Last week, I talked about Pokemon Go and security problems, one of which is a Google-related flaw for iOS users, which has been addressed and hopefully fixed.https://o1.qnsr.com/log/p.gif?;n=203;c=204663295;s=11915;x=7936;f=201904081034270;u=j;z=TIMESTAMP;a=20410779;e=iThat’s the good news for iPhone users (and for BYOD security issues). The bad news is that there are new reports about overall security issues with iPhones and iOSs.
Skycure, which specializes in mobile threat defense, recently released a study that focused on mobile malware in the enterprise space. The report found that companies with 200 or more iPhone or Androids in the workplace are almost guaranteed to have at least one malware-infected device – and it doesn’t matter if those devices are BYOD or enterprise-controlled.
Also, the more Android devices, the more likely the organization is to have multiple devices with malware. That’s the unfortunate nature of Android, and it is a serious problem. However, as Yair Amit, CTO of Skycure, pointed out in a formal release, IT departments shouldn’t rush to push to an all-iOS standard. Malware is a problem in iOS, too. True, not to the same extent as it is in Androids, but it is there, on 3 percent of iPhones. There are fewer varieties of iPhone malware, but that doesn’t mean that’s less of a threat, as the report stated:
For Android, it is much simpler to create and distribute malware, so there are naturally a large variety of malware instances. iOS, on the other hand, tends to be more difficult [to infect] so once a method is found, it is more likely to be used repeatedly, resulting in less variety.
So why am I writing about such a small number of infected iPhones? Because there is still a lingering belief out there that iPhones and iOS overall are malware-proof – an idea I really wish would be put to rest (and as recently as last year, Apple tried to push that myth). Earlier this year, in fact, CNET warned that iPhones are susceptible to malware “right from the box,” using a piece of malware dubbed AceDeceiver. It’s one of the first pieces of malware to directly affect non-jailbroken devices.
I hope this attitude about iPhones is changing, but it may be the reason why, when Skycure released its study, the emphasis was on the likelihood that an iPhone somewhere in a company is infected. The natural inclination is to automatically assume the malware threats coming from mobile devices are coming from Android. And they are, of course, but they aren’t alone.
I’m going to leave you with a tidbit from this survey that isn’t necessarily Android- or iPhone-specific but something I found fascinating. Want to help keep your network-connected mobile devices clean from malware? The report advises that you avoid installing apps between 9 and 10 am ET because you are 10 times more likely to download malware in that hour than in any other time of the day.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba.