Marshmallow, Anyone?


Security of the mobile devices used in your business should be a primary concern.

Because mobile devices are able to take on more and more tasks traditionally performed by desktop computers, work done in an office environment can increasingly be done almost anywhere. As a result, the security features of the mobile device and platform should be important considerations for your business.


Marshmallow devices ship with full-disk-device encryption enabled by default although some exceptions are permitted for lower-end models that do not have sufficient computing performance to encrypt on the fly. Encrypting the entire storage capacity means all data and apps stored on the device will be essentially unreadable without the cryptographic key. Google has also enhanced the Verified Boot function, which checks to see whether the operating system has been tampered with.

If you are concerned about encryption on your other computing devices, full device encryption is available on Windows and Mac computers and is already on by default for iOS devices.

Flex Storage

A number of Android devices over the years have included a Micro SD card slot, which allows you to add more storage capacity. Most current models no longer ship with this feature; however, that may change with Marshmallow. Google’s Flex Storage feature allows the expandable storage to be formatted, encrypted and integrated with the main memory. This offers a secure way to substantially increase the capacity of your device without having to micro-manage what gets stored where. The downside, however, is that the memory becomes more or less permanent: if you remove your Micro SD card, apps stored on it will stop working; since it’s encrypted, anything stored on the card will not be readable on another device. Currently, iOS devices do not offer expandable storage as a feature.

Apps in Marshmallow request access to functions the first time they need them.

App Permissions

One of the biggest new security features in Marshmallow is a substantial change to the way apps may be granted access to certain functions. Previously, an app would request access to all functions it supported at the time of installation from the Google Play store. Apps in Marshmallow now request access to functions the first time they need them, such as a camera app requesting permission to use the camera. If an app requests access to a function you don’t think it should have, you can say no and the rest of the app should still work normally. Permissions can also be reviewed and individually revoked at any time from the Settings. In iOS, app permissions already have this level of granularity.

Auto Backup

Another security feature is the automatic backup to Google Drive. Google will back up your data as long as there is a WiFi connection. Thus, if your device is lost, stolen or broken or if all your data is wiped out, you can restore it onto a new Android device. The iCloud Backup feature on iOS provides similar backup and restore capabilities.


Marshmallow includes support for fingerprint recognition as part of the operating system. This will allow other app creators to more easily make use of the fingerprint reader via an API (application programming interface). Google’s own services will also support the fingerprint scanner for authentication, such as authorizing a purchase in the Google Play store. Apple’s TouchID feature supports fingerprint authentication on devices with a fingerprint reader; all current iPhone models and most iPad models now include TouchID.

Other Features

In addition to security enhancements, Android 6.0 Marshmallow also includes a number of other features, such as Now on Tap, which integrates Google’s search nearly everywhere on the device. Hardware support for the new USB 3.1 standard, with the Type-C connector (easily insertable on the first try since there is no correct “up” side), is also included.

Get the Right Features

The mobile platform you choose for your business will depend on a number of factors. Security is important, but you will likely also need to consider the app ecosystem, app availability and potentially cross-platform interoperability. If you need a specific app that is only available on one platform, you will need to consider that too. Likewise, many popular apps are available on both Android and iOS. You may also want to give consideration to employee preferences; some employees will not care, but some will have a strong leaning for one platform over another.

A word of advice: do not go low end for your business. A high-end or mid-range device is more likely to include newer capabilities, which are not always easily dismissed as “bells and whistles”; good security features like full disk encryption and fingerprint scanners require better hardware. You only get what you pay for.

Contact Argento CPA today!


Disclaimer: BUSINESS MATTERS deals with a number of complex issues in a concise manner; it is recommended that accounting, legal or other appropriate professional advice should be sought before acting upon any of the information contained therein.
 Although every reasonable effort has been made to ensure the accuracy of the information contained in this letter, no individual or organization involved in either the preparation or distribution of this letter accepts any contractual, tortious, or any other form of liability for its contents or for any consequences arising from its use.
BUSINESS MATTERS is prepared bimonthly by the Chartered Professional Accountants of Canada for the clients of its members.
Richard Fulcher, CPA, CA – Author; Patricia Adamson, M.A., M.I.St. – CPA Canada Editor.
Contact us: