Microsoft Intune Can Now Tap Google Play Protect for Android Devices
The Microsoft Intune mobile management service can now include security protections for Android devices enabled by Google Play Protect services.
Google Play Protect, rolled out in May, is Google's rebranded trio of security protections for Android mobile devices. The service provides device-level and boot protections, an application checking service that uses machine learning for detecting unexpected app behaviors, plus protection capabilities for lost devices.
Intune users, as of Nov. 15, can turn on controls for Google Play Protect within the Intune management portal, according to Microsoft's announcement. It's enabled by two APIs and a service that checks security-provider communications channels. The "SafetyNet Verify Apps" API is used to check for malicious applications. The "SafetyNet Attestation" API is used for verifying hardware details, including a device's profile based on its hardware and software.
Google Play Protect options appear via Intune's "Android Compliance Policy" settings under "Device Health." Intune users can create a policy for Android devices that includes these options as a compliance check.
On the hardware attestation side, Google Play Protect has two options: "basic integrity" and "basic integrity and certified devices." The first option, basic integrity, looks for signs of "rooted devices, emulators, virtual devices, and devices with signs of tampering," according to Microsoft. The second option, basic integrity and certified devices, includes the basic integrity check while also verifying that the devices are unmodified and were certified by Google.
Organizations using Android Work Profiles (formerly known as "Android for Work") can turn on a "Threat Scan" function for Android devices to check the security of applications. It's done via the "Device Restrictions" setting in Intune under "System Security."
Google Play Protect solutions have been around for a while, but they may not offer the best protection. For instance, Sept. 2017 stats published by AV-Test showed that Google Play Protect 8.1 offered the worst protection among 21 Android security solutions tested.
Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.