Enterprise security shoot-out: iPad vs. Android

Davey Winder investigates the relative IT sec pros and cons of iOS and Android tablets…

Shootout

Jailbreaking an iOS device enables software that has not gone through the Apple approval process to be installed, which should immediately start ringing security alarm bells as it also opens the device to a higher risk of malware infection. Apps on jailbroken devices can run as root and outside of the application sandbox, gaining access to any device functionality they like. That's obviously not a good idea from the security perspective.

The bottom line is that jailbreaking either device is an equally bad idea from the enterprise security perspective.

What is less obvious is that the act of jailbreaking itself also introduces additional risk as most breaking processes rely upon unpatched security holes in the OS in order to work. Android devices can also be rooted' which is the equivalent of jailbreaking, but this is less likely as the unapproved apps' argument does not exist in the Android universe. The bottom line is that jailbreaking either device is an equally bad idea from the enterprise security perspective.

6. Mobile malware explosion bounces off the iPad and onto Android

Whilst Android has become, according to security vendors, the most attacked mobile operating system in terms of malware infection, iOS devices remain untouched by malware in the wild.

Catalin Cosoi, head of the Bitdefender Online Threats Lab told IT Pro that 2011 has been "the year of Android malware." There have been an increasing number of samples and Cosoi explained how most malicious apps for Android attempt to pilfer confidential information from the device which will further be used either for targeted attacks or sold on the black market.

Data being stolen from Android devices might seem harmless on first appearances, but it is being used for serious attacks.

7.The browser is your business friend

Sean Farrington from QlikTech advises that whether using an iPad or an Android tablet, enterprises should ensure any business applications are browser-based rather than app-based.

"By only being able to access data with an internet connection, security can be centralised and avoid any issues if the device is left unattended or stolen," he said.

Farrington claimed Apple has the security edge as it recently updated the iPad iOS "with a range of built-in enterprise-level security tools allowing for remote management and device-level encryption and password protection which is more robust than what is on offer from Android tablets at present."

8. Bring Your Own Device = Danger Will Robinson

The truth is that your employees are bringing their own devices, iPads and Android tablets to work and they are not secure. There, we said it.

"Many security breaches by employees are unintentional, but serious nonetheless," said Andy Jacques, a VP with Good Technology. "For example, an employee will frequently forward email and documents to personal Webmail accounts accessible on their tablets, or they will download and install productivity apps that copy documents to web-based repositories that are not only outside your company but do not comply with your security policies".

Whether workers are running Android or iOS, BYOD is a threat that businesses need to get cover for.

9. Linus' Law loves Androids

In his book "The Cathedral and the Bazaar" Eric Raymond wrote that Linus's Law dictates "given a large enough beta-tester and co-developer base, almost every problem will be characterised quickly and the fix will be obvious to someone."

Or to put it another way, given enough eyeballs all bugs are shallow. The Android source code is subject to enough eyeballs for security problems to be uncovered and fixed in short order, thus improving the core security of the OS. The same cannot be said of iOS which relies instead on the dev team within Apple.

It's one of the few areas where Android wins over iOS in security.

10. Keep taking the tablets

Tablets are understandably an end-user hit in the enterprise, and more specifically outside of it. Whether employees are using iPads or Android-powered devices though, the same focus on security is paramount.

Sure, each presents some unique challenges for IT security managers but both require the same secure integration into the IT infrastructure of your business. A tablet is, at the end of the day, only as secure as the policies and processes you have in place to secure it.

Featured Resources

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Simplify cluster security at scale

Centralised secrets management across hybrid, multi-cloud environments

Download now

The endpoint as a key element of your security infrastructure

Threats to endpoints in a world of remote working

Download now

2021 state of IT asset management report

The role of IT asset management for maximising technology investments

Download now

Most Popular

Do smart devices make us less intelligent?
artificial intelligence (AI)

Do smart devices make us less intelligent?

19 Oct 2020
Politicians need to stop talking about technology
Policy & legislation

Politicians need to stop talking about technology

21 Oct 2020
Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

21 Oct 2020