# Selecting An Android Tablet



## SunWers (Sep 9, 2017)

Hello Everyone,


I just wanted to ask opinions for selecting an Android tablet for our production floor. We are currently looking into purchasing a new production software for our shopfloor and we need Android tablets for live feed which will import production info to the main servers. The shopfloor software supports Android 5.0 to present. We have a sample tablet, Acer Iconia ONE 7, with an OS of Android 6.0 (Marshmallow). This tablet will stay plugged in to a power supply to the operators workstation. The operator uses the tablet to scan tickets, report quality issues, and so on. But it will always stay plugged in to the power supply. I'm thinking the most important specification we need to look at is the OS version. If I'm thinking right, if we purchase the sample version 6.0, which is already 2 years old, as long as the company we are purchasing the Shopfloor software from, supports version 6.0 we will be fine. We want a tablet with the longest lifespan but will be supported. If I'm thinking correctly, as time goes by the older versions will be bumped as non supported. Would it be best to purchase either the 7.0 or 8.0 versions because they would most likely be supported for a longer amount of time. Am I missing anything or if anyone has anything to add it would be greatly appreciated. 



Thanks,
Lynn


----------



## Corday (Mar 3, 2010)

Current version is 10.0.


----------



## SunWers (Sep 9, 2017)

Corday said:


> Current version is 10.0.



Thanks Corday, we will be purchasing around 800 tablets just for one of our plants. I'm not real sure yet if the purchase price would be an issue or not. We are suppose to discuss this more next week. The 3 samples that we purchased is version 6.0. The company that is setting up the shopfloor software said that these tablets were 2 years old but they would work. My question is would we need newer versions? If we were to buy more of the version 6.0 tablets, what would the down side of buying these instead of the version 10.0?


----------



## Corday (Mar 3, 2010)

At some point older versions stop getting security updates. That would be of concern to me.


----------



## britechguy (Dec 6, 2019)

Corday said:


> At some point older versions stop getting security updates. That would be of concern to me.


And that should be of major concern to anyone, whether purchasing just for themselves or in bulk for a business purchase.

Once you narrow down your options you should check "the chatter" out there about how well supported Android OTA (Over The Air) updates are from the manufacturer for the device you're considering.

Even though the following is not in reference to Android tablets, but smartphones, I have had far more robust OTA updating from Xiaomi on their phones than I ever did on LG for theirs. Samsung is generally very good about updating their devices for several years.


----------



## SunWers (Sep 9, 2017)

Corday said:


> At some point older versions stop getting security updates. That would be of concern to me.



If I read correctly, Android version 6.0 has already been discontinued? Without security updates it could make the tablets at risk for security vulnerabilities and other bugs. Where could I get info to show what versions has been discontinued and date when others are going to discontinue.


Thanks A Bunch,
Lynn


----------



## SunWers (Sep 9, 2017)

britechguy said:


> And that should be of major concern to anyone, whether purchasing just for themselves or in bulk for a business purchase.
> 
> Once you narrow down your options you should check "the chatter" out there about how well supported Android OTA (Over The Air) updates are from the manufacturer for the device you're considering.
> 
> Even though the following is not in reference to Android tablets, but smartphones, I have had far more robust OTA updating from Xiaomi on their phones than I ever did on LG for theirs. Samsung is generally very good about updating their devices for several years.



So we have two different kinds of security updates, correct? Most important one would be the Google Android security updates. Which would be for the different version of Androids (Marshmallow, Lollipop, or Pie). 



Second, is the security updates from the manufacturer, such as Samsung, LG, or Motorola. 



What is the difference between the two? 



Sorry... I'm just trying to understand so I can give more information for these tablets and it be correct for next week.


Thanks,
Lynn


----------



## Corday (Mar 3, 2010)

Each maker sets it's own policy. I recall Google updates lasting three years but I'm not positive. Some companies allow update period to restart after downloading paid software from that manufacturer. Of course there's 3rd party software which is catch as catch can.


----------



## britechguy (Dec 6, 2019)

My experience is that you can't strictly separate out what constitutes a security update.

A very many apps get their own updates, and a very many of those updates note that some security issue is getting patched. Those updates are separate from Android version updates.

There are patch updates to Android, but my experience is that these are relatively rare. They generally include security bits as part of them, but other bug fixes as well.

Then there are the Android version updates, which will definitely include changes related to security compared to earlier versions.

It has also been my experience that there are few attacks on Android like there are on Windows, which isn't all that surprising given that it is, under the hood, very similar to Linux and the way security is managed is quite different. But, and this is critically important, there are myriad "bad apps" out there that have as their primary intention spying (and I use that term literally) on what the user of the device is doing. Google has gotten better about vetting things for the Play Store, but it's far from perfect. Also, under Android, a very great many apps ask for permissions that they should have absolutely no reason to need based on what their stated function is. That's a red flag. One should never allow the installation of apps from other than the Play Store in a setting such as yours, and were I in that setting I'd even lock the devices down further such that no app installations are allowed by the end users. They sound like they're intended to be purpose-dedicated tools on the floor, and as such they need to be locked down tight, much like most office PCs are in large enterprises.


----------



## SunWers (Sep 9, 2017)

britechguy said:


> My experience is that you can't strictly separate out what constitutes a security update.
> 
> A very many apps get their own updates, and a very many of those updates note that some security issue is getting patched. Those updates are separate from Android version updates.
> 
> ...



Thank you so much for all the info. I think they are looking in to purchasing the Acer Iconia ONE 8 or the Lenovo Tab E8. Both have Android Version 7.0 Nougat which would not be supported by security updates... I'm thinking we need at least version 8.0 Oreo but I think support will be ending for it soon also. We will be locking the devices down where the operators will not be able to install any other apps. This tablet will be solely for the shop floor app only. Am I thinking correctly, do we need at least version 8.0 or higher? I just do not want to talk them in to getting a more expensive tablet when it may not be necessary...


Thank You,
Lynn


----------



## britechguy (Dec 6, 2019)

My personal opinion, and that's exactly what it is, is you could go for an older Android version if the devices are going to be locked down tight.

I never got rid of older smartphones with Android just because the manufacturer stopped issuing OTA updates so long as they worked or I didn't want another.

Although I take the general position that one should avoid ever running an unsupported operating system, regardless of device, that advice is far more critical in the Windows world than in the Android world. I had a Froyo-based device that worked just fine up through around a year ago, and it was a failure with the microSD card reader that caused the "belly up" status. It was not used to interact with cyberspace, however.

If your users have no way to use the devices to interact directly with cyberspace - no web browsing or downloading of anything other than what your business app might do as part of its functioning - I wouldn't be terrified of an older Android version. You can control a lot of the most common risk factors by making it impossible for the end-user to use the devices for anything other than the business tasks.

Others may differ vociferously. It's a matter of how you do your risk analysis and how high your risk tolerance for a given setting is.


----------



## SunWers (Sep 9, 2017)

britechguy said:


> My personal opinion, and that's exactly what it is, is you could go for an older Android version if the devices are going to be locked down tight.
> 
> I never got rid of older smartphones with Android just because the manufacturer stopped issuing OTA updates so long as they worked or I didn't want another.
> 
> ...



Sorry... I just thought of one more question. We have 9 different plant, if we block internet to all end users can the tablet still communicate with the main server? I'm assuming it can but I'm not sure how that works.


----------



## Corday (Mar 3, 2010)

Intranet or a sharing group.


----------



## SunWers (Sep 9, 2017)

Corday said:


> Intranet or a sharing group.



Ok thank you, understood.


----------



## tristar (Aug 12, 2008)

I thought I'll share what we do for enterprise setups:

If you're going to have 200 Tablets, they need to be "Managed", reach out to your IT team and ask them if they use 'MDM' (AirWatch, InTune etc..).

These are Software which Manage the devices, restrict Apps (except for the ones approved by the Administrator), set Policies & restrictions like a user profile, restrict internet access, GeoFencing (if the tablet leaves the perimeter, it will be wiped or will lock down completely) All patches and updates are managed centrally.

With this, it really doesn't matter which Android version or Manufacturer's tablet you use, they will all be managed centrally. Folks cannot download and install stuff and everything will be restricted.


----------



## SunWers (Sep 9, 2017)

tristar said:


> I thought I'll share what we do for enterprise setups:
> 
> If you're going to have 200 Tablets, they need to be "Managed", reach out to your IT team and ask them if they use 'MDM' (AirWatch, InTune etc..).
> 
> ...



Hi Tristar,


Greatly appreciate your info. Sounds like MDM is the direction we need to go. I'm looking in to the Microsoft Intune. It seems to be able to do everything we need it to. Thanks again for your input. 



Any other suggestions is greatly appreciated. We are going to be starting this system around the first of the year. Can't wait to get started!


Thanks,
Lynn


----------



## tristar (Aug 12, 2008)

That should do it Lynn, get some folks with good knowledge in InTune to do the initial setup, so policies and rules are applied based on your requirement.


----------



## SunWers (Sep 9, 2017)

tristar said:


> That should do it Lynn, get some folks with good knowledge in InTune to do the initial setup, so policies and rules are applied based on your requirement.





Hi Tristar,


Question, InTune has been voted out by our IT guy, he says that with as many tablets (800) that we have to track, that it would lag the system down too much. I disagree... Would this be the case?


Thanks,
Lynn


----------



## tristar (Aug 12, 2008)

Not really, if you're only using it for Device Management, you should be able to manage at least 5000+ users and 25000+ devices.. So 800 is not really a concern...

The lowest I have for a client in MDM is around 7000 devices, so you might want to check what the IT team might be referring to regarding "lag" probably infra or license costs.

The Cloud solution might be apt, if the IT team is concerned about lags, a simple google will be able to give you the device/user limits for InTune.


----------

