iOS v Android: Why Apple's iPhone 5 wins for enterprise IT
BYOD and iPhone 5. These phrases should fit well together, given Apple’s proven track record for quick reaction to incidences of malware via its App Store (there has been one, quickly controlled) and the company’s focus on security at an OS level. In contrast, the other big consumer smartphone platform (Android) has a track record of becoming increasingly malware-ridden as black hat types recognize its many vulnerabilities.
Certainly, the openish architecture of the Android platform seems to make it an attractive prospect to many enterprise users, but the sad truth is that it seldom makes it all the way through corporate security policy trials.
Three statistics tell us why this is the case:
Bitdefender this week released its August 2012 Android Malware Threats report. This showed a reduction in the number of adware-bundled apps: from an unacceptable 77.34 percent in July to a still unacceptable 55.15 percent in June.
There’s already active malware on the platform, the report reveals. For example, the Android.Trojan.GingerMaster.AU is the biggest such threat, with a 13.78 per cent infection rate. This targets the widely-used Android 2.3 OS (Gingerbread) and its payload is hidden inside numerous apps. When an infected device is rebooted it launches the Trojan in the background and begins to broadcast device IDs, phone numbers and more to a command and control server.
The security experts at Sophos also note the growing tide of malicious apps for Android, saying that so far in 2012 they have seen a 41x increase in malicious apps over 2011.
"It is worth mentioning that there have not been any incidents of malware inside the iOS Apple App Store since its launch 5 years ago," wrote Kaspersky Labs.
In an attempt to boost its enterprise credibility, Samsung this year introduced a designation called SAFE or Samsung Approved for Enteprise, a self-policed kite mark it says ensured designated devices include support for security policies such as ActiveSync and 256-bit AES encryption.
Apple’s answer is the extensive provision of security enhancements put in place inside every iOS device as detailed within this May report (PDF).
Google is also taking some steps to address this: “We are adding a new section that addresses ad behavior in apps. First, we make it clear that ads in your app must follow the same rules as the app itself. Also, it is important to us that ads don’t negatively affect the experience by deceiving consumers or using disruptive behavior such as obstructing access to apps and interfering with other ads.”
But with security emerging as a huge issue as major enterprises entrust their valuable data to consumer-focused devices, Apple remains in the catbird seat. (Check out this good advice for building effective security policies.)
Sony is a text book example of a disrupted company --and the same thing could happen to your IT department if you're not careful.
As a result, many employers continue to wipe compromised phones completely.
Appthority offers IT pros incredible insight into the security and risks of mobile apps being used in their organizations. It also highlights the challenges that stores with hundreds of thousands of apps pose to the selection process for both IT and business users.