Enterprise security shoot-out: iPad vs. Android

Davey Winder investigates the relative IT sec pros and cons of iOS and Android tablets…

Jailbreaking an iOS device enables software that has not gone through the Apple approval process to be installed, which should immediately start ringing security alarm bells as it also opens the device to a higher risk of malware infection. Apps on jailbroken devices can run as root and outside of the application sandbox, gaining access to any device functionality they like. That's obviously not a good idea from the security perspective.

The bottom line is that jailbreaking either device is an equally bad idea from the enterprise security perspective.

What is less obvious is that the act of jailbreaking itself also introduces additional risk as most breaking processes rely upon unpatched security holes in the OS in order to work. Android devices can also be rooted' which is the equivalent of jailbreaking, but this is less likely as the unapproved apps' argument does not exist in the Android universe. The bottom line is that jailbreaking either device is an equally bad idea from the enterprise security perspective.

6. Mobile malware explosion bounces off the iPad and onto Android

Whilst Android has become, according to security vendors, the most attacked mobile operating system in terms of malware infection, iOS devices remain untouched by malware in the wild.

Catalin Cosoi, head of the Bitdefender Online Threats Lab told IT Pro that 2011 has been "the year of Android malware." There have been an increasing number of samples and Cosoi explained how most malicious apps for Android attempt to pilfer confidential information from the device which will further be used either for targeted attacks or sold on the black market.

Data being stolen from Android devices might seem harmless on first appearances, but it is being used for serious attacks.

7.The browser is your business friend

Sean Farrington from QlikTech advises that whether using an iPad or an Android tablet, enterprises should ensure any business applications are browser-based rather than app-based.

"By only being able to access data with an internet connection, security can be centralised and avoid any issues if the device is left unattended or stolen," he said.

Farrington claimed Apple has the security edge as it recently updated the iPad iOS "with a range of built-in enterprise-level security tools allowing for remote management and device-level encryption and password protection which is more robust than what is on offer from Android tablets at present."

8. Bring Your Own Device = Danger Will Robinson

The truth is that your employees are bringing their own devices, iPads and Android tablets to work and they are not secure. There, we said it.

"Many security breaches by employees are unintentional, but serious nonetheless," said Andy Jacques, a VP with Good Technology. "For example, an employee will frequently forward email and documents to personal Webmail accounts accessible on their tablets, or they will download and install productivity apps that copy documents to web-based repositories that are not only outside your company but do not comply with your security policies".

Whether workers are running Android or iOS, BYOD is a threat that businesses need to get cover for.

9. Linus' Law loves Androids

In his book "The Cathedral and the Bazaar" Eric Raymond wrote that Linus's Law dictates "given a large enough beta-tester and co-developer base, almost every problem will be characterised quickly and the fix will be obvious to someone."

Or to put it another way, given enough eyeballs all bugs are shallow. The Android source code is subject to enough eyeballs for security problems to be uncovered and fixed in short order, thus improving the core security of the OS. The same cannot be said of iOS which relies instead on the dev team within Apple.

It's one of the few areas where Android wins over iOS in security.

10. Keep taking the tablets

Tablets are understandably an end-user hit in the enterprise, and more specifically outside of it. Whether employees are using iPads or Android-powered devices though, the same focus on security is paramount.

Sure, each presents some unique challenges for IT security managers but both require the same secure integration into the IT infrastructure of your business. A tablet is, at the end of the day, only as secure as the policies and processes you have in place to secure it.

Featured Resources

BCDR buyer's guide for MSPs

How to choose a business continuity and disaster recovery solution

Download now

The definitive guide to IT security

Protecting your MSP and your customers

Download now

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

Download now

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Recommended

Data breach exposes widespread fake reviews on Amazon
data breaches

Data breach exposes widespread fake reviews on Amazon

7 May 2021
TsuNAME vulnerability could enable DDoS attacks on major DNS servers
distributed denial of service (DDOS)

TsuNAME vulnerability could enable DDoS attacks on major DNS servers

7 May 2021
What are SSH keys?
cyber security

What are SSH keys?

7 May 2021
Google’s about to push everyone into two-factor authentication
Security

Google’s about to push everyone into two-factor authentication

6 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021