[Community survey] Feedback on Android Enterprise Secure logs

Hello everyone,

 

I'm a big fan of surveys and we haven't had one for a little while - so here we are!

 

We'd love to hear your feedback on a potential improvement to the Android Enterprise logs. 

 

Android Enterprise logs provide critical insights into device activity and security, empowering organizations to manage and secure their mobile ecosystems effectively. These logs are divided into:

• Security logs, which capture key events like app installations, failed authentications, and policy changes, and 
• Network event logs, which track network activities such as app connections and destinations. 

 

Logs are currently stored in the normal world (REE - Rich Execution Environment). We are exploring a feature enhancement to enable this storage in a secure environment (Virtual Machine) so that they are better protected. 

 

This feature enhancement has a few options / levels and we want to understand their importance to you:

 

• Logs stored in secure environment: If the OS is compromised, the logs are much harder to access and tamper
• Tamper evident logs: This would allow the OS to indicate if the logs were tampered with
• Tamper proof logs: This makes it not possible for logs to be tampered with. Logs would only be available in small quantities (4mb on average, depending on chipset capability)

If you have a spare moment, please take the short survey below. If you have any additional questions, please to reply to this topic below (by clicking 'Reply'). 

 

Thank you for your time and feedback.

 

Lizzie (and the Customer Community team)