Are dangers lurking on your workers' operating systems? We have had enough wake-up calls now, right? Enough squeaky-bum moments. Events over the past year have made it clear that hackers, whether sponsored by the NSA, GCHQ or a crooked millionaire, can and will breach the defences of mobile operating systems of any type. For IT, it has become apparent that guaranteeing the …
"The policy should allow IT to quarantine or wipe devices that pose a threat"
No. IT are morons. I had trouble with them assuming my Debian machine is Windows just because it responds to SAMBA queries. "Oh it's not patched, we'll pull your network plug"
Was in the middle of a demo to an Sr. VP. On the good side, I did get to sic said Sr. VP on IT
The IT staff is busy patching a critical remote exploit in Windows that has been around since the 90s!
I don't see where iOS and Android are any more insecure than Windows, to the contrary, Windows is far worse. I'll probably get downvoted for saying that, but only a Windows fanboy would refuse to admit there have been many serious exploits affecting millions of people on Windows, and zero such wide-ranging exploits on either iOS or Android. They haven't been around as long, so maybe that will change, but until it does you can't argue that Windows is more secure.
There are two primary differences between Windows and mobile device security, however:
1) IT departments control Windows patching, but not BYOD patching. They can tell what rev you're on and threaten to lock you out if you don't update, but unfortunately that's only realistic for iOS devices. A lot of Android devices won't ever get patches that fix exploit X, so It either has to limit what devices people can bring, or live with the fact there will be vulnerable devices for months or years affected by known exploits.
2) The ability for end users to download apps that, if rogue, can compromise important corporate data that may reside on the device. Assuming you don't allow jailbroken iOS devices, Apple does a pretty good job of this so long as they know to only ever install apps from the App Store. Android is less good, as the Play Store includes a lot of dodgy stuff, though anything truly nasty Google would act quickly to remove it (not clear if they have the ability to remotely disable it like Apple does for those who've already downloaded it) The ability to easily use third party app stores and sideload is a real problem, but perhaps something like the Knox solution of a personal/corporate personality is the solution there, so people can download whatever crap they want and get their personal data stolen, but the corporate data stays secure.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
