Unsafe apps threaten large corporations
Posted by: Timothy Weaver on 03/12/2015 03:55 AM
[
Comments
]
Large global networks are vulnerable because of unsafe apps installed on employee devices.
Some reasons an application was considered unsafe: if it accessed SIM card data such as geolocation, or sent sensitive information for no apparent reason.
Phil Neray, VP of Enterprise Security Strategy at Veracode, told SCMagazine.com that the average is 2,400 unsafe mobile applications installed on employee devices.
What makes them unsafe? The reasons include apps that accessed SIM card data such as geolocation, or sent sensitive information for no apparent reason. Veracode analyzed a pool of about 400,000 applications. Of them, it found that 14,000 were unsafe.
According to their findings, 37% of the unsafe apps performed such tasks as checking to see if the device is rooted or jailbroken, installing or uninstalling applications, recording phone calls, and running other programs. A full 35% went so far as to send data, such as browser history and calendars, to suspicious overseas locations.
Neray said: “We analyzed both iOS and Android applications. All the applications reside on employee devices which are managed by the organization's [mobile device management (MDM)] system. These devices are typically a mix of [bring your own device (BYOD)] and enterprise-supplied devices.”
These unsafe apps are capable of “spy(ing) on employees with access to confidential information – by tracking the employee's location, recording their phone calls and developing a profile of their social connections – in order to steal corporate intellectual property or profit from trading on insider information.”
Source: SCMagazine
Phil Neray, VP of Enterprise Security Strategy at Veracode, told SCMagazine.com that the average is 2,400 unsafe mobile applications installed on employee devices.
What makes them unsafe? The reasons include apps that accessed SIM card data such as geolocation, or sent sensitive information for no apparent reason. Veracode analyzed a pool of about 400,000 applications. Of them, it found that 14,000 were unsafe.
According to their findings, 37% of the unsafe apps performed such tasks as checking to see if the device is rooted or jailbroken, installing or uninstalling applications, recording phone calls, and running other programs. A full 35% went so far as to send data, such as browser history and calendars, to suspicious overseas locations.
Neray said: “We analyzed both iOS and Android applications. All the applications reside on employee devices which are managed by the organization's [mobile device management (MDM)] system. These devices are typically a mix of [bring your own device (BYOD)] and enterprise-supplied devices.”
These unsafe apps are capable of “spy(ing) on employees with access to confidential information – by tracking the employee's location, recording their phone calls and developing a profile of their social connections – in order to steal corporate intellectual property or profit from trading on insider information.”
Source: SCMagazine
Comments
