To start with, Apple products have long been believed to be free of the risk of malware, and they were. This was partly because the Windows market was a highly target-rich environment-finding vulnerabilities was really easy and there were so many unprotected computers.
That environment has changed, thus making life tougher and less profitable to the creators of malware. But at the same time, these same people have noticed the explosive growth of iOS and Android platforms, and the fact that they're used by the general public, a population generally less savvy about security than the business population with its IT departments, intrusion detection and firewalls. Smart portable devices are now becoming a target-rich environment.
Contributing to this malware threat is the fact that many users believe that their devices are invulnerable and can't be infected by malware. But the fact is that there is no such thing as invulnerability. The reason Apple products have remained malware-free has a lot more to do with their small market share than anything else. After all, why expend the programming effort to develop world-class malware when you can only infect a small percentage of all computers.
But that equation has changed. iOS and Android devices now number in the tens of millions, and they're relatively soft targets. They don't have anti-virus software, there is no intrusion detection running on these devices and the users aren't security-aware. Equally important, they are subject to social engineering approaches. This means that they are more likely to open e-mails and social networking messages that contain malware or links to sites containing malware than PC users who have learned better over the years.
What this means to your enterprise is that you need to make sure your intrusion detection system is up-to-date and can handle exploits aimed at more than just your PCs. It also means that you need to start looking for security software for iOS and Android devices. Right now there are a few anti-virus packages for Android (although I haven't tested any of them). Apple's current position is that it will issue patches for iOS when it finds vulnerabilities. However, Symantec reports that it has already found vulnerabilities in Safari that could be exploited, and urges users to be cautious when visiting suspicious websites. There does not appear to be an anti-virus program for iOS devices as of yet; although, McAfee reports that its Trust Digital enterprise mobile management software can keep malware under control on a variety of mobile devices including Android and iOS devices.
What's worse is that the emerging malware doesn't need to be operating system-specific. German researchers, for example, are reporting a new SMS exploit that can put mobile devices into a state of constant reset. They suggest that with a different payload, the same techniques could be used to take control of devices and send information to malicious parties. Short of refusing to use mobile devices, there's not much right now that you can do to prevent such malware until better protection becomes available. However, now that you know that vulnerabilities may exist, at least you can be on guard for them, and take what steps you can to limit the damage.