By giving the OK for the U.S. government and military to use Android devices with Samsung's security platform, the Pentagon has confirmed that Google's operating system can be locked down as well as the BlackBerry OS, once considered the gold standard in mobile security.
Samsung announced Friday that the Department of Defense (DoD) had approved the use of Knox-enabled Android smartphones and tablets. Currently, that would include only the Galaxy S4, but Samsung has said more devices would ship with the platform in the near future.
The DoD nod places the S4 on par with the BlackBerry Q10 and Z10 smartphones and Playbook tablets running the Pentagon-approved BlackBerry 10 operating system. Apple is expected to get similar approval this month for iPhones and iPads running iOS 6.
Samsung, which is making a big push in the enterprise market with Knox-enabled S4s, can now say that Android devices can be made as secure as their rivals.
"The OS can certainly be locked down with technology and there is no way to indicate Android is less secure than others, including iOS and BlackBerry," said Xuxian Jiang, a mobile security researcher at North Carolina State University. "The recent approval of S4 for Pentagon and government use is clearly a positive sign."
A key Knox feature borrowed from the BlackBerry lets IT administrators place work and personal information in separate containers on the same device. Called "partitions," the feature encrypts business apps and data in a secured bin, which is all that admins can access. This allows people to wipe their device clean of corporate data when they leave a company, while holding on to their personal information.
Security with Android devices in general has been a problem not because of the operating system itself, but because of the ecosystem around it. Most mobile malware is written for the platform, because the malicious code can be hidden in apps and distributed through any website. Google Play, the official Android app store for consumers, is considered reasonably safe by most experts.
Last year, nearly all of the more than 35,000 instances of mobile malware stemmed from devices running Android, according to IDC. Apple has avoided the same malware problems by requiring that all apps for the iPhone and iPad be vetted by the company and distributed only through its App Store.
Google recently changed itsmPlay Developer Program Policiesto say, "an app downloaded from Google Play may not modify, replace or update its own APK binary code using any method other than Google Play's update mechanism."
The move makes it much more difficult to turn a benign app into a malicious one once it leaves Google Play. When apps could be updated through a third-party server, unscrupulous developers could install malware or have the upgrade gather more personal data than the previous version.
Sign up for CIO Asia eNewsletters.