The secure OS for mobile that looks great, too: Sailfish

Getting your Trinity Audio player ready...

• A secure OS for mobile devices.
• Open-source and extensible Sailfish OS.
• Sailfish delivers security with significant style.

Deploying a fleet of smartphones for enterprise business users has always been a two-horse race in terms of the devices’ operating systems: iOS from Apple and Android from Google. There have been several attempts to break this duopoly in the past, most notably Microsoft’s since-abandoned Windows Mobile, but also the much-heralded Ubuntu Touch phone that was quickly shelved after an initial roar of expectation from Linux die-hards.

But demand for an adaptable, secure OS that’s the basis of a reliable smartphone platform remains. Apple’s price tags put many off deploying iPhones at any scale, plus the company’s walled garden approach to software and configuration has always raised doubts in the minds of the most security- and feature-minded procurement teams.

Google’s Android-based devices are cheaper, but that platform’s security from malware and hacking continues to raise significant doubts.

In an increasingly privacy-conscious age, both platforms are to varying degrees suspect, with megabytes of data each day sent [pdf] from a single device to the OS maker, to third parties whose tracking code is now an accepted part of many apps, and to app vendors themselves.

The exfiltration of data is almost always undertaken in an utterly opaque manner and usually smoothed over by a few words hidden in software EULAs, such as “data we or anyone else collects is to improve the product.”

If personal privacy or protection of an organization’s intellectual property is considered important — as it should be in 2023 – companies owe it to themselves to seek alternatives to OSes, and apps that don’t rapaciously collect data and ‘call home’ with such profligacy.

Sailfish OS the secure OS

In a quiet corner of Scandinavia, Finnish company Jolla created its Sailfish OS, a Linux-based advanced phone (and tablet) operating system that’s the choice of several national police and armed forces, government departments, and security services worldwide.

The OS was developed specifically for secure environments at an enterprise level, with the device hardware encrypted by default. Apps run in a ‘Firejail’ sandbox, MDM (mobile device management) is baked in, and like its Linux basis, is natively multi-user. While the user interface is closed-source (licenses cost around $45 per device), the operating system is open-source and highly extensible. The company states there are 22 separate APIs available, so organizations can effectively add to, remove, or extend features on board all their fleet’s devices.

Apps and Android

Thanks to a software abstraction level that sits on top of the core OS, Sailfish devices can run Android apps in addition to a large library of native applications. That means that many organizations will be able to deploy Sailfish devices without too much reworking of their existing IT stack.

As a basic example, we tested the email client that ships with vanilla Sailfish against our Office 365 server, and the results were seamless. Calendars, contacts, and emails synchronized as expected, but we experienced some difficulties with Teams (over and above the usual difficulties experienced by Teams users forced to navigate its challenging user interface). Because no native Google Play Services is running on the device, there were no notifications for new messages – like many apps, Google has centralized notification calls through its Play Services.

We were able to synchronize with webdav- and caldav-based services with no special configuration, and online file-sharing services such as Google Drive, Dropbox, and Nextcloud were all immediately available.

UI and usability in a secure OS

As a day-to-day experience, Sailfish OS is a beautiful piece of design, aesthetically and in usability terms. The designers have clearly thought through each user journey to reach apps, notifications, preferences and settings, and the GUI is consistent and smooth.

Even for new users, the clear signposting of where information and actions might be found (like a short pull down to invoke actions like “New Item” or “Sync with Cloud”) makes Sailfish’s learning curve short and relatively flat.

Some intelligent choices [pdf] have also been made when running Android native apps, with only the relevant Android navigation cues appearing. For example, an app has to reference an Android native setting. For example, the only onscreen button to tap will be the ‘back arrow’ to return the user to Sailfish-land.

Sticking points and wrinkles

Don’t expect Sailfish OS to work in exactly the same ways that users are accustomed to with their Android and iOS devices; some re-adjustment is necessary. But if your workforce’s workflows are based heavily on mobile use, like the introduction of any new major tool, changes will have to be made: to the supporting IT provision, to users’ daily experience of their devices, and perhaps to choice of other applications used in the enterprise.

However the security, reliability, and solidity of Sailfish OS, currently in its fourth iteration, should ensure a good return on investment for those willing to embark on what would be a large-scale retooling for the sake of security and IP protection.

Conclusions: Sailfish, the secure OS for mobile

There are also limits on the devices on which Sailfish will run on without developer attention to attune the OS to an unknown hardware device. Like many open-source projects, individuals and small groups are working hard to port Sailfish to all manner of hardware, and enterprise IT departments could easily piggyback onto an existing project to give themselves a jump start. Alternatively, choosing pre-approved devices will get organizations up and running even faster.

“A pretty compelling platform…”