DOC RABE Media - Fotolia

Manage Learn to apply best practices and optimize your operations.

Are Amazon devices running on the latest Fire OS 5 secure?

Amazon disabled native encryption capabilities in the latest Fire OS version. Expert Michael Cobb explains what this means for security, and if encryption can be reinstated.

I saw that Amazon disabled the some of the "enterprise features" on its phones and tablets, including the native...

encryption capabilities. What does this mean for those devices? And now that native encryption has been removed, what tools, if any, are available to add encryption back?

Fire OS 5 is the latest version of Amazon's Android-based mobile operating system used by the Fire Phone and Kindle Fire range of tablets. Fire OS is a fork of Android, based on the Android Open Source Project code, with a heavily customized user interface and its own app store. Although the Amazon Fire OS 5 was released last year, it has only recently come to public notice that it doesn't offer the option of encrypting the device's contents. Earlier versions had an encryption function that allowed users to encrypt their entire device with a PIN that would erase all their data if entered incorrectly 30 times in a row. Users with older devices are now able to upgrade to Fire OS 5, which is why the lack of local device encryption has come to light.

Amazon said that it removed the encryption feature because so few people actually used it. Data exchanged between Fire devices and Amazon's secure servers are still encrypted, but while it is stored on the device it remains in plaintext, leaving it vulnerable should the device be lost, stolen or compromised. Although people mostly use Fire devices for entertainment, they still contain personal data such as information regarding the user's Amazon account, including payment details and possibly their email accounts. The lack of encryption makes the devices running the Amazon Fire OS 5 more attractive to thieves and certainly rules them out of being used for work-related tasks.

Following numerous complaints from users, Amazon said that it will return the option for full disk encryption with an upcoming Fire OS update. Until then, administrators should update network access control solutions to prevent devices running Fire OS 5 from joining the network. Until the update is available, users should not store any sensitive data -- personal or business -- on their device. Those with devices running earlier versions of Fire can delay upgrading until the new update is available, though this could create its own security patching issues should a vulnerability come to light in an earlier version of the Fire OS.

Although few people may use encryption on their personal devices, it is an essential safeguard for those who take their data privacy seriously. The best setup is for encryption to be on by default. Some older devices may slow down when handling the extra computational load, but even so, users should always be able to make an informed choice as to whether to encrypt their data or not.

Next Steps

Compare the security features of the top mobile OSes

Learn how to differentiate between mobile operating systems

Find out what problems accompany Android fragmentation

This was last published in July 2016

Dig Deeper on BYOD and mobile device security best practices