Android The No. 1 Mobile Device In EnterprisesAndroid The No. 1 Mobile Device In Enterprises
New Zscaler research shows Google's Android traffic on top -- but at what security cost?
December 14, 2011
The Android mobile platform might be suffering from some of the worst security news lately, but it's now the No. 1 family of mobile devices in the enterprise worldwide, edging out Apple's iOS.
New cloud traffic data from Zscaler ThreatLabZ shows that Android accounts for 40 percent of mobile usage among enterprise users as of the third quarter of this year, up from 17 percent in the previous quarter. Apple iOS devices dropped from 42 percent of enterprise usage to 22 percent, and BlackBerry from 40 percent to 37 percent.
This news comes on the day that Google yanked 22 malicious apps from the Android Market app store after researchers discovered the apps were based on SMS toll fraud app RuFraud. The apps, which look like free copies of popular apps, such as Angry Birds, were able to send SMS text messages from the victims' phones to premium numbers -- making money for the owner of those numbers.
The security implications of Android's growing popularity in the enterprise are obvious, with the relatively open application development platform. Enterprises for the most part have given up on trying to ban these devices, which have exploded in popularity due to their widespread availability and typically lower price points than Apple's iPhone and iPad or RIM's BlackBerry.
Mike Geide, senior security researcher for Zscaler ThreatlabZ, says his firm gathered data from its global network of proxies that enterprises use for their devices to connect to the enterprise, and that provide Web security and policy enforcement. "Geographically, the Android [also] has more penetration in other countries than Apple. That's all leading to Android becoming the mobile platform of choice," he says.
[Google's mobile payment app for the Android locally stores some sensitive user credit card information unencrypted. See Google Wallet Stores Some Payment Card Data In Plain Text. ]
Even so, the U.S. accounts for 80 percent of the mobile client transactions in Zscaler's customers.
"You can like or criticize Apple's way of doing it with its AppStore and jailed iPhone approach, which is very locked-down. The Android is a more developer-friendly environment ... and having apps be able to utilize lower-level function calls in the OS than Apple. All that makes the Android a better platform for doing evil stuff, as well, [though]," Geide says.
Social networking is the most popular type of app accessed by Android and other enterprise mobile platforms, according to the report. That's in contrast to overall Web browsing in the enterprise, where corporate marketing, professional services, Web search, and news sites are visited more than social networks.
Of concern for enterprises should be devices without antivirus or spam filters, he says. Email-borne malware is easier to spread via a smartphone without those tools, for example, because a user might not see the full subject line on a smaller screen, or could be in a hurry on the road and open an email he or she might not otherwise have opened. "Some users access their Gmail and corporate email at the same time ... and their credentials would be accessible for both accounts" on the smartphone, for example, Geide says.
Android's enterprise presence will continue to grow, Geide says. "Apple will still gain market share" as well, and Android and iOS will continue to bump BlackBerry and Microsoft's Windows Mobile, he says.
Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023