Esper aims to bring devops-like approach to securing Android dedicated devices

We’re excited to bring back Transform 2022 in person on July 19 and virtually July 20-28. Join AI and data leaders for insightful talks and exciting networking opportunities. Sign up today!


Esper, a maker of cloud tools for Android device deployment and application management, today announced the launch of a new offering that seeks to make it easier for businesses to protect dedicated devices such as point-of-sale systems, digital kiosks and screen signage.

The company says its new DevOps offering for dedicated devices comes as the use of connected IoT devices and Android Edge increases, but many remain difficult to update and secure.

The platform treats any kind of device state change as something that can be pushed through a devops pipeline, said Keith Szot, vice president of innovation and solutions at Esper. The company says its offering expands the definition of devops, a bridged development and operations approach that has transformed application development over the past 15 years, to include device configuration.

“Security fixes aren’t very useful if they break the core functionality of the device and you should be able to test and deploy them using the same sophisticated development principles that we apply to your application software,” Szot said in an email.

Devops for Dedicated Devices allows customers to apply policies, configurations and field updates to devices from a centralized platform and at scale, according to the company.

Key features include Blueprints, which allow customers to define device security and settings, while managing non-compliant devices (also known as “drift”). The offering’s Pipelines feature can test software and policy updates at strictly defined stages, so customers can validate changes before rolling them out more widely to their fleets, according to Esper.

In addition, the company’s Foundation for Android platform gives customers greater control over the behavior of their fleet while adding monthly Android security patches and operating system updates, “two things largely unknown in the space of Android.” dedicated devices,” Szot said.

Considering that many dedicated devices are mission critical, Esper says it improves overall fleet security in part by improving visibility.

“When you manage your entire fleet from one piece of infrastructure, you know where each device is, what it’s running, and what settings apply to it. You can’t secure what you can’t easily achieve,” Szot said. “We take what are often fragmented and incomplete solutions and give customers a clean slate to manage. With the explosion of the use of dedicated devices, companies need to manage thousands of devices remotely, Esper allows companies to identify devices that do not meet the requirements”.

best way to upgrade

In terms of Esper’s Devops deployment tools for device software and firmware, when companies integrate their existing Devops tools with Esper, developers can deliver software updates to the Esper Cloud automatically, he said. Operations teams can deploy those updates with Esper Pipelines right away, or on their preferred schedule with similar automation, Szot said.

Device policy changes can also be implemented this way using Pipelines, he said.

“This ensures that updates actually get to where they need to be and that policies are applied when they are set,” Szot said.

The biggest change Esper is introducing is a centralized way to manage device system updates, via Foundation security patches, Foundation core OS updates, and the company’s on-device management app. (the Esper Agent), he said.

The Esper Agent is “essentially a little service worker that lives on every device our customers manage with Esper,” Szot said, regardless of whether they use the Esper Foundation for Android.

“We now allow customers to host and test these updates just as they would updates to their own apps,” he said.

Meanwhile, the Blueprints feature represents a revision of Esper’s approach to device configuration, according to Szot.

“The big security implication for our customers is more customization and configurability in the field,” he said, since Blueprints allows customers to “adjust core device settings at any time.”

For example, if a company adopts a new policy that prohibits any device in the fleet from using USB connectivity, “you can make that change fleet-wide in just a few minutes using Esper Blueprints and Pipelines,” Szot said. “You can watch those changes roll out in real time and see which devices they roll out to, then start assessing any failures with our new deviation management feature.”

customer traction

Esper reports that it currently has more than 3,000 clients, with use cases that are “very different,” Szot said. Major verticals include healthcare, retail, logistics and transportation, restaurants, education, and hospitality.

Revealed clients include Taco Bell, Ordermark, Siyata Mobile, Spire Health, CLMBR, Inspire Fitness, ROMTech, JLT and BusRight.

The Bellevue, Washington-based company has raised $100 million in funding since its founding in 2018, including its $60 million Series C round in October led by Insight Partners.

Ultimately, “as an immense number of devices begin to connect in public and semi-public environments, the number of potential attack surfaces increases with it,” Szot said. “We’ve all seen a public display or kiosk displaying the ‘blue screen of death’.”

Esper sees this as a “failure to properly enforce and validate fleet configuration and software updates,” he said.

In the past, there has been no “one comprehensive way” to add new features or patch a critical vulnerability across an entire fleet of dedicated appliances. “Esper is the first platform that really takes that infrastructure burden out of the dedicated device equation,” Szot said.

Current solutions on the market can provide parts of what Esper offers; for example, “we’re not going to say we invented Android device policy settings,” Szot said (although Esper is the first to apply it using devops, he says).

However, “that’s something anyone can do, because it’s a core feature of the Android platform,” Szot said. “Where we stand out is the scalability and integration of our platform. There is no one else in the dedicated device space that provides a complete solution.”

The VentureBeat Mission is to be a digital public square for technical decision makers to learn about transformative business technology and transact. Learn more about membership.

Leave a Comment