"Google's Android platform is open source, and its application approval process is less restrictive, allowing most applications to be submitted and approved," according to the white paper. "Additionally, users of Android-based phones have a setting that allows users to install applications from outside Google's App Store."
According to M86, Apple's iOS platform is closed, while its App Store's application approval process is "restrictive," although the security firm says vulnerabilities do exist.
Anstis has some simple advice for businesses that utilize smartphones and tablets or allow their employees' personal devices to connect to the company WiFi network: create "clearly defined policies and remediations" for such devices.
Two other of M86's 2011 predictions are worthy of singling out.
Spammers are getting better and better at spoofing e-mails. For instance, M86 reports that spammers have ripped the actual headers and body templates off of LinkedIn messages to fool recipients into downloading malware or clicking on links that deliver a malicious payload.
Much like commercial cloud software developers catering to legitimate business needs, underground software developers are offering more and more services, known as "attack toolkits" to cybercriminals, thereby chopping down the barriers of entry to this illicit trade.
“To outsmart the bad guys, organizations need to first understand where the threats are likely to come from, and then second define exactly what needs to be protected, and how critical it is,” Anstis warns. “But just as important, they must lay out their best practice strategies and policies for proactively combating and staying ahead of the emerging security threats.”
♦ iPads by Yutaka Tsutano/Flickr