SAN FRANCISCO -- To say the least, the NSA has strict requirements for mobile device platform security. So it's no surprise that commercial versions of the Android platform fail to meet its standards.
However, in an effort to foster industry-wide improvements in Android security, the National Security Agency (NSA) developed and piloted Security Enhanced Android, or SE Android, a custom version of the mobile OS with additional security controls built in. Last year, the NSA released the source code to SE Android as an offshoot of the Android Open Source Project.
"What we really look at is advocating for SE Android to be picked up by the OEMs; to start implementing [it] in their devices so we can take advantage of it," said Troy Lange, the NSA's mobility mission manager. "By implementing it ourselves and recompiling the core, we take on the ownership of maintenance and upkeep of that, and again that's not our core expertise."
In this video, conducted at the 2013 RSA Conference, Lange discusses the key security features in SE Android, like privilege controls, device feature management and application isolation, and explains how enterprises can use SE Android in their own environments. Lange also talks about the must-have security features on the mobile devices in use at the NSA today.