Things that IT doesn't know about mobile apps can hurt the enterprise
Ubiquitous computing in the workplace, mobile devices greatly increase employee productivity, connectivity and the ability to collaborate. Employees can easily access corporate networks and sensitive corporate data with a single blow - whether they are bringing their own device (BYOD) or through a corporate issued device. At the same time, mobile devices have signific privacy and security challenges for organizations.
Employees commonly installed applications on personal devices also used for work. Often, employees do not think twice about whether an application they are using potentially could expose your corporate network at risk. In fact, an alarming percentage of mobile applications used within the company are able to access the functions of the device, or otherwise sensitive behavior of exposures that can pose security risks to the organization and violating their BYOD policies. Without understanding what these applications, organizations are playing Russian roulette with your safety.
It may seem farfetched that an application of the seemingly innocuous consumer could have a significant impact on the security of an organization, but the dangers are more rampant than you think. In the United States, a lawsuit Federal Trade Commission revealed that a manufacturer of flashlight applications was transmitting users' precise locations and unique identifiers to third devices, including advertising networks illegally. And the Environmental Protection Agency (EPA) faced embarrassment when an employee using an application Kim Kardashian Hollywood tweeted 52,000 Twitter followers agency, "I am now a celebrity C-List Kim Kardashian :. Hollywood Participate me and be famous too when playing on the iPhone! "that employee was using the Kardashian application on your mobile phone and did not realize that the application had the ability to automatically access the Twitter account phone and tweeting messages when they reach certain thresholds game. Unfortunately for the EPA, your phone is configured to use the official Twitter account of the EPA, not the employee.
These examples show that the risk to the safety of mobile applications to malicious hackers and hostile governments is not just limited. Threats to corporate data and reputation can be hidden in the most seemingly harmless applications, and can unleash an organization by the well-intentioned employee. Because of these hidden possibilities, companies must understand the risk behaviors associated with mobile applications that could compromise data security.
These everyday applications on the mobile device of an employee could serve as the unexpected bullet in the chamber. mobile operating systems include application programming interfaces that allow applications to access potentially confidential, proprietary or sensitive. Examples include contact lists with customer data, photos with location sites owned or blackboards with confidential data, and calendars with sensitive appointments. In addition, applications can access corporate social networking accounts on the device, and features integrated hardware features, such as GPS, camera, audio recorder, etc. In fact, many of the undocumented have applications that could be used with malicious or harmful purposes. For example, a study by Flexera Software found that 88 percent of iOS dating applications tested, including Grindr, OKCupid and Tinder, are able to access the location services of a device. Share location data could be a serious problem, especially when I do it with third parties may violate laws, regulations or company policies.
It is, therefore, necessary for CIOs and CSOs to fully understand what mobile device applications employees can do - what data, features and functions that can access - and then determine whether this behavior is acceptable on the basis BYOD policy of the organization. Testing mobile applications to discover their behavior and risks should be part of the preparation processes of any organization centralized applications.
With the adoption of these processes, organizations can ensure the necessary tools are in place so you can test reliably package and deploy applications in the enterprise. Through preparation of applications, IT teams can obtain essential information about the behavior of the mobile application. For example, you can take advantage of the reputation of scanning applications, which examines the properties of an application to determine whether the mobile account used by the application violates the BYOD policies and privacy of the company. In doing so, IT can use these results to establish policies that define what behaviors are risky.
Even the most innocent mobile applications can pose a huge risk to organizations without realizing how design and function can access sensitive data and potentially share that data in violation of BYOD policies. Ultimately, it is the responsibility of IT teams to understand what popular mobile applications your employees are leaving corporate devices and BYOD, and understand what risk these applications present. With the process of preparing the application, they can fully identify and manage risk effectively mobile applications. As a result, employees can use authorized applications with confidence, knowing that have been investigated thoroughly, and will have even greater confidence that the danger has been avoided by avoiding applications that exhibit risk behaviors.
Employees commonly installed applications on personal devices also used for work. Often, employees do not think twice about whether an application they are using potentially could expose your corporate network at risk. In fact, an alarming percentage of mobile applications used within the company are able to access the functions of the device, or otherwise sensitive behavior of exposures that can pose security risks to the organization and violating their BYOD policies. Without understanding what these applications, organizations are playing Russian roulette with your safety.
It may seem farfetched that an application of the seemingly innocuous consumer could have a significant impact on the security of an organization, but the dangers are more rampant than you think. In the United States, a lawsuit Federal Trade Commission revealed that a manufacturer of flashlight applications was transmitting users' precise locations and unique identifiers to third devices, including advertising networks illegally. And the Environmental Protection Agency (EPA) faced embarrassment when an employee using an application Kim Kardashian Hollywood tweeted 52,000 Twitter followers agency, "I am now a celebrity C-List Kim Kardashian :. Hollywood Participate me and be famous too when playing on the iPhone! "that employee was using the Kardashian application on your mobile phone and did not realize that the application had the ability to automatically access the Twitter account phone and tweeting messages when they reach certain thresholds game. Unfortunately for the EPA, your phone is configured to use the official Twitter account of the EPA, not the employee.
These examples show that the risk to the safety of mobile applications to malicious hackers and hostile governments is not just limited. Threats to corporate data and reputation can be hidden in the most seemingly harmless applications, and can unleash an organization by the well-intentioned employee. Because of these hidden possibilities, companies must understand the risk behaviors associated with mobile applications that could compromise data security.
These everyday applications on the mobile device of an employee could serve as the unexpected bullet in the chamber. mobile operating systems include application programming interfaces that allow applications to access potentially confidential, proprietary or sensitive. Examples include contact lists with customer data, photos with location sites owned or blackboards with confidential data, and calendars with sensitive appointments. In addition, applications can access corporate social networking accounts on the device, and features integrated hardware features, such as GPS, camera, audio recorder, etc. In fact, many of the undocumented have applications that could be used with malicious or harmful purposes. For example, a study by Flexera Software found that 88 percent of iOS dating applications tested, including Grindr, OKCupid and Tinder, are able to access the location services of a device. Share location data could be a serious problem, especially when I do it with third parties may violate laws, regulations or company policies.
It is, therefore, necessary for CIOs and CSOs to fully understand what mobile device applications employees can do - what data, features and functions that can access - and then determine whether this behavior is acceptable on the basis BYOD policy of the organization. Testing mobile applications to discover their behavior and risks should be part of the preparation processes of any organization centralized applications.
With the adoption of these processes, organizations can ensure the necessary tools are in place so you can test reliably package and deploy applications in the enterprise. Through preparation of applications, IT teams can obtain essential information about the behavior of the mobile application. For example, you can take advantage of the reputation of scanning applications, which examines the properties of an application to determine whether the mobile account used by the application violates the BYOD policies and privacy of the company. In doing so, IT can use these results to establish policies that define what behaviors are risky.
Even the most innocent mobile applications can pose a huge risk to organizations without realizing how design and function can access sensitive data and potentially share that data in violation of BYOD policies. Ultimately, it is the responsibility of IT teams to understand what popular mobile applications your employees are leaving corporate devices and BYOD, and understand what risk these applications present. With the process of preparing the application, they can fully identify and manage risk effectively mobile applications. As a result, employees can use authorized applications with confidence, knowing that have been investigated thoroughly, and will have even greater confidence that the danger has been avoided by avoiding applications that exhibit risk behaviors.
1 comments
Nice