The move is not about Android security as such, but about the unavailability of the Microsoft Authenticator app in Chinese app stores.
Microsoft has ordered its staff in China to use iPhones for their work starting in September.
The decision effectively bars the use of Android smartphones by the tech giant’s Chinese staffers, Bloomberg reports.
The decision has more to do with standardising use of the Microsoft Authenticator and Identity Pass app among all personnel rather than security concerns about the Android mobile operating system.
While Apple’s iOS App Store is available in China, Google Play is not.
Local Android-based smartphone manufacturers like Huawei run their own platforms featuring local apps and a diminished cast list of international apps. Microsoft Authenticator is not among them.
Microsoft will provide iPhone 15 devices to staff currently using Android handsets, according to the report.
CSOonline invited Microsoft to comment on the reports that it will be requiring Chinese staff to switch to Apple devices but has yet to receive a response.
Authentication
Microsoft Authenticator is a security app developed by Microsoft for two-factor authentication (2FA). Best practice guidelines for corporate security have routinely recommended 2FA for online systems for years.
The requirement that staff in China use Microsoft Authenticator is part of the software giant’s Secure Future Initiative, which is partly in response to an attack on the Microsoft Exchange ecosystem last year, widely blamed on Chinese government forces.
Microsoft’s president Brad Smith faced a grilling on the company’s security track record and presence in China during a Congressional hearing last month. In it, Smith explained that Microsoft’s presence in China chiefly supported multinational customers.
Smith said the company planned to relocate 700 to 800 workers as part of plans to scale back its presence in China, where it has operated since 1992.
Security plus functionality requirements
Michael Robert, a cybersecurity specialist and senior technical contributor to GTA Boom, told CSOonline the Microsoft had made the decisions to mandate iPhones for its employees in China because of security and functionality concerns.
“The main reason was ensuring all staff could access critical security tools like Microsoft Authenticator,” according to Robert. “The app is available on both iOS and Android worldwide, but Google Play’s absence in China presented challenges for Android users there.”
Other authentication apps are available but using Microsoft’s own technology on a single supported device platform has advantages in simplifying support headaches.
Security concerns may also have played a role, according to Robert.
While Apple maintains tight control of its OS and hardware, the open-source Android operating system is deployed independently by many different phone manufacturers.
“Android understandably raises more vulnerabilities than the tightly controlled iOS,” Robert told CSOonline. “Timely updates aren’t guaranteed across Android’s large variety of devices and manufacturers either.”
More Microsoft security news:
