Report: Neither iOS nor Android inherently more secure than the other

Apple has an edge in a couple of areas, but there are still ways into its walled garden, Marble Security said

Apple's tight vetting of mobile applications gives it a security edge over Android, but there are still several ways for attackers to steal data from iOS devices, a mobile security company warned in a report Tuesday.

The report looked at the risk factors facing users of the platforms, concluding that enterprises still face data breach risks regardless of the platform used.

"Neither iOS nor Android is inherently more secure than the other," according to Marble Security. "The risks to enterprises allowing employees to bring in their own devices, whether iOS or Android-based, are not that dissimilar."

For iOS users who haven't jailbroken their devices, the only source of applications is the App Store, which Apple closely monitors for potentially malicious applications. But Android users have a choice of many marketplaces outside of Google's Play store which may not analyze applications for bad behavior, the report said.

Apple has another small advantage in that iOS has much less "fragmentation," or a multitude of versions and configurations of its operating system. In contrast, Android is heavily fragmented: Marble Security counted 11,868 types of devices that run myriad versions of Android.

Those Android versions "may have security vulnerabilities, old patch levels, insecure configurations or unsecured apps installed from the factory," the report said.

Still, there are a couple of avenues into the "walled garden" of iOS, it said. For example, an application not from the App Store can be installed on a non-jailbroken device using TestFlight, which is a platform for distributing beta apps to select user groups.

"While Android devices can more easily obtain apps from non-vetted sites, there are many ways for iOS apps to also get onto devices, which spells trouble for the enterprise," Marble said.

iOS faces risks from mobile device management configurations, which can be delivered via a website. That kind of attack would require using social engineering to lure someone to a website and convincing the person to install a malicious configuration, the report said.

But "if that user installs a hostile configuration profile, then the enterprise is at risk for intercepted traffic, fake app installation, sophisticated phishing and APTs (advanced persistent threats)," Marble said. "We have seen many tactics used to deceive users to install these profiles."

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags securitymobileGoogleAppleiosapplicationstelecommunicationMobile OSesAndroid OS

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Show Comments

Brand Post

Bitdefender 2018

Secure and Save before time runs out with Bitdefender Exclusive Clearance Offer! Get Bitdefender Total Security 2018 Now!

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?