ABSTRACT
This chapter looks at security concerns for deploying Android and Android applications in an enterprise environment. It reviews security considerations for mobile devices as well as Android devices. The chapter examines hardening Android and developing secure applications for the Android platform. From an enterprise perspective, there are different ways of looking at Android in the environment, with the main being the following three: deploying Android devices, developing Android applications, and the implications of allowing Android applications in the environment. Enterprise security should assume that once stolen or lost, these devices could fall into malicious hands, and security controls to prevent disclosure of sensitive data must be designed with this assumption. An enterprise can either prohibit use of third-party applications through security policy enforcement or through acceptable use policy guidelines. Mobile devices are an integral part of the "computing infrastructure" of an enterprise and are probed in depth by auditors.
