Are Apps Safe? Tips to Protect Your Company’s Mobile Devices and Data

Are Apps Safe? Tips to Protect Your Company’s Mobile Devices and Data



The Pokémon Go phenomenon has attracted more daily users than Twitter, and the game app has been downloaded 100 million times. For the few of us who have not embraced the game with reckless abandon, it still may have piqued our interest. As a business, it may raise questions like how much time are employees spending to play the game during the work day?  You may also wonder if the Pokémon Go app is being downloaded on work devices or on your employees’ devices that are used for work, and is that safe? Maybe that leads you to question the safety of any app downloaded on mobile work devices. We’re glad you asked.

What is the State of Mobile Device Security

The use of mobile devices is on a steep incline. Some 2 billion people use mobile devices, and in the last five years, internet usage on mobile devices has increased 600%. It’s important to think about the security of these devices as business tools. Employers are issuing company devices and also embracing bring your own device (BYOD) policies. Companies should be setting mobile standards to minimize the threat of a security breach. Unfortunately, research suggests that both mobile devices are targets of cyberattacks and many companies are being too lax around mobile device security.  In a Ponemon Institute study, 83% of security professionals agreed that mobile devices are susceptible to attack.  They estimated that 64% of organizations are not vigilant in protecting sensitive data on those devices. So, perhaps it is not surprising that 67% of companies experienced a mobile data breach.

While it is advised to secure the device itself, it’s also important to understand how apps may undermine security.  A 2016 report by Secure Now reveals that 24.7% of mobile apps include at least one high-risk security flaw, business apps are three times more likely to leak login credentials than the average app, and games are 150% more likely to include a high-risk vulnerability than other apps.

How Can Apps Compromise Security?

There are a number of ways that apps may pose a security risk.  Apps don’t always adequately secure or encrypt the information they send and receive. Some apps contain malware that can infect your device. Apps may be accessing personal or confidential information on your device as part of the permissions you granted when you downloaded it.  The information apps collect may be “overshared.”

Mobile App Security Tips

1.  Install Updates:  Mobile users need to apply operating system updates.  App updates should also be installed.  Manufacturers of software and apps learn about the vulnerabilities and bugs in their products and provide updates to fix these errors, so it’s important to keep on top of these opportunities to protect your device.

2.  Check Permissions:  Before downloading an app, check what permissions it requires.  It makes sense that a navigational app wants to access your device location.  Other permissions may be questionable and unnecessary for the app to perform its advertised function.  Be wary.

3.  Shop in App Stores:  Apple’s App Store and Google Play monitor what is sold at their stores and try to weed out bad apps that contain malware. There’s no guarantee that they’ll purge every bad app, but there is active monitoring to try to protect buyers.

4.  Do Your Homework:  Before you purchase an app, take the time to look at the reviews, check security scores and research the manufacturer.  If things look sketchy, take a pass.

5.  Use Apps Safely:  If you’re sharing sensitive information using an app, make sure you are on a secure network, not public Wi-Fi. (See blog post: Staying Connected on Vacation: Is Public Wi-Fi Safe?)

6.  Add Protections:  A variety of mobile security software is available to not only scan for malware in apps, but also to identify apps that require excess permissions, alert users to potentially unsafe Wi-Fi connections, and provide anti-theft tools such as remote location and wiping capabilities.

As a business, educating employees and implementing policies to keep your company data safe, whether on a desktop, laptop or mobile device, can save you lots of trouble down the road.