Device Software Update Management

Frequent software updates are often necessary to resolve bugs, patch security vulnerabilities, and enhance device capabilities. But IT admins must understand and validate software changes prior to mass deployment. Samsung released the mobile industry’s first firmware update management system on Android to enable IT to test and validate software updates and to control roll-out scope and timing.

Why manage device software updates?

In enterprises with fragmented platforms and firmware versions, mobile device deployment and support becomes a time-consuming and tedious task. Proprietary enterprise apps and application services behave inconsistently on different firmware versions, so features require testing and troubleshooting on a widening array of device platforms.

Controlling the rollout of software updates allows IT admins to:

• Homogenize the firmware versions and capabilities of deployed device models.
• Carry out interoperability or compatibility testing with in-house or proprietary servers, apps, and endpoint settings.
• Ensure that known issues are patched before deployment of major firmware version updates.
• Perform field tests of new firmware and software on a subset of devices before mass deployment.
• Force the use of firmware versions that have been validated to meet industry certification or regulation requirements.

Strict control over device firmware updates

Samsung developed Enterprise Firmware Over-the-Air (E-FOTA) to enable enterprises to save time and support costs, and manage the mobile infrastructure as efficiently as possible.

With E-FOTA, enterprises can control device software updates as follows:

• Select the highest firmware version allowed on devices — This option ensures that device users can’t independently update to an unsupported firmware version, preventing issues that could negatively impact employee productivity, support costs, and data security.
• Force the download of a specific firmware version onto select devices — Enterprises can download new firmware to a few test devices to run interoperability or compatibility tests. This mandatory download is done with proprietary systems and apps to find any corner cases that might result in operational or performance issues.
• Mass deploy a new firmware version — Mass deployment prevents software version fragmentation so IT teams don’t need to support multiple legacy firmware versions for each deployed device model.
• Schedule updates during non-peak work times — This option ensures updates don’t interfere with employee productivity.

Knox control over user updates

A wide range of EMM partners support Samsung's firmware management features, integrating firmware management with other asset management activities. IT admins can use these tools to test and deploy software updates in a consistent and low-risk way. Through EMM solutions, enterprises can restrict users from loading unauthorized firmware, through their devices or USB-connected computers.

Through the Knox Platform, enterprises can:

• Disable automatic firmware updates – IT admins can prevent users from going to their Android Settings to enable or disable automatic firmware updates.
• Disable all OTA updates – IT admins can prevent users from going to their Android Settings to enable or disable software updates in general. This restriction includes updates for firmware, security patches, bug fixes, and apps.
• Disable USB-connected updates – IT admins can prevent users from booting into Download Mode and installing a manual software update. This restriction includes updates through the Odin, Kies, and Smart Switch update tools.