Unpatched, passcode-free smartphones. Yes, they're everywhere

Results make Android seem scary this All Hallows' Eve

android logo

Users in both enterprises and at home are failing to take basic precautions against an increasing range of mobile threats, according to a new survey by security firm Skycure.

The majority (52 per cent) of devices do not have any type of passcode enabled, including alphanumeric, biometric, and swipe codes. And around a third (30 per cent) of devices were running an out-of-date OS.

In fact, one in three Android devices is still vulnerable to one of the recent high-profile Android attacks because of the OS issues.

Tardiness by manufacturers in pushing out Android updates is at least as much a factor as users failing to update, if previous studies are to believed. However, a closely comparable 26 per cent of iOS devices audited as part of Skycure's poll also had an out-of-date operating system.

Nearly three per cent of Android devices are infected with malicious apps with medium to high severity, Skycure reported. Enterprise-managed devices remove some of the risk.

More than five times more personal Android devices are rooted than enterprise-managed devices. The report found very few jailbroken iOS devices in enterprises.

Rooting or jailbreaking a device removes most of the inherent security features of the operating system. More than 15 per cent of Android devices have USB debugging enabled, an easy way for a malware application to move onto mobile device from an infected computer.

Skycure’s study involved a review of anonymised data from devices with Skycure either installed by enterprises on employees’ mobile devices or by security-aware consumers. ®


Biting the hand that feeds IT © 1998–2017