By Andy Greenberg (@a_greenberg) wrote about Google subsidiary Jigsaw in issue 24.10.
When Edward Snowden leaked the biggest collection of classified National Security Agency documents in history, he wasn’t just revealing the inner workings of a global surveillance machine. He was also scrambling to evade it. To communicate with the journalists who would publish his secrets, he had to route all his messages over the anonymity software Tor, teach reporters to use the encryption tool PGP by creating a YouTube tutorial that disguised his voice, and eventually ditch his comfortable life (and smartphone) in Hawaii to set up a cloak-and-dagger data handoff halfway around the world.
The answer is not as simple as you think. A mobile security expert parses the pros and cons.
By Satish Shetty is CEO and founder of Codeproof Technologies, an enterprise mobile security software company.
Both iOS and Android come with features that are designed to further secure enterprise applications over and above the security level of standard consumer apps. Both operating systems offer some way of segmenting enterprise data from user profile data, in effect, creating a secure container to install enterprise apps and store enterprise data. Furthermore, network transports can be secured on both platforms using technologies such as data encryption, app-specific VPN tunnels, and even some form of direct boot mode, where the device stops being a general purpose mobile device and instead becomes a dedicated device for accessing specific enterprise apps. These features are described in detail on the Android and iOS Web pages.
Both operating systems have also been found to contain pretty serious security vulnerabilities in the past. Both are vulnerable to malware attacks, although iOS less so than Android. And both are prone to exposure from potentially dangerous security vulnerabilities due to the installation of third-party apps.