Users in both enterprises and at home are failing to take basic precautions against an increasing range of mobile threats, according to a new survey by security firm Skycure.

The majority (52 per cent) of devices do not have any type of passcode enabled, including alphanumeric, biometric, and swipe codes. And around a third (30 per cent) of devices were running an out-of-date OS.

In fact, one in three Android devices is still vulnerable to one of the recent high-profile Android attacks because of the OS issues.

Tardiness by manufacturers in pushing out Android updates is at least as much a factor as users failing to update, if previous studies are to believed. However, a closely comparable 26 per cent of iOS devices audited as part of Skycure's poll also had an out-of-date operating system.

Nearly three per cent of Android devices are infected with malicious apps with medium to high severity, Skycure reported. Enterprise-managed devices remove some of the risk.

More than five times more personal Android devices are rooted than enterprise-managed devices. The report found very few jailbroken iOS devices in enterprises.

Rooting or jailbreaking a device removes most of the inherent security features of the operating system. More than 15 per cent of Android devices have USB debugging enabled, an easy way for a malware application to move onto mobile device from an infected computer.

Skycure’s study involved a review of anonymised data from devices with Skycure either installed by enterprises on employees’ mobile devices or by security-aware consumers. ®