Android phones should not be allowed in the Enterprise

Posted:
in General Discussion edited January 2014
With all the malware and security and privacy issues I don't think Android phones should be allowed in the Enterprise.







Twenty percent of applications on Android Market let third parties access private or

sensitive information, according to a report from security vendor SMobile Systems.







http://www.sfgate.com/cgi-bin/articl...4B005D9BBB.DTL



http://www.theinquirer.net/inquirer/...-apps-insecure



http://www.pcworld.com/businesscente...udy_warns.html

Comments

  • daveswdavesw Posts: 406member
    here's another interesting article.



    Security researcher creates botnet for Android, tricks 300 users to download the app



    pair of Android apps written by security researcher Jon Oberheide to demonstrate a method of creating a "botnet" of hijacked phones. By cloaking an application capable of "fetching" new exploit code at will in a fake application offering preview pictures of the upcoming "Twilight Eclipse" film, he tricked more than 300 users into downloading the software. The lesson: a less friendly developer could have used that bait and switch to plant malware on users' devices.



    http://blogs.forbes.com/firewall/201...-android-apps/
  • MarvinMarvin Posts: 13,804member, moderator
    Quote:
    Originally Posted by davesw View Post


    With all the malware and security and privacy issues I don't think Android phones should be allowed in the Enterprise.



    Why would you mind though? Surely if you as an individual choose what you believe to be a safer phone, how would what the enterprise choose affect you?



    Companies using enterprise devices could even run a custom built Android OS that only allows approved apps or only has pre-installed apps.



    Apple's web browser recently had a zero day exploit that the enterprise would be helpless against and could install any software onto a device as root and they'd have to wait for Apple to release an update.



    The App Store quarantining helps but the enterprise has security professionals who know exactly what the security risks are and take strict measures to prevent them no matter the device. Banning Android devices is not necessary at all. The open source nature of it suggests that it would in fact be the best option because iPhone data can be tracked by Apple, which is most likely not something Apple's competitors want in their businesses - Google for example made a move to get rid of Windows in their business not too long ago.
  • daveswdavesw Posts: 406member
    Quote:
    Originally Posted by Marvin View Post


    Why would you mind though? Surely if you as an individual choose what you believe to be a safer phone, how would what the enterprise choose affect you?



    Companies using enterprise devices could even run a custom built Android OS that only allows approved apps or only has pre-installed apps.



    Apple's web browser recently had a zero day exploit that the enterprise would be helpless against and could install any software onto a device as root and they'd have to wait for Apple to release an update.



    The App Store quarantining helps but the enterprise has security professionals who know exactly what the security risks are and take strict measures to prevent them no matter the device. Banning Android devices is not necessary at all. The open source nature of it suggests that it would in fact be the best option because iPhone data can be tracked by Apple, which is most likely not something Apple's competitors want in their businesses - Google for example made a move to get rid of Windows in their business not too long ago.



    you said it. The same security issues concerning Windows in the enterprise (viruses, spywre, malware,etc.) can be applied to Android. Security issues in cell phones are an even bigger problem. Android has become the Windows of the mobile phones.



    What's to prevent some rogue Android app from stealing critical user information and messages, perform DOS attacks, etc. ? And this is not just my imagination IT ALREADY HAPPENED. check this out. http://blogs.forbes.com/firewall/201...-android-apps/





    Yes, you can remote kill rogue apps, but that's after the fact. The key is to not even allow users to download rogue apps in the first place.





    The "open" nature of Android is great for some things, and bad for some. and Security/Privacy is one of them.
Sign In or Register to comment.