Which platform would a typical IT guy be more on guard against?
While Windows has been known for decades to be a hot pot for all PC malware, Android phones are much more ubiquitous and personalized, and (as far as I know) aren’t hardened against malware in any way. I mean, it literally takes just two taps to install a rogue apk and that is notwithstanding that most OEM implementations and apps on the Play Store are ad-ridden privacy nightmares by themselves. At least when it comes to Windows, Administrators have greater control over client machines and can put in restrictions. How would someone handling infosec in an organization control security on people’s personal phones?
Hard to tell, but I would say Windows. It’s easier to fool users to download and run arbitrary executable files like ILOVEYOU.txt.exe on a PC. On Android you need to go through many more hoops and turns to run some unverified executable.
Although Windows is pretty well guarded these days.
Windows has a bunch of warnings if you try to download a virus. It even deletes it so you can’t run it. On stock android, I’ve experienced that it will give you red flags if you try to download any .apk. There are also downright malicious apps in the official Play Store too so downloading the recommended way isn’t safe either. Can’t say too much about Window’s store but idk anybody who actually uses that but I bet there are a couple malicious apps in there also. However, I think Windows has more protections in place out of both of the platforms.