Honeywell is strongly committed to cybersecurity. Our global businesses include aerospace and process solutions that demand a very high degree of security in all aspects of operations. A corporate-level cybersecurity task force sets and maintains security policies and standards, including test procedures used during product development that specifically identify software issues that could make systems more vulnerable to exploits. This approach eliminates potential vulnerabilities before products are even released.
Once an Android vulnerability is revealed and a corrective action posted by Google, Honeywell’s Android security experts implement the fix and deliver it to customers. Direct distribution of patches and updates enables Honeywell to reduce response time compared to OEMs who must go through secondary channels to deliver their updates. Security Manuals are published for all Honeywell products to guide customers in implementing best practices to secure their environment and devices. Guidance is provided in the configuration of device settings, network settings, and maintaining a secure IT environment. These preventative measures are intended to reduce the avenues through which threats can enter the customer environment.
Honeywell and Avalon Are Committed to Cybersecurity
Many enterprise customers will choose to restrict end-users further by “locking down” the device through the use of a Mobile Device Management (MDM) agent or an app such as Honeywell Enterprise Launcher. These tools control user access to system resources and can restrict the system to execute only designated apps. Removing the user’s ability to install or run unauthorized apps makes the system far less vulnerable to security exploits caused by user actions. Honeywell offers an Enterprise Toolkit API Library that enables customers to establish application whitelists or blacklists, control availability of a wide range of device features, and control which IP addresses are accessible through the firewall. Honeywell Launcher replaces the standard Android home screen with a kiosk experience that allows the user to see and execute only the apps needed to perform their job. Honeywell also offers an Enterprise Browser that enables web page rendering using standard Android controls but controls the sites that users are allowed to access. By limiting what the user can do with the device, IT support becomes easier and opportunities for the introduction of malware into the system are substantially reduced.
Another important aspect of security is maintaining an updated system. Researchers are constantly discovering and responsibly reporting vulnerabilities in the Android code base that could potentially be subject to malicious exploits. Google even offers a bounty program to encourage researchers to find and report potential issues. Google and chipset providers such as Qualcomm provide security patches to OEMs on a regular basis for incorporation into their software builds.
Honeywell updates their Android system images on a regular 60-day cadence, with patches for extremely critical exploits available within just a few days (as necessary). Patches are delivered as incremental updates to baseline images, minimizing the size of the update package for easier deployment across the customer’s network. Unlike consumer OEMs, Honeywell package is downloadable from a web portal to allow for customer acceptance testing prior to full-scale deployment. An email notification subscription is available so customers will be informed as soon as new updates are posted.
