Apps at Risk: Consumer to Enterprise, Many Apps Will Fail Basic Security Tests
Data leakage continues to be a major problem for enterprise apps and even some consumer favorites like Instagram, OKCupid, Vine, Whisper and more. While many users are learning to think twice about the security of sensitive corporate and financial information saved on their devices, many still assume that private messaging apps are private, and that’s a mistake. University of New Haven researchers recently discovered that many Android apps are transmitting and storing unencrypted images, messages and even passwords. In the case of TextPlus, researchers found that the app stored screen shots that the user hadn’t even taken.
Many people are inclined to trust widely-used apps like Vine and Voxer because of their popularity among average consumers. The thought process goes something like, “If 968 million other people have decided to use these apps they must be secure, right?” While the functionality of an app is crucial, just because an app works for users, it doesn’t mean it isn’t working against them—and their organizations as well. Bottom line, some apps are stealing information unknowingly and insidiously. Appthority’s App Risk Management service can reveal these risky behaviors before it’s too late.
In other news this week, Gartner claimed that 75 percent of all mobile apps, across Android, iOS and Windows platforms will fail basic security tests next year. That’s a high number, especially if you’re trying to protect sensitive corporate information. The enterprise needs to be aware of the apps being used in their network (especially as BYOD use grows exponentially) and the risks they pose. Having scanned more than 2.5 million apps for hidden risks, Appthority can help the enterprise identify and manage the risks hidden inside apps through static, dynamic and behavioral analysis. Additionally, Appthority empowers organizations to apply custom policies to prevent unwanted app behaviors.
Thoughts or comments? Reach the Appthority team on Twitter at @Appthority.