Global Sources
EE Times-Asia
Stay in touch with EE Times Asia
EE Times-Asia > Embedded

Android, iOS offer improved security, but issues remain

Posted: 01 Jul 2011 ?? ?Print Version ?Bookmark and Share

Keywords:mobile platform? cyberattack protection? security risk?

Symantec Corp. has released a whitepaper that presented a technical evaluation of Apple Inc. and Google Inc.'s mobile platforms. The publication aims to help corporations understand the security risks of deploying the software in enterprises.

The report "A Window Into Mobile Device Security: Examining the security approaches employed in Apple's iOS and Google's Android," revealed that although the design of the platforms were geared toward offering tighter security, the features do not guarantee the protection of sensitive enterprise assets that find their way to the devices. The increasing trend to connect and synchronize mobile devices with third-party cloud and desktop-based services external to the enterprise is also putting key assets at risk.

The platforms were assessed in their effectiveness against web-based and network-based attacks, malicious and unintentional data loss, malware, social engineering attacks, resource and service availability abuse and attacks on the integrity of the device's data.

Apple's iOS security model was observed to offer stronger protection against traditional malware, primarily due to Apple's rigorous app certification process and their developer certification process that vets the identity of each software author and weeds out attackers. Google has opted for a less rigorous certification model, permitting any software developer to create and release apps anonymously, without inspection. This lack of certification has arguably led to today's increasing volume of Android-specific malware. So-called "jailbroken" devicesdevices whose security has been disabledoffer attractive targets for attackers since these devices are every bit as vulnerable as traditional PCs, Symantec said.

"Today's mobile devices are a mixed bag when it comes to security," according to Carey Nachenberg, Symantec fellow and chief architect, Symantec security technology and response. "While more secure than traditional PCs, these platforms are still vulnerable to many traditional attacks. Moreover, enterprise employees are increasingly using unmanaged personal devices to access sensitive enterprise resources and then connecting these devices to 3rd-party services outside of the governance of the enterprise, potentially exposing key assets to attackers."

Article Comments - Android, iOS offer improved security...
*? You can enter [0] more charecters.
*Verify code:


Visit Asia Webinars to learn about the latest in technology and get practical design tips.

Back to Top