Setting up device administration policies
First introduced in Android 2.2, the Device Admin policies grant abilities to apps to gain a greater level of device control. These features are primarily aimed at enterprise app developers given their controlling, restrictive, and potentially destructive nature, and offer an alternative to a third-party Mobile Device Management (MDM) solution. In general, this is not aimed at consumer apps unless a trust relationship already exists, for example, a bank and a banking app.
This recipe will define two device policies designed to strengthen the device that could be part of an enterprise's mobile security policy:
- Enforce device encryption (which also ensures that a device pin/password is set)
- Enforce maximum screen lock timeout
Although device encryption is no replacement for ensuring that the app data is encrypted properly, it does add to the overall device security. Reducing the maximum screen lock timeout helps protect the device if left unattended...
