Android 5.0 (Lollipop) is here. Although the fact that most android users have not personally seen its arrival is irrelevant. Lollipop has landed and with it the new android system brings a wealth of new features. Over the last few weeks (and probably the weeks to come) you will hear more and more of the mainstream features that Lollipop offers. That said, one feature which does not necessarily have the attraction of more headline-friendly features is that of security. However, in reality the security advances being offered on Lollipop are probably the most important.
Android in general has received a lot of bad press over recent times in terms of its security. Some of this is based in truth and some of it has been over-dramatized by you-know-who. Due to Android’s open-source nature, this has meant it is somewhat open-to-attacks too. We all know how hackable android is and with the ability to sideload, use third party app (so widely) and the general level of intrusion means android is less secure. As a result, Lollipop has focused on improving its level of security. So far, all signs seem to point that it really is a much more secure operating system now. One of the most notable ways in which security has been improved is through the use of encryption by default. Now to be clear, encryption of data on android devices has been present on the previous incarnation of (recent) android operating systems. However, it has always required the user to activate the encryption. This inevitably means a number of users are not encrypted. In changing this, Lollipop will offer encryption by default and de facto when first booting up a Lollipop operating system.
CoSoSys is a developer of security software and specializes in aspects such as Data Loss Prevention (DLP) and encryption software. Early indications from CoSoSys seem to agree that Lollipop will greatly improve the level of security offered to android users. In fact, according to CoSoSys the level of enhanced security and in particular the opting for ‘default encryption’ can end the misconceptions that iOS devices are safer than android. Another interesting observation made by the CEO CoSoSys Roman Foeckl is the inclusion of encryption by default may lead to a greater adoption of android in the business and enterprise sector.
“The choice of having encryption enabled by default is wise and it seems clear it will result in greater expansion of Android into the enterprise space. We need to consider the implications of that in information security and data loss prevention. It closes one of the last security gaps between Android and iOS”. CoSoSys do praise the improvement of the Lollipop operating system and especially in noting how the enhancement of automatic encryption will end the rumors that android is less safe then other operating systems. They also did note that these improvements are only paving the way for future enhancements in android security. In particular in terms of privacy and data loss prevention.