The rise of Bring Your Own Device strategies will present ICT managers with new security challenges, due to the prevalence of Android-based devices in the consumer market, according to a speaker at DatacenterDynamics Converged London 2014 conference yesterday.
Justin Buhler, senior manager of cyber intelligence at consulting firm Deloitte UK told delegates that while 77% of mobile devices in the enterprise space are using Apple operating systems, 69.7% are using Android.
He said that in 2013, Android devices accounted for more than 99% of the malware variants infecting mobile devices.
“If we are allowing vulnerable devices to be used for business tasks, then we need to think about a strategy,” he said.
Buhler added that there are 11,800 combinations of operating system versions and devices currently available on Android devices.
In addition, there are more than 200 stores where apps can be bought for Android devices.
He said: “How do we trust those apps? If we are moving to a space where more people bring kit into the workplace then how do we control that when we can’t control where they will download the software?”
The problem is likely to grow significantly, he said. Research shows that currently, 31% of employee devices are personal, compared to 55% provided by employers. That is set to rise to 61% personal to just 28% employer-owned by 2020.
He also cited separate research which showed that while 72% of users are likely to have installed antivirus protection on their laptop or desktop, the figure is only 33% for mobile devices.
And he warned ICT managers to think carefully about their strategy to deal with the threats.
He said: “We need to be prepared to only implement the solutions we are ready to operate. It does no good sinking cash into a control mechanism you can’t afford to manage – you are then getting no return on investment.”
He said that no one single solution currently in the marketplace could protect corporate data on BYOD devices.
Buhler suggested: “Are there things we can put in place to inform users – not a Big Brother approach – but to flag up potentially unsecure apps. The warning could flag up that the app is not from the normal Google store and ask if they are sure they want to download it.”
