New variants of the Android malware, SpyNote, are being used by threat actors to stealthily access and modify infected smartphones.
If your people are using Android as part of your Bring Your Own Device (BYOD) policy, then you should be exercising some control over the apps your team install, even if they are their own devices, because if your data is stolen from their devices because of malware, the consequences will be yours.]
Clive Catton MSc (Cyber Security) – by-line and other articles
Further Reading
My advice: Either you or your IT support need to check whether these issues impact your systems. You need to have a master document that details your systems, hardware, software, online, networks, back-ups, suppliers etc – so when cyber security (or operational) issues arise you and your support teams can quickly check if you are affected. From there you can take fast, effective action.