Smartphones have become a central tool in the professional world today. In 2024, 71% of employees use their mobile devices for work-related tasks (Zimperium, 2024), and 82% of companies have adopted a BYOD (Bring Your Own Device) policy, allowing the use of personal devices for professional purposes (Ntiva, 2024). Simultaneously, 47% of companies still allow their employees to access professional data from unmanaged devices (Shadow IT Report, 2024).
This new context requires a rethinking of security. It is with this in mind that Android Enterprise introduces Device Trust, an innovative solution that verifies the security status of any Android device, whether managed or not, before authorizing access to sensitive resources.
Device Trust: an Android advancement to secure all devices, even unmanaged ones
Device Trust is based on a fundamental principle of modern security: Zero Trust, now adopted by 63% of organizations worldwide (Okta, 2023). This approach considers that nothing should be implicitly trusted. Every access to a professional resource must be verified, whether it comes from an employee, an application, or a device.
Specifically, Device Trust relies on more than 20 security signals provided by the Android device: security patch level, OS version, network status, presence of a lock screen, encryption, pending updates, etc. These signals are then transmitted to a security partner (Identity Provider, SIEM, EDR, etc.) to validate access.
What makes this advancement particularly relevant is its ability to function even on unmanaged devices, without requiring MDM enrollment. For organizations still reluctant to manage devices or not yet having the budget to deploy a complete solution, Device Trust constitutes an intelligent first line of defense, capable of filtering access based on the device’s actual status.
However, it would be wrong to consider Device Trust as an alternative to MDM solutions. It is a complement, not an alternative.
As an official Android EMM partner, TinyMDM fully supports this evolution. The integration of Device Trust represents a major opportunity to improve security even at the most exposed access points, while remaining faithful to the Android ecosystem and its standards (ISO/IEC 27001, 27002, 27005).
MDM + Device Trust: the essential combination for complete protection
Device Trust is particularly useful in specific contexts: companies that do not yet have an MDM, temporary collaborators, unmanaged BYOD environments, etc. It allows for minimal security validation, but it does not replace the operational benefits and data protection provided by a complete MDM solution.
That’s why TinyMDM positions itself as a natural complement to Device Trust for advanced and secure management of Android devices.
In the context of BYOD, TinyMDM offers the work profile mode, which creates a strict separation between personal and professional data. This allows for managing and protecting business data without interfering with the employee’s private life. With Device Trust, the security of both professional and personal parts is reinforced: even if the entire device is not managed, access to different data remains conditioned by the device’s state.
Another scenario is WPCO mode (Work Profile on Company-Owned devices), used by companies that lend a professional device while allowing personal use. This mode also creates two compartmentalized environments, and allows the company to strictly manage the professional part with TinyMDM. The addition of Device Trust also protects the personal space, for example, by preventing a compromised device from allowing access to corporate data, even via apps used in the personal part.
The context of distributed work makes this MDM + Device Trust combination even more strategic. In 2024, 54% of employees with telework-compatible jobs work in hybrid mode, and 27% are fully remote (Gallup, 2024). Access points multiply and diversify: MDM ensures control, Device Trust guarantees that only secure devices pass the filter.
In conclusion
Android Enterprise’s new solution marks a significant advancement in securing access to professional data on Android. But users should not perceive this technology as a substitute for device management: without mobile device management software, risks persist, particularly in the event of loss, theft, or mishandling.
By combining TinyMDM’s management capabilities with the intelligence of Device Trust signals, companies can build a robust security foundation, adapted to all uses: personal, professional, hybrid, temporary. It is the combination of these two approaches that will make it possible to face the current challenges of mobile cybersecurity.
1st of July 2025