Android vs. iOS in the enterprise: IT now has a real choice

It used to be that Android couldn't get a second look in the enterprise. Now Apple's iOS has real competition.

android vs ios security boxing battle boxing gloves

Ever since Apple introduced its mobile device management (MDM) protocol for managing devices in 2010, the iPhone has been the de facto standard in smartphones for businesses across every industry. The company held on to that position for a decade by providing a plethora of management capabilities, numerous ways to secure corporate conversations and data, the ability to separate personal and business content, and a way to monitor to ensure that every Apple device being used for business is in compliance with corporate requirements.

Meanwhile, Android devices were pretty much treated as pariahs in many organizations. Over the past decade, there has been good reason for that, but it’s time for a reassessment. For example, now there’s the Android Enterprise initiative, which offers APIs and other tools for developers to integrate support for Android into their enterprise mobility management (EMM) systems.

Let’s look at how the Android platform has been catching up to iOS and how the two stack up overall.

Fragmentation: Not the Achilles’ heel it used to be for Android

For consumers, one advantage of Android is that they have hundreds of devices to choose from at every price point. The array of features varies to a remarkable degree, and Android devices can be customized in a multitude of ways.

For corporations, however, that wealth of options amounts to fragmentation and becomes a big disadvantage in business environments. IT departments don’t want to deal with hundreds or thousands of unique devices that have different generations of the Android operating system, inconsistent adjustments to the OS, and widely varying hardware.

Whereas an Android phone could come from any of a score or more of manufacturers, all iPhones are made by Apple, and they share the same OS and user experience and offer the same basic hardware and feature sets. That makes deploying iOS devices a good deal simpler, and it makes building custom enterprise apps much easier as well, since you’re dealing with the same specs.

But Google, the creator of Android, wants in to the enterprise mobility market, and it has sought to rein in the OS’s fragmentation over the years, with varying degrees of success. Fragmentation isn’t going away, but it’s less of a problem now that Google has given IT managers a serious resource for managing it.

That resource is Android Enterprise Recommended, a list of devices and services that Google has verified as being enterprise-ready. The list of devices can be filtered and sorted by several categories, including screen size, RAM, OS version, update frequency, ability to support security updates, regional availability, and whether Google considers the device to be more appropriate for knowledge workers or for users who require rugged devices. 

Google has also been transparent about what it requires from manufacturers in order for their devices to be included on the Android Enterprise Recommended list. These requirements are ordered by the expected use of the device as well as the installed version of Android. (The program supports releases as far back as Android 9.)

All of this makes it more feasible for IT departments to choose to support a wide swath of devices (currently there are over 300 options on the Android Enterprise Recommended list) and be confident that security and management capabilities will be available on them.

Updates: Still a strength for iOS

The second-biggest issue Android has faced in the enterprise is updates — both OS updates and security patches — and their inconsistent availability. Because most Android device makers customize Android to one extent or another for their devices, updates need to be customized for those devices as well. This has often led to delays in devices receiving updates.

Many Android devices never see an OS upgrade because their manufacturers don’t feel it’s worth their time and effort to develop and deploy them — and most have an incentive to not offer updates, since they won’t translate to new sales. By ignoring updates, the manufacturers encourage users who want new features to buy new devices.

Apple, by contrast, goes to great lengths to support older devices when it updates iOS. Multiple generations of older iPhones are supported. And because Apple also owns the update process, iOS users never have to wonder whether they will get the latest iOS release, and there’s no uncertainty about when they’ll get it. The uptake of iOS releases every fall is orders of magnitude higher than the uptake of new Android versions, with the vast majority of iOS devices being updated within a few months.

This is another problem that Google can alleviate but not eliminate, despite years of working to standardize updates. Android Enterprise Recommended is the best way to find out how long a device is expected to receive updates, and the filters also let you specify how often updates should be pushed out to devices.

Google also addresses this in the requirements for Android Enterprise Recommended. To be included on the list, a device must offer at least one major Android release beyond the version that was on the device when it was sold. For devices running Android 9 or 10, security updates must be available for 90 days. For devices running Android 11, manufacturers must regularly publish security update notices, including details about the manufacturer-specific fixes, and link them to Google’s security update bulletins. They must also publish how long the device will receive security updates (as noted, a filtering option on the Android Enterprise Recommended list).

This doesn’t match the seamlessness of Apple’s ability to manage both OS upgrades and security updates, but it does make Android an enterprise contender. IT departments can filter for the devices that they feel match their security and feature update needs and elect to actively support only those devices.

Deployment: Simplified on both platforms

Apple has streamlined enterprises’ ability to deploy iPhones with a zero-touch process known as the Device Enrollment Program (DEP). Devices purchased from Apple or authorized resellers can be connected to an organization’s MDM server on first boot. The device is automatically configured, with the various management and security profiles applied. For both IT and the device’s user, it’s effortless. Apple also offers variations, including user-based enrollment and device-based enrollment, depending on device ownership and use.

Through the Android Enterprise Recommended list, Google is able to guide IT to the devices that support zero-touch deployment. As with Apple’s DEP, devices must be purchased from approved resellers in order to support zero-touch enrollment. Additionally, Google offers various enrollment options, including full device management and work profile management, depending on whether the device is corporate-owned or BYOD.

BYOD: Can you support all the devices users buy?

No BYOD program can adequately support every device on the market, which has tended to give Apple the advantage. With iPhones, there’s a small number of devices to support.

For Android, the solution is for IT to create a list of devices that it will support for BYOD, and the Android Enterprise Recommended list is the starting point. You should expect pushback from users disappointed that their device wasn’t included, so it’s important to communicate the change in policy in a way that doesn’t raise expectations too much. If your organization has only allowed iOS devices for BYOD in the past, moving to include any Android devices at all should be sold as a big step forward.

The work profile: Where Android beats iOS

For the most part, I’ve mentioned areas where Google has tried to match what Apple has already offered. But in a few areas, Android does enterprise management better than Apple.

Most notably, Google clearly separates a user’s personal profile from an installed work profile. Apple does not, probably because it wants a clean and seamless user experience. The advantage of Google’s approach is that it clearly delineates when a user is dealing with work or personal apps, content, or other resources.

This isn’t just a home-screen distinction. On Android, IT can elect to limit or block the ability of content to pass between the two profiles. While Apple also offers the ability block some content from passing between work and personal apps, it isn’t always obvious in iOS share sheets or copy/paste operations why some options aren’t available. Users can end up thinking there’s something wrong with an app or their device.

The work profile approach also offers another advantage: personal and business versions of the same app. Users who have downloaded an app using their personal profile can download it again for the work profile, and the two will be entirely separate. Apple prioritizes a clean UI and so it doesn’t offer anything similar. Users typically need to delete the personally installed app in order to use the managed version of it. Should a device be selectively wiped, any personal content that a user created will most likely be deleted as well.

IT now has a choice of mobility platforms

Google has addressed the major issues that IT has traditionally had with Android. After years of being eclipsed by iOS, Android Enterprise has emerged as an enterprise-worthy platform, and Android is no longer a second-class enterprise citizen. While there are tradeoffs to be made in picking one OS over the other, a range of EMM vendors and managed service providers (MSPs) actively support both and make the tradeoffs less stark.

The question, “Which mobile platform is best for business?” doesn’t have a single answer anymore. Now IT has to ask, “Which is best for this business?” The answer could be “Either” or “Both.”

Copyright © 2021 IDG Communications, Inc.

It’s time to break the ChatGPT habit
Shop Tech Products at Amazon