Which Mobile Device Is the Most Secure?

redlemonbalmMobile - Wireless

Dec 10, 2013 (3 years and 8 months ago)

74 views

Which Mobile Device Is the
Most Secure?
iPhone, Android and Windows Phone 8—select the best device for your business
By
Vanja Svajcer
, Principal Researcher
Gone is the day of the corporate-issued BlackBerry device. With its
finely ingrained policies, BlackBerry was once the go-to mobile device
for security-savvy enterprises. Research from IDC shows that iPhone
and Android now hold over 80% of market share, with Windows Phone 8
and BlackBerry competing for the third spot. The rising trend of mobility
consumerization has reached a point where it is increasingly difficult for IT
organizations to settle on a standard mobile device. This whitepaper will
help you identify each device platform’s security features—and choose the
right platform for your business.
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
?
A Sophos Article
July 2013
2
iPhone vs. Android vs. Windows Phone 8
Mobile security comparisons
As BlackBerry has declined in popularity with consumers, iOS and Android devices are making
their way into corporations through Bring Your Own Device (BYOD) policies. The inclusion of
fundamental enterprise security features such as full device encryption and Microsoft Exchange
Active Sync compatibility makes iOS and Android powerful business tools—when properly
configured.
BlackBerry
BlackBerry can provide more security features for the risk-conscious enterprise. But the added
security comes with greater complexity. Administrators can enable detailed solutions, but they take
longer to implement. In addition, BlackBerry Enterprise Server (BES) is required for management
and all traffic is routed through the BlackBerry NOC (network operation center).
More and more enterprises, under employee pressure, are adopting a mixed employee and
corporate ownership. Larger corporations are still more likely to stay with the legacy corporate-
issued BlackBerry, but allow employees to bring in their personal device. In this case, a third-party
mobile device management (MDM) solution is also required.
Apple iOS
The manageability of Apple’s iPhone is quite good, although it depends on the user’s willingness to
accept the device being managed by an MDM system. This might not be sufficient for enterprises
that want non-removable management as they had with BlackBerry.
Apple’s support for managing apps still depends mostly on the user accepting the enterprise
changes. A lot of enterprises would want to have a better control of the app provisioning and usage
on the device. The iOS platform has just one app store and Apple plays the gatekeeper to screen for
application integrity.
Android
Android offers only basic manageability for enterprises, starting with the Android 2.2 release. The
most recent platform release, Android 4.0, has seen some enhancements, such as device storage
encryption and external memory cards, but still lacks other features.
As a result of these shortcomings, companies like Samsung, HTC and Motorola are developing
their own “flavor” of Android, releasing devices with more security features to capture the security-
minded enterprise market. This dependency on particular vendors and device models makes it hard
to support all kinds of Android devices, especially for BYOD within enterprises with higher security
or compliance requirements. Samsung with its SAFE (Samsung for enterprise) MDM extension and
the upcoming KNOX dual persona model is the most common known offering in this area.
While the iPhone and BlackBerry are also susceptible to malware, Android is most frequently
targeted by malicious apps. According to SophosLabs, there was a 4,000% increase in the number
of Android malware samples between 2011 and 2012.
But there's good news. Sophos makes a free, lightweight app, Sophos Mobile Security, which keeps
Android devices protected. And in combination with our MDM solution, Sophos Mobile Control, it
can be managed like PC-based antivirus solutions.
Sophos Mobile

Security
Get a free Android
scanner at

Sophos.com
A Sophos Article
July 2013
3
iPhone vs. Android vs. Windows Phone 8
Mobile Device Security Feature Comparison
The following table features full comparisons of iPhone, Android, Samsung SAFE and Windows Phone 8 security features, including
application settings, policy management and transport security.
Security Features
Feature
Apple iOS
Android
Samsung SAFE
Windows Phone 8
Device Wipe
Yes
Yes
Yes
Yes
Corporate Wipe
Yes
No

Only with 3rd party
solutions like Touchdown
Yes
Yes (email only)
Device Lock
Yes
Yes
Yes
No
Device Encryption
Yes

iPhone 3GS or later
Yes

Android 3.0 or later.
Device vendor specific
Yes
Yes
Media Encryption
N/A
Device vendor specific
Device specific
Yes
Password Rules
Yes

Enterprise ready
complexity rules
Yes

Enterprise ready
complexity rules
Yes

Enterprise ready
complexity rules
Yes

Enterprise ready
complexity rules
Device
Restrictions
Yes

Control of:

App installation

App Store access

Backup

Browser

Camera

Roaming

Screen capture
Yes

Control of:

Camera – 4.0
Yes

Control of:

App Store access

Backup

Browser

Camera

Non-market apps

Roaming

SD Card

Screen capture
Yes

Control of:

Encryption

SD Card
Enforce MDM
Control
No

User can always remove a
device from MDM control
No

User can always remove a
device from MDM control
Yes
No

User can always remove a
device from MDM control
A Sophos Article
July 2013
4
iPhone vs. Android vs. Windows Phone 8
Enterprise Configuration
Feature
Apple iOS
Android
Samsung SAFE
Windows Phone 8
Over-the-Air
Provisioning
Yes
Yes
Yes
Yes
Over-the-Air

Policy Updating
Yes
Yes
Yes
Yes

No push, device polls in
defined intervals
Email settings
Yes
No

Only with 3rd party
solutions like Touchdown
Yes
Yes
Wi-Fi Settings
Yes
No
Yes
No
VPN Settings
N/A
No
Yes
No
Certificate
Management
Yes
No
Yes
Yes

Limited
Application Control
Feature
Apple iOS
Android
Samsung SAFE
Windows Phone 8
App Installation
Yes

User agrees to install
pushed app
Yes

User agrees to install app
Yes

Silent installation
(Yes)

Only via Enterprise App
Store
App Removal
Yes

Managed apps can be
silently removed
Yes

User agrees to

remove app
Yes

Managed apps can be
silently removed
(Yes)

OS allows removal of all
apps of a publisher
App Launch
Control
No
(Yes)

Via 3rd party solutions
(Yes)

Via 3rd party solutions
No
Asia Sales
7.13.GH.arna.simple
© Copyright 2013. Sophos Ltd. All rights reserved.
Oxford, UK | Boston, USA
Email: salesasia@sophos.com
Australia and New Zealand Sales
trademarks or registered trademarks of their respective owners.
Registered in England and Wales No. 2096520, The Pentagon, Abingdon Science Park, Abingdon, OX14 3YP, UK
Email: sales@sophos.com.au
Tel: +61 2 9409 9100
iPhone vs. Android vs. Windows Phone 8
United Kingdom and Worldwide Sales
Toll Free: 1-866-866-2802
North American Sales
Tel: +65 62244168
Sophos is the registered trademark of Sophos Ltd. All other product and company names mentioned are
Email: sales@sophos.com
Email: nasales@sophos.com
Tel: +44 (0)8447 671131
Other
Feature
Apple iOS
Android
Samsung SAFE
Windows Phone 8
OS Updates
Apple centrally pushes
updates to the recent
devices
Limited updates,
depending on device
manufacturer, carrier.
Google Nexus devices
receive regular updates.
Limited updates,
depending on
Samsung and carrier
Microsoft centrally pushes
updates to recent devices
Remote Screen
Sharing
No
No
Yes
No
As an IT administrator planning to adopt BYOD, you need an MDM solution that can help you secure the diversity of devices in your
corporate environment. Sign up for a free trial of Sophos Mobile Control today.
Sophos Mobile Control
Sign up for a free trial at Sophos.com