Which platform would a typical IT guy be more on guard against?

While Windows has been known for decades to be a hot pot for all PC malware, Android phones are much more ubiquitous and personalized, and (as far as I know) aren’t hardened against malware in any way. I mean, it literally takes just two taps to install a rogue apk and that is notwithstanding that most OEM implementations and apps on the Play Store are ad-ridden privacy nightmares by themselves. At least when it comes to Windows, Administrators have greater control over client machines and can put in restrictions. How would someone handling infosec in an organization control security on people’s personal phones?

  • krayj@lemmy.world
    link
    fedilink
    arrow-up
    5
    ·
    1 year ago

    Mobile Device Management (MDM) tools have come a LONG way in the past decade and are now very good at thoroughly locking down both iOS and Android devices. Any enterprise wanting to ensure the absolute security of their mobile devices can do so with ease.

    At least when it comes to Windows, Administrators have greater control over client machines and can put in restrictions.

    This hasn’t been true for about 10 years…at least not in the enterprise. Administrators can enforce the same or greater control over client mobile devices using modern Mobile Device Management tools.

    How would someone handling infosec in an organization control security on people’s personal phones?

    If you take infosec seriously, you aren’t going to let your users have access to any corporate data or systems (and that includes email) using their personal devices. If you must, as a compromise, you’ll restrict that access only to users of iOS or Samsung devices supporting Knox work profile, and then you’ll enable the remote features necessary to monitor and/or wipe everything associated with the work profile in the event the device is lost/stolen or the employee leaves.