Enterprise security shoot-out: iPad vs. Android
Davey Winder investigates the relative IT sec pros and cons of iOS and Android tablets…


Jailbreaking an iOS device enables software that has not gone through the Apple approval process to be installed, which should immediately start ringing security alarm bells as it also opens the device to a higher risk of malware infection. Apps on jailbroken devices can run as root and outside of the application sandbox, gaining access to any device functionality they like. That's obviously not a good idea from the security perspective.
The bottom line is that jailbreaking either device is an equally bad idea from the enterprise security perspective.
What is less obvious is that the act of jailbreaking itself also introduces additional risk as most breaking processes rely upon unpatched security holes in the OS in order to work. Android devices can also be rooted' which is the equivalent of jailbreaking, but this is less likely as the unapproved apps' argument does not exist in the Android universe. The bottom line is that jailbreaking either device is an equally bad idea from the enterprise security perspective.
6. Mobile malware explosion bounces off the iPad and onto Android
Whilst Android has become, according to security vendors, the most attacked mobile operating system in terms of malware infection, iOS devices remain untouched by malware in the wild.
Catalin Cosoi, head of the Bitdefender Online Threats Lab told IT Pro that 2011 has been "the year of Android malware." There have been an increasing number of samples and Cosoi explained how most malicious apps for Android attempt to pilfer confidential information from the device which will further be used either for targeted attacks or sold on the black market.
Data being stolen from Android devices might seem harmless on first appearances, but it is being used for serious attacks.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
7.The browser is your business friend
Sean Farrington from QlikTech advises that whether using an iPad or an Android tablet, enterprises should ensure any business applications are browser-based rather than app-based.
"By only being able to access data with an internet connection, security can be centralised and avoid any issues if the device is left unattended or stolen," he said.
Farrington claimed Apple has the security edge as it recently updated the iPad iOS "with a range of built-in enterprise-level security tools allowing for remote management and device-level encryption and password protection which is more robust than what is on offer from Android tablets at present."
8. Bring Your Own Device = Danger Will Robinson
The truth is that your employees are bringing their own devices, iPads and Android tablets to work and they are not secure. There, we said it.
"Many security breaches by employees are unintentional, but serious nonetheless," said Andy Jacques, a VP with Good Technology. "For example, an employee will frequently forward email and documents to personal Webmail accounts accessible on their tablets, or they will download and install productivity apps that copy documents to web-based repositories that are not only outside your company but do not comply with your security policies".
Whether workers are running Android or iOS, BYOD is a threat that businesses need to get cover for.
9. Linus' Law loves Androids
In his book "The Cathedral and the Bazaar" Eric Raymond wrote that Linus's Law dictates "given a large enough beta-tester and co-developer base, almost every problem will be characterised quickly and the fix will be obvious to someone."
Or to put it another way, given enough eyeballs all bugs are shallow. The Android source code is subject to enough eyeballs for security problems to be uncovered and fixed in short order, thus improving the core security of the OS. The same cannot be said of iOS which relies instead on the dev team within Apple.
It's one of the few areas where Android wins over iOS in security.
10. Keep taking the tablets
Tablets are understandably an end-user hit in the enterprise, and more specifically outside of it. Whether employees are using iPads or Android-powered devices though, the same focus on security is paramount.
Sure, each presents some unique challenges for IT security managers but both require the same secure integration into the IT infrastructure of your business. A tablet is, at the end of the day, only as secure as the policies and processes you have in place to secure it.
Davey is a three-decade veteran technology journalist specialising in cybersecurity and privacy matters and has been a Contributing Editor at PC Pro magazine since the first issue was published in 1994. He's also a Senior Contributor at Forbes, and co-founder of the Forbes Straight Talking Cyber video project that won the ‘Most Educational Content’ category at the 2021 European Cybersecurity Blogger Awards.
Davey has also picked up many other awards over the years, including the Security Serious ‘Cyber Writer of the Year’ title in 2020. As well as being the only three-time winner of the BT Security Journalist of the Year award (2006, 2008, 2010) Davey was also named BT Technology Journalist of the Year in 1996 for a forward-looking feature in PC Pro Magazine called ‘Threats to the Internet.’ In 2011 he was honoured with the Enigma Award for a lifetime contribution to IT security journalism which, thankfully, didn’t end his ongoing contributions - or his life for that matter.
You can follow Davey on Twitter @happygeek, or email him at davey@happygeek.com.
-
M&S suspends online sales as 'cyber incident' continues
News Marks & Spencer (M&S) has informed customers that all online and app sales have been suspended as the high street retailer battles a ‘cyber incident’.
By Ross Kelly
-
Manners cost nothing, unless you’re using ChatGPT
Opinion Polite users are costing OpenAI millions of dollars each year – but Ps and Qs are a small dent in what ChatGPT could cost the planet
By Ross Kelly
-
Capita tells pension provider to 'assume' nearly 500,000 customers' data stolen
Capita told the pension provider to “work on the assumption” that data had been stolen
By Ross Kelly
-
Gumtree site code made personal data of users and sellers publicly accessible
News Anyone could scan the website's HTML code to reveal personal information belonging to users of the popular second-hand classified adverts website
By Connor Jones
-
Pizza chain exposed 100,000 employees' Social Security numbers
News Former and current staff at California Pizza Kitchen potentially burned by hackers
By Danny Bradbury
-
83% of critical infrastructure companies have experienced breaches in the last three years
News Survey finds security practices are weak if not non-existent in critical firms
By Rene Millman
-
Identity Automation launches credential breach monitoring service
News New monitoring solution adds to the firm’s flagship RapidIdentity platform
By Praharsha Anand
-
Neiman Marcus data breach hits 4.6 million customers
News The breach took place last year, but details have only now come to light
By Rene Millman
-
Indiana notifies 750,000 after COVID-19 tracing data accessed
News The state is following up to ensure no information was transferred to bad actors
By Rene Millman
-
Pearson fined $1 million for downplaying severity of 2018 breach
News The SEC found the London-based firm made “misleading statements and omissions” about the intrusion
By Rene Millman