Mobile OS security compared

In recent history there have been some great debates: Frost vs. Nixon, communism vs. democracy, Coke vs. Pepsi. One of the biggest debates is a four-way debate between which mobile system is better, is it Android, iOS, Windows Phone or BlackBerry? Everyone you ask will have an opinion and anyone with the opposite opinion is usually wrong. These debates often gloss over security of devices, leaving managers wondering what mobile device is best security wise?

Here’s a comparison of the security of the four most popular mobile platforms: iOS, Android, Windows Phone, BlackBerry.

Encryption
The ability to encrypt your phone (make the data unreadable without a key) is an important feature if you use your phone to view or store private or secure documents. Users of Android 4.0/4.1 and iOS can encrypt their device using a password. Users of Windows phone 7/7.5 have basic encryption built into the device, however, it doesn’t meet the encryption requirements of many organizations. On-device encryption will be introduced in Windows Phone 8.

BlackBerry users can encrypt their phones manually, or if they are part of a business network, the administrator of that network can set encryption on all devices. Mobile OSs, minus Windows Phone 7, and Android 2.X and earlier, have strong enough encryption to meet the needs of the majority of organizations.

While your devices can be encrypted, you should be aware that the encryption is done when the phone shuts off and powers on. If you constantly leave your device on, encryption is less effective.

Remote wipe
The ability to remotely wipe a device in case of loss is a must for many professionals. Users of BlackBerry, iOS and Windows Phone have built-in options to remotely wipe their phones through a cloud service. BlackBerry uses BlackBerry Protect, iOS uses a feature of iCloud called Find my iPhone and Windows Phone uses the Windows Phone website. Android is a bit different in that the OS doesn’t have a built-in remote wipe option, but there are apps available. With all of these systems, you log in to a website and can either lock or wipe the phone.

You should be aware that remote wipe is a last resort solution, you will loose all of your data and information. If it’s not backed up, there is no way to get it back.

Password
All devices have options to set a password or passcode to unlock the phone after it has gone to sleep. You can also set how robust the password protection is, or which form of pass protection you use to access your phone. In truth, there are more passcode options on mobile devices than most desktop environments.

Some systems have a few extra options, like the ability to trace a pattern code or using your face to unlock the phone. The stock setting of sliding to unlock should not be used by any user. At the very least you should have a four digit numerical pin to unlock your phone. If you don’t have a password on your phone, features like encryption and remote wipe are more or less useless, as your data can be easily accessed anyway.

Apps
Most security threats to mobile devices don’t come from losing your device, rather they come from apps. All mobile OSs have a place where users can download apps for their phones. Some of these are more secure than others. As BlackBerry is largely business oriented, the apps on the store are too and must meet a certain level of security before they’re posted on the store.

iOS apps are only available to download from the App Store, as part of iTunes. This allows Apple to be stringent with their rules; apps on the App Store must meet Apple’s requirements or they won’t be allowed to be sold on the store.

Windows Phone follows a process similar to Apple’s and BlackBerry’s. The developer submits their app for review, Microsoft tests the app and then either puts it on to the store, or rejects it. With the lower number of users, fewer malicious apps make it onto the store.

Android follows a more laissez faire process. Almost every app is allowed onto the Google Play store, which in turn has turned Android into a bit of a hacker’s delight. Google does monitor apps, and has started to remove malicious apps, but there are still more of these on Google Play than other app stores. That being said, the store is a lot more secure than it was even a year ago.

While OS developers tout the security and safety of apps on their app stores, each has had malicious apps make their way onto the stores. The ideal thing to do is to restrict what apps can be downloaded onto company phones by having an approved app list.

Email security
The security of email, the most common form of business communication on mobile devices is an important issue to be aware of. All mobile platforms support encryption used by the major email providers. If your company uses Microsoft Exchange or a similar server, any encryption applied at the server level is supported on the mobile level. Personal services like Google automatically encrypt email.

Device management
If you have implemented a Bring Your Own Device policy (BYOD), or issue mobile devices to employees, you need to be able to manage these devices. BlackBerry devices can all be managed by an administrator with apps, updates and security issues pushed to the phones by the administrator. At this time, the other systems support remote management, however, device management has to be done through third party solutions.

Each mobile system has pros and cons when it comes to security of related devices, and each new version brings with it better security. In truth, the devices themselves are fairly secure. To ensure a secure mobile device, multiple features and apps need to be utilized by both the user and, if necessary, the administrator/IT manager of your company. If you have questions regarding the security of your mobile device please contact us, we may have a solution for you.

Published on 26th September 2012 by Jeanne DeWitt.

Fill in the form below and we will get to work right away.

CPU respects your privacy. We will never sell, rent or share to ANYONE. You can trust us.