Essential Guide
Enterprise mobile security smackdown: iOS vs. Android vs. Windows
Android, iOS and the Windows mobile operating systems continue to add more tools and features for IT administrators. But which OS is best for enterprise mobile security?
Introduction
As mobile operating systems continue fighting the war for the title of king of the consumer realm, IT administrators have their eyes on the battle for the enterprise throne.
The mobile OSes that have made their way into the workplace are geared toward consumers, but the OSes have begun focusing on the enterprise too. With each new operating system version and device release, iOS, Android and the Windows mobile OSes have more tools and features for enterprise mobile security. The war for consumer hearts continues to rage, but is the battle for the enterprise won?
Read on to find out which management and enterprise mobile security features iOS, Android, Windows Phone, Windows 8 and RT have to offer, plus where the gaps are. Decide for yourself which is the victor.
1The Apple of admins' eyes?-
Apple's enterprise features
Apple keeps adding management features to its devices, but they usually come with gotchas, at least initially. For example, in iOS 7, IT can restrict AirDrop, but only if devices are in supervised mode. When iCloud first came out, IT could turn it on or off, but those were the only two options. Apple Configurator lets admins control devices, but only if users will let them physically connect devices to a Mac.
Historically, the control over these features improves with time after the initial release -- as was the case with iCloud -- and iOS 7 came with some new tools that IT can use to keep devices and data safe, such as Managed Open In and a revamped MDM protocol.
iOS 7's top eight features
Open in management, per app VPN, enterprise single sign on and an improved MDM protocol are just a few of the management attributes that IT admins can take advantage of in iOS 7. Continue Reading
Restricting iCloud
It's easy to manage users' Apple iCloud access with third-party MDM services and Apple's management APIs. Using those tools, IT can control automatic device backups, Photo Stream and document syncing. Continue Reading
Apple Configurator: One tool in a box of many
Apple Configurator can help IT manage some aspects of iOS devices, such as configuration profiles, but devices need to be connected to a Mac. Configurator's shortcomings make it more of a supplement to other MDM products than a standalone tool. Continue Reading
Apple iOS encryption: You might be doing it wrong
In iOS 7, Data Protection is standard on all App Store apps, which lets IT take advantage of stronger enterprise mobile security features. But if users don't have Data Protection enabled on their devices, the improved security feature doesn't help much. Continue Reading
Navigating Apple's app distribution isn't easy
IT can deploy apps that are developed in-house and App Store apps to users' devices, but sending out homegrown applications has a lot of complicated steps. On the other hand, distributing App Store apps is a breeze. Continue Reading
Apple iOS 7 MDM features require supervised mode
It has the ability to control some iOS 7 features such as AirDrop and iMessages, but only when users' devices are in supervised mode. That's realistic in schools and kiosk settings, but almost everywhere else, supervised mode isn't a viable option. Continue Reading
Volume Purchase Program improvements in iOS 7
Before iOS 7, when a user left a company he took all his apps and data with him, including corporate applications purchased through Apple's Volume Purchase Program. Now the app licenses purchased through the VPP stay with the company and can be re-appropriated to other workers. Continue Reading
2Android insecurities-
Android isn't down for the count
Let's talk about the elephant in the room: Android. Lots of people see the Android OS as being too unsecure for the enterprise, and it definitely has its fair share of problems. A storied history of malware, problems with fragmentation and few or incomplete management tools for IT are just a few of the big-time complaints.
But with each new version of Android, more management features arrive, and some device vendors are even taking it upon themselves to make Android -- or at least certain Android devices -- more secure and manageable. Before you count Android out, consider whether the new and growing management tools can potentially outweigh the risks and headaches.
Dealing with Android fragmentation
Android fragmentation can make it really tough for IT to manage devices. Even in companies that purchase Android devices for workers, fragmentation poses an issue because each device and OS version has different capabilities, and MDM can't manage them all. Continue Reading
Android manufacturers to blame for fragmentation
It's up to device manufacturers to develop OS updates for Android, and then wireless carriers have to deploy those updates to users. Unfortunately, device vendors often don't put in the necessary time and money into customizing new versions of the OS for their devices. Continue Reading
Android management tools improve, but still aren't perfect
Android management features such as remote wipe, encryption and password options have improved in newer versions of the OS, but IT still needs third-party apps to cover all the management bases. Continue Reading
Improve enterprise mobile security with third-party Android apps
There are built-in security features on some Android devices, but they aren't enough. Users will need to install third-party applications to fight viruses and boost enterprise mobile security. Continue Reading
SAFE-certified devices make Android work for IT
If employees use SAFE-certified Android devices for work, IT benefits. The Samsung Approved for Enterprise program adds application programming interfaces (APIs) to certain Android devices to make managing and securing devices easier. Continue Reading
Ice Cream Sandwich tries to make Android palatable for IT
There are new enterprise features in Android version 4.0 Ice Cream Sandwich. Full-device encryption and a VPN API make the mobile OS a little more IT-friendly. Continue Reading
Why Android MAM isn't enough
Mobile application management can help admins see and control which applications workers are using on their Android devices, but MAM won't help IT lock down devices or limit Wi-Fi access. Continue Reading
.jpg)
PDF: How to Choose the Best Identity Access Management Software
Since mobility is a vital element in almost every modern IT shop, today's comprehensive IAM platforms should feature capabilities enabled by a mobile environment. Save this PDF to help prioritize which capabilities your business needs in IAM software.
3Windows into Windows-
Windows mobile devices in the enterprise
Windows 8, RT and Windows Phone 8 devices are making their way into the enterprise, and they come with some features that IT will expect from Microsoft operating systems. Tools such as native ActiveSync support and a targeted application distribution program will please admins. But don't forget that the devices are inherently geared toward users, which means they come with SkyDrive integration and other consumer-specific services.
Confused about Windows 8 vs. RT?
When the operating systems first emerged, the differences between Windows 8 for mobile devices and Windows RT weren't plain to see. There are numerous small differences, but the biggest takeaway is that RT tablets can't be domain-joined, while Windows 8 mobile devices can. Continue Reading
How does Windows RT fit in the enterprise?
Windows RT tablets have a place in the enterprise, but IT pros can't treat them like Windows PCs. RT tablets are mobile devices, and locking them down like a desktop takes away some of the things that make them a good device for enterprise workers. Continue Reading
Windows 8, SkyDrive integration causes concern
Workers' Microsoft accounts link Windows 8 and SkyDrive, which is great for users trying to be productive. But connecting desktops and the cloud could be a big problem for IT. Continue Reading
Don't turn up your nose at native ActiveSync support
Windows RT and Windows 8 mobile devices have native support for ActiveSync, which many admins consider a secondary or even tertiary method for connecting personal devices to users' Exchange mailboxes. In reality, this ActiveSync compatibility could make managing Windows mobile devices easier for admins in BYOD settings. Continue Reading
Plan for Windows Phone 8 security
Every company should have a strong enterprise mobile security strategy that includes details on how IT will handle all of the devices that access the network. Don't count Windows Phone 8 devices as secure just because they bear the Microsoft stamp. Continue Reading
Windows Phone 7.5 app distribution gives IT control
The targeted application distribution program available in Windows Phone 7.5 helps IT build and deliver applications. But if users don't have Windows Phones, admins don't have devices to distribute apps to. Continue Reading
4Dig deeper-
Glossary of mobile device management terms
Learn more about iOS versus Android versus Windows and enterprise mobile security with these definitions.
Start the conversation
0 comments