Open source technology is not necessarily any less secure than proprietary.
There — we’ve said it, do you feel better?
Industry protagonists, commentators, analysts, evangelists and (god forbid) even bloggers cum technical journalists (scum of the Earth of course) have been advocating the wider “robustness” (cringes at industry marketing-speak term) of Linux and open platforms for a long time now.
Let’s look at the facts…
One of the UK’s leading open source news commentary channels (apart from this one of course) combines open source ALONGSIDE security as its two central themes. Clue: begins with H and doesn’t have any more letters.
IBM developerWorks writer Himanshuz.chd (not a very catchy name) says that the belief that a closed source software is secure is not true.
“The live and biggest example of this is the Microsoft family of operating systems. Everybody knows that these guys do not release the source code but still we have huge number of bugs and security compromises for Microsoft family of OS,” he writes just last year – and the rest of the piece is worth a look too.
Fast forward to this week at Mobile World Congress Barcelona (¿would you like a jamon e queso bocadillo señor?) and there is more evidence, potentially…
SAP this week announced expanded Samsung For Enterprise (SAFE) certification for its (originally Sybase purchased) SAP Afaria mobile device management solution.
NOTE: In terms of quality, SAFE certified devices are “guaranteed to have met Samsung’s security criteria” and feature what are described as ‘enhancements’ suitable for business use.
The firm then asserts that when SAFE devices are managed by SAP Afaria, businesses will be able to “manage and secure” large numbers of disparate users, bringing their own devices into the workplace to what is claimed to be the most “widely deployed” enterprise mobility management (EMM) solution in the industry.
According to Gartner, “Samsung commands over 42.5 percent of the Android market globally.
The enterprise-specific features of the SAFE programme could strengthen SAP’s ability to deepen enterprise integration and support for the mobile devices most widely used by consumers and businesses – and this includes Android devices, because Samsung loves its Android line.
TECHNICAL NOTE: SAFE devices provide enhanced IT security protection through various policy groups such as Application Policy, Exchange Active Sync IT Policy, Encryption Policy, Native Email Policy, Various Restriction Policies (WiFi, USB, SD card, Bluetooth, camera, microphone, clipboard, etc), Location Policy etc.
“SAP currently has over 4,000 Samsung devices deployed internally around the world. The benefits of managing Samsung devices through SAP Afaria include unified management of multiple device models, streamlined installation of email accounts and enhanced security policies, including application white/blacks and SD card enablement/encryption,” said the company, in a press statement.
The companies now say that they will continue to work together to address the management and security concerns commonly faced by enterprises using Android devices.
The next step in the companies’ planned collaboration is in Samsung KNOX, an end-to-end secure solution intended to provide “security hardening” from the hardware layer through to the application layer.
According to SAP and Samsung, “KNOX retains full compatibility with Android and the Google ecosystem, while engineering management enhancements, including its application container technology to support both BYOD and Corporate-Liable models without compromising corporate security or employee privacy.”
NOTE: Corporate-Liable? The opposite of BYOD? OK, we’ll go with it.
Are these solid enterprise-level instances of properly safe and robust open source mobile solutions? Yes they are. Will they win over customers in terms of implementation and deployment? Ah, now that’s another question.