Duo Analytics: Android Device Security

Duo Labs looks into Android security from an enterprise perspective.
Mike Hanley, Program Manager for Research and Development at Duo Labs
Recently, the Duo Labs team analyzed the current state of security of Android devices. Our large sample includes users’ personal devices used to access their employers systems and data, authenticating with Duo’s two-factor authentication.
This is the first in a series on our findings from this study, starting with a general overview of Android ecosystems and comparison to our iOS device security findings, which you can find in Identifying Bad Apples: Getting to the Core of iOS Vulnerabilities. The ratio of active iPhones to Android is 2:1, according to Duo’s dataset.

Key Highlights: Android Device Security Findings

In our sample set of Android devices, we observed some fascinating early trends – a few key security highlights include:

  • Only 1 in 10 Android devices have enabled pre-boot passcode device encryption
  • 1 in 3 Android devices don’t use passcodes on their lock screens, compared to 1 in 20 on Apple devices don’t have passcode lock screens enabled
  • 1 in 20 Android devices are jailbroken, compared to 1 in 250 iPhones are rooted/jailbroken
  • Twenty percent of Android devices are running 5.1.1, a version behind the latest, which is now 6.0.1
  • Thirty-two percent of active Android devices are running version 4.0 and below, which makes their devices more susceptible to the Stagefright vulnerability due to lacking helpful security features added in later Android versions

To read the entire article, please click here.
Source: https://duo.com/