The hidden security risks of popular apps
As we rely more and more on mobile devices and an increasing number of businesses adopt BYOD strategies, security and privacy risks become a greater concern.
A new report by risk management specialist Appthority looks at the hidden risks presented by the 400 most popular iOS and Android apps. It identifies the ten most risky behaviors that threaten enterprise security, at least one of which is found in 99 percent of popular free apps.
According to the study which tested 100 free and 100 paid apps for each operating system, paid apps are safer but not by much. 78 percent of the top paid Android apps and 87 percent of the top paid iOS apps have at least one risky behavior. Risks include location tracking, used by 82 percent of top free Android apps and 50 percent of top free iOS apps.
Accessing the user's ID is carried out by 88 percent of free and 65 percent of paid Android apps but only 57 percent of free and 28 percent of paid iOS apps.
Risky behaviors are on the increase too with 71 percent of free Android apps sharing data with advertising networks, up from 58 percent earlier this year. In-app purchases are another concern with 58 percent of free Android and 55 percent of free iOS apps allowing them.
"As enterprises navigate how best to leverage the power of 'mobile' they have to confront the fact that user data and corporate data live side-by-side on mobile devices. Many mobile apps collect and share sensitive personal and corporate data without the user even being aware," says Domingo Guerra, president and co-founder of Appthority. "The first step toward mitigating this risk is to have full visibility into what risky behaviors are hidden in mobile apps, so that you can design acceptable use policies that protect your organization".
The report also highlights the fact that there are 85 developers behind the top 100 apps, making it harder for companies to keep control by sourcing their software from just a few trusted companies. On a more positive note it finds that malware infects only 0.4 percent of mobile apps and wasn't present in any of the top 400.
The full report is available to download from the Appthority website.