N/A None confirmed N/A Source: Google Safety Net Data; Masterkey data collected from 11/15/2012 to 8/15/2013 and previously published at VirusBulletin 2013. Fake ID data collected data collected from 11/15/2012 to 12/11/2014 and previously published at the RSA Conference 2015. Stagefright data current through May 2016.
  20. Q4 2014 Q2 2015 Q4 2015 Q2 2016 Q4 2016

    Google Play only Third party app stores + sideloaded 1.5% 1.0% 0.5% 0.0% 1.36% 1.03% 1.45% 1.58% 1.56% 1.01% 0.87% 0.99% 1.05% 0.05% 0.08% 0.08% 0.10% 0.12% 0.20% 0.06% 0.05% Google Play: 99.95% devices free of potentially harmful apps
  21. Management APIs EMM enforced policy controls Android provides multiple layers

    of security to keep your device and data protected Hardware Dedicated secure hardware elements carry out the most critical tasks OS platform Complete platform security ensures device and data integrity Google Play Protect Always-on app analysis scanning and removal
  22. Zebra Security – 3 Key Paradigms Build on a solid

    foundation Android Enterprise Focus on the task EMM, Kiosk Security Life Cycle Management
  23. HOW TO SECURE ENTERPRISE PLATFORMS? Enterprise Demand New OS Platforms

    1 Consumer Market Adoption is required 2 Successful Consumer OS Will Be Aggressively Attacked 3 30 Day / Quarterly Security Patch Updates

    OWNERSHIP GOALS? Consumer Operating Systems Have limited security support life 1 Security Patches 2+ Years Beyond End-of-Sale Enterprise Customers keep devices in services for 5yrs or more. 2

    Transition Period (OTP) Consumer Operating Systems Have limited security support life 1 Enterprise Customers keep devices in services for 5yrs or more. 2
  26. Typical Consumer Zebra Device Life Cycle Device Avail for Sale

    No commit, <2yrs 3, 4 or 5yrs Post End of Ship Service None Additional 3, 4 or 5yrs Typical Customer Device Refresh 24-29 months* 3-7yrs + Zebra vs Consumer Security Life Cycle 30 Days Security Updates Some Vendors Yes1 Security Patch Level Indication Yes (M+) Yes (M+) Update Duration from First Ship 36 months / 40 months *60 months / 84months OS Transition Period None 12 months Extended OS Transition Period None Available ($) 1 Security Updates released every quarter during the extended life cycle