news_coverage_icon

Media Coverage Archive

Monday | February 29, 2016

TMCNET.COM  |  With an increasingly mobile workforce involved in everyday operations, it’s not surprising to see businesses turn more frequently to apps. Sometimes, however, the gap between what apps are available and vetted for use and what needs to get done every day is wider than we’d like. Employees will sometimes turn to shadow IT to get the job done. That and other risky app behaviors can leave a company very exposed, and an Appthority report shows just how bad it can be.


Appthority On New Mobile Threat: Risky Apps

By Steve Anderson – With an increasingly mobile workforce involved in everyday operations, it’s not surprising to see businesses turn more frequently to apps. Sometimes, however, the gap between what apps are available and vetted for use and what needs to get done every day is wider than we’d like. Employees, not wanting to face a boss’ wrath over incomplete projects and “excuses” about not having the right tools, will sometimes turn to shadow IT to get the job done. That and other risky app behaviors can leave a company very exposed, and an Appthority report shows just how bad it can be.

The Appthority Q1 2016 Enterprise Mobile Threat Report shows that the problem is shockingly widespread. The 150 most common apps on enterprise devices, according to Appthority president and co-founder Domingo Guerra, show “high risk surveillance behaviors.” Things like third-party access to calendars, address books and text archives come into play, and that in turn can be the focal point for a major security breach.

Gartner (News Alert) predicts that, by 2017, three out of four mobile security breaches will be attributed to mobile apps. That’s a point that Appthority believes is already starting to crop up, and underscores that belief with key points. Malware is actually found in the Apple (News Alert) App Store, according to Appthority, thanks to Quicksand—which Appthority discovered itself—and others like MobiSage and YouMi. Android users are even more at risk, with 88 percent of Android (NewsAlert) apps found to show some breed of data leakage, as compared to 50 percent of iOS apps.

Popular apps are also engaging in some risky behavior, like tracking private information and allowing for device configurations to be altered to the app’s taste, and private user data is even found to be accessed by third parties via these apps. A request for a meeting, or even an attachment download, can be all that’s needed to stage some breeds of attack.

Sometimes what looks like an epidemic can be just an issue of scale. Take, for example, obesity; the body mass index suggests that large numbers of Americans are obese, but the scale may have something to do with that, especially when some of the more unlikely obese are considered like some professional athletes. An overly sensitive system might well consider some behaviors as threats when such really aren’t, and considering how widespread Appthority suggests the problem to be here, it’s enough to wonder if maybe its scale is just too sensitive.

Still, we do know that there are a lot more mobile apps out there these days, and it does seem like these apps are demanding more information besides. Extra diligence in security seldom goes unrewarded, so even if Appthority is overreacting a bit, it’s overreacting on the side of the regular user. That will prevent a lot more problem than it causes, and that’s good news for users.

Read the original story on TMCnet.com here.