You have to exercise some control of any Android devices that your team are using for “BYOD”. At the very least educate them in the risk of Android apps even if they are downloaded from the Google Play Store. Rogue apps do get through:
Apps with 1.5M installs on Google Play send your data to China (bleepingcomputer.com)
These rogue apps are file managers – something that someone at work may install to access the company NAS or a computer share…
I have written at length about the need for policies and procedures when it comes to the use of any device Android or Apple. If it holds your organisation’s information then you need to act.
Clive Catton MSc (Cyber Security) – by-line and other articles