Android 15 中的企业功能新变化
使用集合让一切井井有条
根据您的偏好保存内容并对其进行分类。
本页面简要介绍了 Android 15(API 级别 35)中引入的企业 API、功能和行为变更。
增强了员工和设备保护功能
Android 15 引入了盗窃防护、钓鱼式攻击控制和个人资料私密空间等功能,可进一步保护员工和设备。
Android 盗窃防护
- 保护敏感的业务数据,使其免遭盗窃。
- 增强隐私保护,防止未经授权访问用户个人数据。
个人资料的私密空间
- 私密空间是 Android 15 中的一项新功能,可让用户在个人资料中创建一个单独的区域,并添加额外的身份验证层,以便在公共场所工作时屏蔽特定的个人应用。
- 在受管理的设备上:
NIAP 合规性维护
Android 15 会将现有的备份服务审核日志记录事件从 logcat 迁移到安全日志,并正式定义 SecurityLog.TAG_BACKUP_SERVICE_TOGGLED
。
更有效地管理公司自有设备
Android 15 简化了 eSIM 管理,为 Android 工作资料添加了“圈定即搜”控件,并为公司自有设备添加了更多自定义选项,从而加强了公司自有设备管理。
简化受管理设备上的 eSIM 卡管理
- Android 15 添加了平台 API,可让 IT 管理员远程将 eSIM 卡配置文件配置到受管理的设备上。这还包括对 eSIM 卡配置文件的新控制。
- 我们引入了“受管理的 SIM 卡”/“受管理的订阅”的概念,支持以下功能:
- IT 管理员可以通过编程方式下载和删除 eSIM 卡配置文件。
- 在公司自有设备上,IT 管理员可以在下载后以静默方式激活 eSIM 卡。此外,用户无法删除管理员下载的受管理的 eSIM 卡。IT 管理员可以设置
DISALLOW_CONFIG_MOBILE_NETWORKS
用户限制,以禁止用户删除受管理的 eSIM 卡。
- 自带设备 (BYOD) 用户可以随时选择删除 SIM 卡。
Android 工作资料中的“圈定即搜”功能控件
- 管理员可以选择在完全托管的设备上或在 Android 工作资料中屏蔽“圈定即搜”功能。
- 用户可以在工作时更顺畅地进行搜索。
公司自有设备的其他自定义设置
- Android 15 针对企业自有、个人启用的 (COPE) 设备提供可自定义的屏幕亮度和超时控制,可延长电池续航时间。此功能已适用于完全托管的设备。
- 在公司自有且个人启用的 (COPE) 设备上,为个人资料强制执行默认设置。
- IT 管理员可以在设置之前强制使用 OEM 默认的拨号器、消息和浏览器应用,并使用
DISALLOW_CONFIG_DEFAULT_APPS
阻止最终用户更改这些应用。
- 设置安装后的默认值必须与应用许可名单控制相结合。
- IT 管理员只有在应用已位于用户的个人资料中时,才能将其设为默认应用。
本页面上的内容和代码示例受内容许可部分所述许可的限制。Java 和 OpenJDK 是 Oracle 和/或其关联公司的注册商标。
最后更新时间 (UTC):2025-08-27。
[[["易于理解","easyToUnderstand","thumb-up"],["解决了我的问题","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["没有我需要的信息","missingTheInformationINeed","thumb-down"],["太复杂/步骤太多","tooComplicatedTooManySteps","thumb-down"],["内容需要更新","outOfDate","thumb-down"],["翻译问题","translationIssue","thumb-down"],["示例/代码问题","samplesCodeIssue","thumb-down"],["其他","otherDown","thumb-down"]],["最后更新时间 (UTC):2025-08-27。"],[],[],null,["This page provides an overview of the enterprise APIs, features, and behavior\nchanges introduced in Android 15 (API level 35).\n\nEnhanced employee and device protection\n\nAndroid 15 enhances employee and device protection with features like theft\nprotection, phishing controls, and private space for personal profiles.\n\nAndroid theft protection\n\n- Protect sensitive business data from theft.\n- Enhance your privacy and prevent unauthorized access to users' personal data.\n\nPrivate space for personal profile\n\n- [Private space](/about/versions/15/features#private-space) is a new feature in Android 15 that lets users create a separate area within their personal profile under an additional layer of authentication, to shield specific personal apps while working in public spaces.\n- On managed devices:\n - Administrators are able to block users from having a private space and remove an existing private space on the personal profile of a corporate owned device. See [`UserManager.DISALLOW_ADD_PRIVATE_PROFILE`](/reference/android/os/UserManager#DISALLOW_ADD_PRIVATE_PROFILE).\n - Existing personal app allowlists and blocklists also apply to the private space on devices managed by the [`Android Management API`](https://developers.google.com/android/management/reference/rest/v1/enterprises.policies#PersonalApplicationPolicy). This feature will be available to [`custom DPCs`](/work/dpc/build-dpc) in the future.\n - Private space is not available on fully managed devices.\n - A new [`UserManager.USER_TYPE_PROFILE_PRIVATE`](/reference/android/os/UserManager#USER_TYPE_PROFILE_PRIVATE) is now available.\n\nNIAP compliance maintenance\n\nAndroid 15 migrates existing backup service audit logging events from logcat to\nsecurity log with the formal definition of\n[`SecurityLog.TAG_BACKUP_SERVICE_TOGGLED`](/reference/android/app/admin/SecurityLog#TAG_BACKUP_SERVICE_TOGGLED).\n\nStronger management of company-owned devices\n\nAndroid 15 strengthens company-owned device management by simplifying eSIM\nmanagement, adding controls for Circle to Search on Android Work Profile, and\nadding more customization options for corporate-owned devices.\n\nSimplify eSIM management on managed devices\n\n- Android 15 adds platform APIs to allow an IT Admin to remotely provision eSIM profiles onto managed devices. This also includes new controls over the eSIM profiles.\n- We introduce the concept of a \"Managed SIM\"/\"Managed Subscription\", supporting the following features:\n - IT admins can download and delete the eSIM profiles programmatically.\n - On company-owned devices, the IT admin can activate the eSIM silently after download. Also, users can't delete the admin-downloaded managed eSIM. IT admins can set [`DISALLOW_CONFIG_MOBILE_NETWORKS`](/reference/android/os/UserManager#DISALLOW_CONFIG_MOBILE_NETWORKS) user restriction to disallow users from deleting the managed eSIM.\n - Bring your own device (BYOD) users can choose to delete the SIM at any time.\n\nControls for Circle to Search on Android Work Profile\n\n- Admins can choose to block the Circle to Search feature on fully managed devices or within an Android Work Profile.\n- Users can search more seamlessly at work.\n\nAdditional customization for corporate-owned devices\n\n- Extend battery life with customizable screen brightness and timeout controls, which are included in Android 15 for corporate-owned, personally enabled (COPE) devices. This feature already existed for fully managed devices.\n- Enforce the defaults for the personal profile on company-owned, personally enabled (COPE) devices.\n - IT admins can enforce the OEM-default dialer, messages, and browser apps prior to set up, and prevent the end user from changing them using [`DISALLOW_CONFIG_DEFAULT_APPS`](/reference/android/os/UserManager#DISALLOW_CONFIG_DEFAULT_APPS).\n - Setting the defaults after setup must be combined with app allowlist controls.\n - IT admins can only make an app the default if it's already in the user's personal profile."]]