Skip to content

News From The Android Enterprise Summit: Changes In Device Admin

1 min read

At the Android Enterprise Summit in London, Google shared more specific detail about the forthcoming changes in Device Admin.

When Android version Q is released some APIs used by Device Admin will be blocked and cause exceptions on the device and applications will stop working.
The same update will be released onto Android P “Pie” at the same time - with an important and useful difference. Those APIs will not be blocked but instead write errors into the device's logs (users will notice nothing.) These logs can be viewed by IT Administrators to make sure that nothing is in use that will fail when Android Q arrives at the device.
Android P and earlier will continue to run, for now, with Device Administrator. At some point in the future it is likely that Google Play Protect will detect and block the Device Admin APIs, again causing loss of access to applications. To be clear this is a potential future change and not something to force any action at this time.
If you have any Android P devices with the capacity to upgrade to Android Q when it is released (in some ways this is hopefully a high proportion of devices), you must enrol them into Android Enterprise before they update the Operating System to avoid loss of service. Whilst this does involve factory resetting the devices, it is better to carry out as a managed process than react after an upgrade.
The least disruptive way of adopting Android Enterprise (above point not withstanding) is to define a cut-off point where existing devices carry on with Android Device Admin but any new device, reset device or switch of handset between users is registered as Android Enterprise.
Find out more about Securing Android Enterprise in our forthcoming webinar on the 19th September. 
Sign up now
Some other recommended actions:
  • Reach out to your MDM/EMM/UEM provider and seek confirmation that they fully support Android Enterprise along with the ability to help you configure all of your use cases and feature parity.
  • Ensure that your MDM is able to support the full range of Android Enterprise deployment options and explain them clearly - there are more acronyms in current use than deployment variations! (BYOD, COPE, Work Profile, Fully Managed, COSU etc.)
Further investigation reveals that with Android Q and Work Profile, Google are enabling privacy by design (no visibility of personal side of device) and Shared Data between personal /business Calendar, Contacts and others. This sharing is being done in a managed way BUT please ensure that you fully understand any risks in relation to your organisation.

Latest Blogs

Visit the blog

Overcoming the Most Pressing Challenges CISOs Face Today

It’s no secret that CISOs have some of the toughest roles in any organisation, especially with the...

Read More

How to Calculate a Return on Investment (ROI) of Cyber Security

Cyber security is a minefield for many, not just in terms of its intricacies and ever-changing...

Read More

6 Ways Cyber Security Can Be Improved at Your Company

We know the old ways of working, well, don’t work — and they call for innovative, forward-thinking...

Read More

7 Business Growth Benefits of Cyber Security You Should Know

All organisations understand that cyber security is now an essential expense, helping companies cut...

Read More

The Pros and Cons of a Cost-Benefit Analysis Approach to Cyber Security

The cost-benefit analysis approach to cyber security is perhaps the most popular in helping prove...

Read More

Let's Talk

Get on a first-name basis with the Bridgeway team. Let’s chat about your organisational objectives and any critical cyber security concerns you need to cover.

Let's talk