More than 80% of all mobile devices worldwide run Android, a mobile operating system created by Google. This higher percentage means company employees are more likely to use Android for both work and personal use than other device types.
Android devices, if accessing critical business data, can threaten security if hacked, stolen or lost. But with a single ADM platform, IT and security departments can manage all of a company's mobile devices, keeping them secure and the workforce flexible and productive.
Android device management allows IT administrators to manage and secure Android devices. It provides system visibility, remote app management capabilities, automatic security updates and installs, kiosk mode, security alerts, geolocation or geofencing that can auto-lock lost or stolen devices.
Android OS is the most widely used mobile operating system in the world, according to Statista.1 And logically, Android users encounter more security compromises compared to Apple iOS users and others. Two major Android security threats are malware and data leaks.
Mobile malware is undetected software created to damage, disrupt or gain illegitimate access to a client, computer server or computer network. Malware can exploit OS vulnerabilities in order to steal data, change device configurations to allow it to introduce more malicious software with additional functionality, deliver pop-up ads, or trigger strings of premium SMS messages for monetization. Some malware can cripple devices, making them unusable for some time.
Data leaks are the unauthorized or unintentional transfer of sensitive information from a mobile device over the internet — sometimes because of malware. A leaking app is one of the most common mobile security risks. Unencrypted data makes data more readily available to a cybercriminal utilizing the same network as the device with a vulnerable app — a practice known as a man-in-the-middle (MitM) attack. Read more about mobile security here.
There are millions of Android apps available in the Google Play store. And while some are safe and treat personal data with the utmost care, many are unsafe. Apps can be compromised.
Compromised apps can lead to data leaks. Personal or corporate data can funnel to unscrupulous third-parties from unsafe apps. One way data can leak is through excessive app permissions. App permissions determine what functions an app has access to on a user's device. Some app permissions are riskier than others, so users need to pay attention to the permissions they grant.
According to Wandera’s study, “Understanding the mobile threat landscape,” 45% of the most requested permissions on Android are considered high-risk. But which permissions are high-risk and how so? Here’s a list of regularly accepted permissions on Android that Wandera considers as carrying higher risk:
– Find accounts: Allows the app to access the list of accounts known by that phone
– Read contacts: Allows the app to read data about contacts stored on that device
– Read phone status: Allows the app to access the device’s internal features, such as phone numbers and device IDs
– Read SD card: Allows the app to read the contents of an SD card
– Write to SD card: Allows the app to modify or delete an SD card’s contents
– Precise location: Allows the app to get a precise location, using GPS or network location sources
– Record audio: Allows the app to record audio with the microphone at any time
– Take pictures and video: Allows the app to use the camera at any time
Out-of-date operating systems
Per Wandera's study, "65% of organizations have at least one device with an out-of-date operating system," and the data shows "57% of Android devices are running an OS at least two full versions behind the current one." Updated operating systems not only improve device performance but also include critical security patches. So without OS updates, Android devices remain vulnerable to cyberattacks.
Sideloading Android devices describes an app installation process outside of using the default Google Play store. While an Android OS default configuration doesn't allow sideloaded apps to be downloaded and installed from unofficial sources, it's possible to configure Android OS settings to allow apps from third-parties. So users can download application packages from websites or install apps from third-party app stores.
Wandera's research shows around 20% of Android devices have this setting enabled, which opens up the device to threats. Users that sideload apps face increased security risks because it bypasses Apple and Google's application vetting process on their official app stores. Thus, the device has less protection against inadvertently installed malware. "35% of organizations have at least one device with one or more sideloaded apps installed," according to Wandera's study.
Rooting is the process of allowing Android users to gain control over internal OS systems. And as the name implies, the technique provides root access to the device. Users of rooted Android devices can make drastic changes, up to and including changing the device's operating system. Rooting an Android OS is similar to jailbreaking an Apple's iOS. Both are privilege escalation methods, but rooting provides more control to Android users than Apple users gain through jailbreaking.
Per the Wandera study, "6% of organizations have at least one jailbroken or rooted device." Although popular with users trying to free a device from carrier lock, these risky configurations allow them to install unauthorized software functions and applications. Some users might jailbreak or root their mobile devices to install security enhancements. But most look for a more straightforward method to customize the OS or install applications that aren't available on the official app stores. Whatever the case, rooting opens up the device to cyberthreats.
A successful ADM program works best with Android Enterprise. Android Enterprise is a Google-led initiative, enabling the use of Android devices and apps in the workplace. It provides a fast, streamlined method for deploying corporate-owned Android devices, and it's the default management solution for Android devices running 5.0+.
The program offers APIs and other developers' tools to integrate support for Android into their enterprise mobility management (EMM) solutions. For example, IBM Security ® MaaS360, an Android Enterprise Recommended (link resides outside ibm.com) unified endpoint management (UEM) platform, integrates with Android Enterprise to support the Android EMM solution APIs. It brings a unified experience of management to the Android operating system.
An Android Enterprise integration allows an organization to:
– Gain insight into each device, including its OS system and version number, manufacturer details and root detection.
– Perform actions to locate devices and lock or wipe (full and selective) lost devices. And control apps with blocklist, allowlist and auto-install or removal. Plus, enforce geofencing on hardware features such as the camera, to protect sensitive data.
– Set policies to enable access to corporate resources from email to Wi-Fi and VPN. Manage passcode updates and length to meet evolving corporate standards, and enforce encryptions and kiosk mode.
– Disable hardware functions such as the camera, USB storage and microphone. Protect data-level leaks with feature restrictions for the clipboard, cut-and-paste and screen-capture functions.
Privacy and peace of mind are supported by BYOD — by shielding personal app information, device location, physical address, SSID and browsing history. With an Android work profile, personal data can stay private while work data remains secure. The user can switch between work and personal profiles without sharing data between the two.
Get adequate visibility, manageability and security for running iOS, macOS, Android and Windows. And take advantage of seamless over-the-air (OTA) device enrollment for easy, rapid deployment.
Whether you support a single operating system type or have a mixed variety of devices, IBM mobile security offers the most secure, productive and intuitive solution on the market. IBM harnesses the power of AI technology to help you make rapid, better-informed decisions.
Powered by AI and analytics and integrated with your existing IT infrastructure, IBM simplifies and accelerates the support of a diverse, complex endpoint and mobile environment. Simplify the management and security of smartphones, tablets, laptops, wearables and IoT.
Enterprise mobility management (EMM) combines user, app and content management with robust data security to simplify how you manage your device environment. Get the right balance between user productivity and mobile security with IBM EMM solutions.
When an employee can use their personal device, you empower them to do their best work in and out of the office. BYOD programs can have the added benefit of saving the budget by shifting hardware costs to the user. But employees need to know that you're protecting their personal use and privacy. Secure your remote workforce with IBM.
Today's open, multi-cloud environment requires a different security model: zero trust. Zero trust means maintaining strict access controls and not trusting anyone by default, even those already inside of your network. IBM offers many zero-trust security solutions that help protect your data and resources by making them accessible only on a limited basis and under the right circumstances.
Read the blog post and learn about the similarities and differences between advanced endpoint protection, laptop management and risk-based application patching.
Register for the report and find the solution that best fits your needs and learn what IBM offers as one of the leaders in the UEM landscape.
MDM is an organized approach that provides productive mobile tools and applications while keeping corporate data secure. IT admins and Security departments manage all of a company’s devices with a single MDM platform, no matter their type or operating system, keeping devices secure and the workforce flexible and productive.
Catch up on the news about current trends and threats in mobile device security, including a post on "Silent Night" malware and one about Android malware that channels malicious activity through accessibility services.
Read the blog post and learn more about differences between mobile device management and mobile application management, in order to make sure your mobile devices, users and data remain protected.
Read the report and understand your cyberattack risks with a global view of the threat landscape.
With IBM Security MaaS360 you will merge efficiency and effectiveness by managing any existing endpoints, and protecting them with evolved native endpoint security capabilities such as threat management, identity and access management (IAM) and more. MaaS360 lets you scale your remote workforce and BYOD initiatives, helping you build a strong cybersecurity posture. And with Watson, you can take advantage of AI-driven insights extracted from vast volumes of endpoint data.
¹ "Mobile operating systems' market share worldwide from January 2012 to January 2021," Statista, February 2021, https://www.statista.com/statistics/272698/global-market-share-held-by-mobile-operating-systems-since-2009 (link resides outside ibm.com).