How will Apple's sideloaded apps impact corporate IT? Analyzing the critical risks
Apple is known for maintaining high standards when it comes to the App Store. It has put strict developer guidelines in place, runs a thorough review process on new apps that are submitted to the marketplace, and monitors apps to ensure they deliver what developers promise.
This tightly controlled environment has been established to maintain a great user experience, preserve end-user privacy, and protect the platform from bad actors, all while allowing third-party developers to create compelling experiences on Apple’s mobile platforms. Apple’s operating system design, coupled with these protective policies, has helped to keep the iPhone and the applications that run on it generally immune from widespread threats for almost two decades now.
Over the years, these efforts -- and Apple’s ongoing commitment to privacy, security, and safety -- have differentiated the iPhone. In 2021, Apple introduced App Tracking Transparency to address concerns about user data collection. Just a year later, in 2022, Apple rejected nearly 1.7 million apps out of 6.1 million submissions, showing its commitment to high standards in the App Store.
However, the Digital Markets Act (DMA) has forced Apple to dismantle the walls it has built to protect the iPhone’s app marketplace in Europe. In light of recent legislation, Apple has been identified as one of the influential gatekeepers within the European market. This designation subjects Apple to specific regulations aimed at ensuring fair competition and open digital markets. Most notably, the technology giant is being forced to provide users with an option to sideload apps from alternative marketplaces onto their iPhones.
In response to the EU regulation going into effect, Apple launched iOS version 17.4, permitting users with Apple IDs registered in the EU to install applications from sources outside of the official App Store, bypassing Apple's strict controls. While not all apps distributed through alternative marketplaces are malicious, the DMA's allowance for such practices introduces new considerations for app distribution and security.
So, how will this impact EU businesses or those with workforces operating from the EU?
Before diving into the critical risks introduced through the newly permitted alternative app marketplaces, it's important for businesses to understand how Apple is optimizing its approach to managing these external applications.
From iOS 17.4, Apple is implementing notarization for mobile apps, a review process previously applied to macOS apps. This requires developers to submit their apps for a baseline review by Apple, ensuring a minimum security standard before apps can run on iOS devices. The review includes both machine analysis and human examination to scan for malware and verify that the app functions as described. Apple is still committed to maintaining security of the platform, but their claim is that they’re being too far removed to monitor for safe content within the apps, as a result of the DMA.
There are also new rules for developer registration. All developers, regardless of how they plan to distribute their apps, will be required to register with Apple's developer program, verifying their identity with legal names, phone numbers, locations, and other details. By having a developer ID attached to every app in distribution, including those that go through alternative app marketplaces, Apple will be able to apply restrictions on code produced by those developers, should they be found to contain malicious content.
However, despite these proactive measures, sideloaded apps will bring some compounding risks for organizations that will require a more proactive approach to managing and securing mobile devices used for work to ensure they maintain an acceptable security posture and cyber resilience.
Risks of sideloaded apps
Organizations must recognize that while Apple continues to enforce certain security measures, the open system mandated by the DMA introduces inherent risks that are not present in the previously closed ecosystem. With the ability for apps to be distributed through third-party stores, Apple's control over the content becomes limited. This change could lead to the availability of apps containing content that was previously restricted by Apple's policies, such as pornography or self-harm.
The decentralized nature of app distribution under the DMA means Apple's content guidelines may not uniformly apply across all platforms, potentially diluting the ecosystem's content quality and safety standards. This will open up new risks for businesses in regard to the type of content that can be accessed within their network infrastructure. Threat actors could use these third-party apps to distribute malicious content, often embedding phishing links or inappropriate information.
In addition, the introduction of alternative app marketplaces will likely fragment iOS’s review system. The App Store has always used consolidated reviews to monitor and address certain application performance and security issues. However, third-party app stores will fragment this system, possibly reducing Apple's ability to use community feedback as a tool that allowed for timely responses to quality control issues. This means businesses will have less trust in the quality of applications being accessed by their staff on their devices. It will potentially lead to the threat of such apps covertly collecting and disclosing personal information without user consent or awareness.
Furthermore, the spread of app distribution channels may limit an organization’s visibility into where and how apps are being downloaded and used. This lack of oversight complicates Apple's ability to track and manage apps effectively, especially concerning user-generated reviews, app performance and security feedback. So, these oversights and monitoring responsibilities will fall onto businesses themselves.
Therefore, it's crucial for businesses not to rely solely on Apple's security measures but also to implement their own checks and balances.
Mitigating the risks
Business leaders need to consider how important it is for the organization to utilize an alternative app marketplace outside of the traditional App Store. The more they use an alternative distribution channel as a business, the more they’re fragmented from the iOS ecosystem. So, it’s important to weigh the benefits against the potential risks.
Also, it’s important to establish and maintain good device hygiene. This doesn't necessarily mean following established compliance standards but could involve setting internal benchmarks around device configuration and access policies, and implementing a routine audit program to ensure devices continue to meet those standards over time.
Most importantly, businesses need to start getting better insights into the applications installed on work devices. The more apps come from unvetted alternative marketplaces, the more risk they create for the devices running them -- regardless of how often those apps are used. Such apps could potentially open a backdoor for threat actors to gain access to the device and compromise the user or other key assets.
Business leaders need to carefully consider whether they want to allow alternative app marketplaces to provide apps for workers. However, if businesses ultimately want to leverage sideloaded apps, they must implement tools and policies to gain visibility into every app installed on work devices. Understanding the origin and update frequency of these apps is crucial for assessing the devices' risk posture. Investing in solutions like mobile device management (MDM) can effectively help to achieve this.
Given the interconnectedness of apps and internet browsing, organizations must consider the implementation of policies to mitigate web-based threats. These should aim to filter internet access through company-configured applications or browsers to prevent phishing attacks and other online risks. Historically, these policies would work across all apps and browsers on an iOS device, but the DMA also introduces the ability for alternative browser engines, opening the door for apps to potentially bypass local policy; organizations should factor this into their decision matrix for allowing the apps to be installed.
Alongside these considerations, organizations should emphasize Zero Trust Network Access (ZTNA), where corporate data is transmitted through secure channels, isolating it from other traffic, including that from sideloaded apps. This approach ensures that organizational data remains protected while personal user data remains private.
Overall, the shift induced by the DMA calls for a balanced approach that leverages Apple's security enhancements while acknowledging the broader risk landscape. Both business leaders and security teams play pivotal roles in navigating this new terrain, ensuring that the organization's integrity and security posture remain intact. Embracing these challenges with informed and proactive measures will be crucial in maintaining a robust security posture in the evolving digital ecosystem.
Image credit: daboost / depositphotos
Michael Covington is VP of Strategy at Jamf.