It is no secret that most corporate IT departments have a tendency to be worried when it comes to shadow IT and personal mobile apps that employees might be using on the same devices while they’re at work – and for good reason. Recently, an analysis was made which revealed that quite a few apps, WhatsApp, WinZip and Facebook Messenger for Android included, presents a high risk to enterprise data.
The analysis known as the third quarter Enterprise Mobile Security Pulse Report, was made by Appthority. The report also stated that the riskiest iOS apps that are found in the enterprises are Pandora, Facebooka and Yelp. These mentioned apps and other popular ones that are present in enterprise setting have mobile threat scores which indicates data leakage and vulnerabilities based on the report. “Enterprise security teams need to understand which mobile apps are being used, the risks they bring, and how their peers are utilizing mobile threat policies to more effectively secure corporate data,” according to the president and co-founder of Appthority, Domingo Guerra. “With BYOD and [corporate owned personally enabled (COPE)] many commonly used app-store approved apps are making their way into enterprises and posing risks to sensitive corporate data. The Pulse report provides a snapshot of what’s happening in the market so mobility and security teams can make informed decisions to protect themselves from the growing number of mobile threats.” In this quarter, the apps that are believed to be highly dangerous in presenting an attack vector into enterprise systems which was determined by which apps are most likely to be blacklisted by security departments are spearheaded by WhatsApp, Pokémon GO and WinZip for Apple devices as well as Poot-debug(W100).apk which is an Android System Theme and that Where’s My Droid Pro that made it to the top of the list for Android. Appthority also stated on its report that enterprises blacklist apps for a number of security concerns such as specific malicious or data leakage behaviors, security policy compliance and concerns about shadow data storage. The report also showed that in Q3 that the Android apps that were blacklisted has scored in the malicious range since malware was detected. While the iOS apps that were blacklisted has scored in the data leakage range for sending SMS messages, tracking of location or sending information like sensitive data which is unencrypted. WinZip has released a statement to Infosecurity that these risks presented on the part of IT departments are definitely unwarranted. According to a spokesperson of WinZip: "Our team was extremely disappointed and surprised to read that WinZip for iOS has been mentioned in the Appthority report. We believe WinZip for iOS has been included in error and have identified incorrect information in their report. WinZip does not send SMS messages as the report stated. This statement is particularly problematic as it is the only reason provided to justify why WinZip for iOS is included on their list." "As we look into this issue further, we want you to know that we aren't aware of any valid reason why Appthority would consider WinZip for iOS a security risk. WinZip software is very popular with enterprise accounts and security is our top priority. Any security issue reported will be immediately investigated,” the spokesperson also added. On the other hand, the pulse reports also pointed out the most destination countries for mobile data and the reputation of the URLs which are used by a lot of apps among Appthority’s enterprise customers. The countries that are leading for the top 150 Android and iOS apps are Ireland and the United States. However, Android apps are reported to be connected to an even wider set of geographic locations while iOS apps are only connected to fewer countries like Chile, China and Saudi Arabia. In conclusion, these risks presented by the latest analysis by Appthority only shows that apprehension felt by a lot of corporate IT departments are certainly understandable which is why some of them resort to using SMS Tracker to keep track of their employees’ device activities. SMS Tracker is a device-tracking app commonly used by employers as well as parents to track their employees and kids, respectively. Using this app is legal as long as the parties you are tracking are has given their consent. Needless to say, SMS Tracker is definitely the answer to these risks found in popular apps that are used by employees.
0 Comments
Leave a Reply. |
ArchivesCategories |