Proper support from Android manufacturers, especially software support, has long been a heated topic for Android enthusiasts. To be fair, at this point, there’s very little Google can do to fix this without directly impacting the openness of Android as an operating system. That’s not to say that they aren’t doing anything about it, however. In the business space, at least some degree of software support is pretty much a necessity, especially when it comes to security. Vulnerabilities in a company’s infrastructure can potentially cause a big headache, even on something as small as a worker’s phone. In theory, this is where Google’s Android Enterprise Recommended Initiative comes in with phone recommendations.
In the past, we’ve talked about Android Enterprise Recommended devices. But what most people don’t know is the rigorous process that goes behind a device getting an Enterprise Recommendation. In this article, we’re going to talk about what these phones are, what’s behind the AER badge, what Google asks from these phones, zero-touch enrollment, why they’re important for businesses — and why they might or might not, be relevant to you.
What is the Android Enterprise Recommended Program?
The Android Enterprise program itself is nothing new. Google’s Android Enterprise program enables the use of Android devices and applications in the workplace. The program has existed since 2014 when Android Lollipop launched, and from the start, the program has provided APIs and other tools that developers can use to add Android support to their enterprise mobility management (EMM) solutions.
With the launch of Android 6.0 Marshmallow in 2015, supporting these Android Enterprise APIs became mandatory in order to even get GMS certification, which greatly boosted their adoption across the Android ecosystem.
This brings us then, to Android Enterprise Recommended devices. These are pretty much devices that have gotten a seal of approval over from the folks at Google for several factors, the most notable being reliable and regularly scheduled security updates, particularly if they’re meant to fix critical vulnerabilities. Phones in this program are supposed to be best-in-class when it comes to reliability and security, two factors that are important in a work environment. After all, these phones are meant to be “ideal” to work with the APIs and EMM services we mentioned before for being used in a work environment.
Should I care about Android Enterprise Recommended phones if I’m not a business?
Even if you’re not getting a device with this seal of approval for a work environment (these phones can be managed through an EMM console), there are reasons why regular users could also find some value in these badges. Android Enterprise Recommended phones are supposed to have semi-regular security updates, although Google relaxed this requirement somewhat in the past few months.
Still, OEMs are still required to roll out prompt security fixes whenever critical issues arise. Smartphones in the program are also expected to provide, at the very least, one major Android update, and OEMs are expected to be transparent with updates and publish information about the guaranteed Android updates these phones will receive, both major and security ones.
Transparency is also needed when it comes to security updates. OEMs are required to publish a security bulletin disclosing all CVE vulnerabilities that they fixed on their phones. You might think most OEMs don’t often do this, but as a part of this program, a lot of them actually …….
Source: https://www.xda-developers.com/android-enterprise-recommended/