iOS and its effect on enterprise security

Over the past decade, iOS devices have found their way into many businesses. According to a new report this has led to an increase in the number of attacks and incidences of malware on the platform.

Mobile threat defense company Skycure analyzed the security impact of iOS on the enterprise over the past ten years and found that the percentage of enterprise iOS devices that have malicious apps installed today has more than tripled since the third quarter of 2016. In comparison, the rate of Android malware infections has stayed relatively flat.

While Apple does an effective job of keeping malware off the App Store, devices can be infected in other ways. These include exploiting vulnerabilities, sideloading apps and jail broken devices. Exposure to risky networks is a problem too. According to the report about 39 percent of iPhones experienced risky network incidents, averaging over seven incidents per affected device, while only 25 percent of iPads were exposed, averaging only five incidents each. iOS devices in Europe connect to more risky networks and experience a higher rate of network incidents than iOS devices in the US.

Attacks are also getting better at hiding their presence so that they can remain on devices for longer. This is important as iOS devices have a much shorter window of vulnerability to any exploit since they’re more likely to have the latest security patches. In the Skycure study, 91 percent of active devices were on the latest major version (iOS 10) at the end of Q1, and 22 percent were on the latest minor release (iOS 10.3). By comparison, only 21 percent of Android devices were on the most recent version (7.0 Nougat).

"iOS has had a profound effect on the security of enterprises," says Yair Amit, co-founder and CTO of Skycure. "The iPhone ushered in the trend of BYOD, and the concept of apps and the app store, changing how IT manages corporate networks and equipment. The impact of iPhones and iPads on work productivity means more employees are choosing iOS devices for BYOD, and that makes iOS a valuable target for hackers. The number of vulnerabilities and malware does not indicate how secure a platform is, but it does indicate how often hackers are attempting to break into it. Increasing malware and vulnerabilities demonstrate that hackers want to break into iOS devices. Enterprises need to make sure that they don’t find a way in."

Photo Credit: Viorel Sima/Shutterstock