Why CyanogenMod? Android is a Top Platform

The popular Android platform is an ideal platform creating an environment well suited for MDM and SaaS. The devices are cost effective and solutions such as AirWatch create convenient options for app management. Last January, the beta for the CyanogenMod’s GalleryNext application was released which was a large scale effort to start addressing the the gaps which the company identified in AOSP applications.

Below are security concerns addressed and posted on CyanogenMod’s blog:

How does this change affect the usage of your device, and root apps you have installed?

On a default CyanogenMod installation, root usage will have to be explicitly enabled by the user. This means that the user is fully aware that any application that uses root may perform actions that could compromise security, stability and data integrity. Once enabled, the process mirrors that of the current process, apps that request root will be flagged by the SuperUser.apk and the user will have to grant selective access.

Why the change?

At CyanogenMod, security has always been one of our primary concerns, however, we were hesitant to make a change that might disrupt the current root ecosystem. With CyanogenMod 9 we have the opportunity to do things better, whether its the code in the OS, UI/UX, or security – we are taking this time to do things with a fresh approach.

Shipping root enabled by default to 1,000,000+ devices was a gaping hole. With these changes we believe we have reached a compromise that allows enthusiasts to keep using root if they so desire but also provide a good level of security to the majority of users.

What concerns remain?

Many of you reading this are savvy enough to note a remaining hole in this approach – recovery and unlocked bootloaders. The bootloaders are out of our hands, there is little to nothing we can do on that front.

Regarding recovery – with unlocked bootloaders, a malicious user could just flash a new recovery image (without any potential security we could apply) or just dump the data partition. This however, requires physical access to the device. As such, the security standards for this are highly reliant on you, the device owner. Data encryption is available in ICS to safeguard your data. (Warning for emmc only users – encrypted /data means recovery will be non-functional.)

The onus is on you to secure your device; take care of your possessions, and this risk is minimal. Always make sure you take devices out of your car before you go into the mall and remove them from pockets before washing laundry. Common sense is a basic security tool.

But Why?

We honestly believe there are limited uses for root on CyanogenMod, and none that warrant shipping the OS defaulted to unsecured.

*CyanogenMod

New network and app management tools provide business users with new capabilities and simplified access to data they can then use to find, recognize and act on. This will free-up IT from the time-consuming tasks previously associated with analytics and BI, a win for everyone. Change is always challenging, and it's important organizations embracing big-data find a high-placed champion to lead their internal charge.

Change into these channels is also important. The CIOs use of how a successful ROI environment should be deployed within its organisation, which in turn creates the conditions associated with successful utilization of IT resources and inhibits the IT department’s ability to have flexibility in its response to ever-changing business dynamics. New Technology and Focusing on the business outcomes is an appropriate mindset of today’s leadership. Customer services and the customer is still significant. A CIO should work in providing their users with a great experience. Such impacts allow opportunities for today’s CIO to bring an impact on its business like never before.