12th
Experts Agree with WKF: Android is Insecure for Government Use
In speaking about the state of encryption platforms in April, I suggested that in contrast to Apple which had just earned its first government encryption certification, “the level of effort necessary for Google to obtain a comparable Android full device encryption solution seems too great to overcome in the short term.”
In other words, ‘Andoid ain’t secure enough for secure government use.’
An article published Friday in Federal Computer Week makes similar observations and the notion that Android can’t be adequately secured is gaining traction. Former Defense Intelligence Agency CTO Bob Gourley expands on the topic in a GovLoop post.
To put it plainly: the reasons that made BlackBerry a compelling platform in the previous generation of secure government mobile devices are the same ones that point out Android’s fundamental flaws in the current generation.
Platforms such as Apple’s iOS and BlackBerry’s flagging QNX are, structurally speaking, more readily secured.
If Google sets more prescriptive blanket standards for Android hardware specifications this could change, but for the foreseeable future, it’s difficult to imagine any Android device earning a FIPS 140-2 Level 2 certificate, the minimum benchmark for many secure government needs.
