Google Launches Bug Bounty Program for Android Enterprise

With bounties ranging from $250,000 to $250,000, Google has announced the first vulnerability rewards program for its Android Enterprise initiative as part of its effort to further secure the platform.

Google launched Android Enterprise to enable the use of Android devices and apps in the workplace by allowing mobile developers to integrate Android support into MDM solutions.

Rajeev Pathak, a senior product manager at Google, says that businesses must effectively manage their increasing number of mobile devices as remote working and hybrid work environments become more popular.

“Since we believe scrutiny and transparency are key to improving security, we’ve launched a new Android Enterprise category as part of the Android Security Rewards Program. We’re offering a reward of up to $250,000 for a full exploit on a Pixel device running Android Enterprise,” Pathak.

A security that is thorough and all-encompassing

Despite IDC’s finding that almost 80% of IT executives are increasing their investment in business mobility, Pathak believes that simply putting more money into security and management solutions isn’t enough to give data control.

“For mobility to truly work in the long term, it’s critical to balance strong platform security with effortless, flexible management that scales to specific needs around user choice, privacy, and control,” explains Pathak.

The security enhancements in Android 12, according to Pathak, are intended for business customers, such as improving password complexity controls and turning off USB signaling on company-owned devices to limit USB-based assaults.

He adds that even though Android 12 already satisfies the most stringent deployment criteria, including those set by the United States Department of Defense’s Security Technical Implementation Guide, the firm wants to use the rewards program to further secure the platform.