Re: How about Android?
Both Android and iOS are insecure by design. The underlying OS may be securable but the end-user model is that the person holding the gadget van do anything they like. Since most end-users are clueless about IT security, this is about as secure as MS-DOS.
The fix is an explicit distiction between being a user and being an admin. Both OSes could do this but have chosen not to.
If MS want to play in the phone space, they should just release Normal Windows and point out that, firstly, a domain-joined phone could be managed by Group Policy, which might appeal to corporates, and secondly that even a stand-alone phone could be more secure for children simply by with-holding the admin password from them.