Android Enterprise security configuration framework

The Android Enterprise security configuration framework is a series of recommendations for device compliance and configuration policy settings. These recommendations help you tailor your organization's mobile device security protection to your specific needs.

Security conscious organizations look at ways to ensure corporate data on mobile devices are protected. One method used to protect that data is through device enrollment. Device enrollment helps organizations:

  • deploy compliance policies (like PIN strength, jailbreak/root validation, and so on).
  • deploy configuration policies (like WIFI, certificates, VPN).
  • manage the app lifecycle.

To help you set up a complete security scenario, Microsoft introduced a new taxonomy for security configurations in Windows 10. Intune is using a similar taxonomy for this security configuration framework. They include recommended device compliance and device restriction settings for basic, enhanced, and high security. This taxonomy is explained in the following articles:

  1. Android Enterprise framework deployment methodology: A recommended methodology for deploying the security configuration framework.
  2. Android device enrollment restrictions: Pre-enrollment device restrictions for Android Enterprise devices.
  3. Set app configuration policies for Android Enterprise devices: Configure apps on the devices to disallow personal accounts.
  4. Android Enterprise personally-owned/corporate-owned work profile security settings: Specific configuration settings for basic and high security on personally-owned/corporate-owned work profile devices.
  5. Android Enterprise fully managed security settings: Specific configuration settings for basic, enhanced, and high security on fully managed devices.

Android Enterprise enrollment modes

Google Android Enterprise includes two enrollment modes. The Android Enterprise security configuration framework provides recommendations for both modes.

Next steps

Android Enterprise framework deployment methodology