VPN Articles and News

New Study Shows Enterprises Are Riddled With Unsafe Apps

Wednesday, September 2nd, 2015

As per the results of a new study, large enterprises have, on an average, 2400 unsafe apps within their ecosystems. The study was commissioned by Massachusetts based security company Veracode Inc. which provides web, cloud and mobile based analytics and security solutions to hundreds of big and small firms across several different industry verticals. Veracode analyzed analytics data supplied by its own cloud platform to carry out the study and discovered that malwares and other security threats are running rampant on corporate environments even as more and more companies are adopting mobility and BYOD solutions.

As a part of the study, Veracode analyzed more than 400,000 of the most popular apps available on Google Play and iTunes stores. Unlike other studies, the study conducted by Veracode focused not just on enterprise apps but also on other types of apps that existed on mobile devices being used in corporate environments. Also, since the study covered several different industry verticals (including manufacturing, financial services, telecommunications and media), it can be safely said that its results reflect an accurate picture of the types of security threats being faced by enterprises today.

Out of hundreds of thousands of mobile apps analyzed by the company, Veracode found that about 3 percent (or 14,000 apps) were potentially unsafe. Among the unsafe apps, 85 percent leaked sensitive information (including location, contact data, SMS logs, name of the carrier as well as device IDs); 35 percent retrieved or shared browsing history and calendar information and even sent them to overseas servers while 37 percent performed suspicious activities like installing/uninstalling apps, running unsafe apps, viewing cached information (including sensitive passwords), recording phone calls, replacing firmware, disabling anti-malware apps and even checking if the device was jailbroken or rooted.

Commenting on the results of the study, Veracode’s Vice President Theodora Titonis voiced concern regarding how unsafe apps were finding their way inside corporate environments. She gave an example of a popular yet extremely unsafe app (the Lazy Listen audiobook) that was monitoring phone calls, recording audio, reading file system as well tracking messages and location of the users to reinforce how unsafe apps were compromising corporate security. Titonis said that the behavioral analysis performed by the company indicated that such apps were not designed to improve customer experience, rather they were extensively being used by the app owners to steal personal and corporate information.

As a part of the study results, Veracode also revealed the names of top three mobile apps that are frequently blocked by the enterprises. It might come as a shock to you but Facebook, Netflix and Angry Birds topped the list of most blacklisted apps within corporate environments. This indicates that security is not the most important criteria for enterprises while they are blocking mobile apps, they are more worried about other parameters like productivity. The irony of the situation is that while safe apps like Facebook, Netflix and Angry Birds are banned within organizations, malwares and potentially unsafe apps are finding their way into corporate environments through users’ mobile devices.

September 2, 2015

Leave a Reply

Your email address will not be published. Required fields are marked *

9 + 0 =