Apple vs. Android: Developing Secure Enterprise Apps
|James Seibel in Enterprise Friday, June 6, 2014|
Mobile Device Management (“MDM”) is an infrastructure protocol for executing privileged commands on mobile devices. In other words, MDM is an infrastructure technology that enables administrators to take full advantage of features already included on devices. The MDM specifications are provided by operating system designers, for example Apple and Google, and include guides on how to implement them. It is crucial that enterprise app developers understand the differences in order to create secure and effective applications.
When it comes to the mobile device market, Apple continues to maintain an impressive lead in market share over Android devices with 42% of the U.S. smartphone market versus 26% for Samsung, according to market research from the NPD Group. The two giants are trailed by Motorola, LG, HTC and Blackberry, respectively. But when it comes to offering the most secure platform for developing enterprise apps, which operating system comes out on top – iOS or Android? Let’s compare.
The two operating platforms each have their own mobile device management (MDM) specifications. While the two approaches couldn’t be more different from one another, they are both important to take into account when developing enterprise apps – where security is often a client’s top priority.
For instance, the iOS MDM uses a single MDM administrator for each device while the Android MDM allows for multiple MDM apps per device. Meanwhile, for iOS devices, MDM commands are generated by the iOS operating system while MDM commands for Android devices are included in the Android library function and the determination as to when to execute those are carried out by programmers.
The key differences between the iOS and Android MDM strategies boil down to this: Apple defines and controls the MDM command list and sends out streams of MDM commands to all iOS devices (such as location tracking/Find My Phone to deleting App Store-installed apps from a device if a security flaw is detected). By comparison, the Android MDM command list is developed by different Android manufacturers (HTC, LG, Motorola, Samsung, etc.) with a smaller amount of MDM commands that cover security features.
The number of MDM commands offered by Apple and Google also stand out from one another. Apple provides over 100 MDM commands and is constantly releasing new ones. By comparison, Google provides about 10 MDM commands and has added just two commands over the past two years. However, Google allows device manufacturers to add their own commands. For example, Samsung SAFE has hundreds of additional MDM commands, ranging from the ability to delete apps to controlling which bookmarks are in a mobile web browser.
So which group has the winning MDM approach? As it currently stands, Apple is clearly dominating. For customers that want full control of as many aspects of a device as possible, iOS has the most MDM features and is arguably a more secure protocol since it is well defined and relies heavily on security certificates for authentication. By comparison, Google allows each device manufacturer to make up their own MDM commands, which results in varying degrees of security.
What does this mean for enterprise app developers? Developing for Apple or Android-based mobile infrastructures is not “one size fits all” when it comes to security. It is important for developers to be conscious of the differences and tailor their strategies accordingly. Google’s increased flexibility forces developers to write additional code for every Android device that they’d like to support. Meanwhile, adding a new MDM feature in an iOS device means that all supported devices will update automatically as long as they are within Apple’s specifications.
This does not mean that Android is inherently less secure than iOS. However, it does mean that enterprise app developers must adapt their code to a workplace environment in which employees increasingly expect support for any and all personal mobile devices.
This content is made possible by a guest author, or sponsor; it is not written by and does not necessarily reflect the views of App Developer Magazine's editorial staff.