Control over how sensitive files are shared could be big for Google's place in a BYOD world
Earlier we got a little more information about the new enterprise features coming with Android L, courtesy of Samsung's contribution of portions of Knox. As consumers, it's not really the sort of thing we think about, at least not very often. But one of the bullet points really stood out to me, and I think it could be just the thing Google needs to build out their own piece of enterprise market share — managed intents.
Read on to see why I think this is Google's foot in the door of the enterprise.
We all use and love Android's intents system, even if we're not sure exactly what it is. Every time you want to share from one app to another, or set an app as a default you're leveraging Android's most powerful feature. For a real-world example, open a picture in your favorite gallery app. It can be the stock gallery that came with your phone, or any of the great replacements from Google Play. When you open the share menu, you'll see every app on your phone that says it can do something with that picture. The same goes for text files, or spreadsheets, or zip files or just about any other file type. Intents allow apps to communicate with each other, and share data. It's a powerful system, and adds a lot to the ease-of-use factor.
Every time you share from one app to another you're leveraging Android's intents feature
But it is also something that your IT manager — or whoever sets security policy for devices — might have a problem with. The way things work now (in "stock" Android) you can share anything with any other app. You could share some sort of uber-secret company document with the pastebin app, for example. This means your company has to trust you, and while you should always build a level of trust with your employer, trust is never really secure and accidents can happen. Managed intents through an all-new set of security policies and managed accounts in Android L changes all of this.
I can envision a system that lets your policy manager prevent you from sharing managed documents from Google Docs (for example) with your personal account. You could still share them through your company account, where the IT department has more control over what files can be sent outside and who they can be sent to. While we, as consumer users, think of this as some draconian iron-grip control over your phone that you paid for, your company sees it as a way to have better control over their assets. In other words, exactly what they are looking for in any BYOD program. Remember, it's their job to make it hard for you to let sensitive information get into the wrong hands, either purposefully or accidentally.
this is a first step towards "app-level" security that's worth a damn
This can go even deeper. We've already seen how Chrome and Android are going to get more friendly and talk to each other, and there is no reason new security settings can't be placed into ChromeOS. Google thinks Chromebooks are the perfect laptop for the enterprise, and adding a new layer of security and advanced policy management to the mix (as well as more robust Google Apps account control) could make for a perfect one-two punch to attract corporate customers. With Sundar at the head of both teams, I feel certain that I'm not the first to think of this scenario.
While I don't think we'll see the end of MCSE's working tirelessly to keep control over a corporate network environment just yet, I can see this as a first step towards "app-level" security that's worth a damn, and a way for Google to court companies big and small with real security tools. We have no idea if this will catch on or even play out this way, but we do know Google wants to position itself as a viable alternative to what is available now. I'm really looking forward to seeing what becomes of Android for Work and to see if Google is really serious about the enterprise.