Mobile Apps That Present the Greatest Risks
- 1 of
-
Risk Categories
The study identified five primary risk categories: privacy, data leak, account takeover, device takeover and malware. -
Risky Business
Categories at greatest risk include communication, social, news and magazines, media and video, travel and local. -
Safe Bets
The lowest risk apps include games, widgets, comics and weather. -
Looks Can Be Deceiving
Seemingly innocent apps—wallpaper and business productivity apps and shared document services—can pose risks. -
A Healthy Approach?
Health, fitness and lifestyle apps read user data, but they often poorly protect user data and privacy. -
Medical Matters
Medical apps offered by hospitals and HMOs were among the safest apps. The risk for data leakage or takeover was low. -
Communication Breakdowns
Communication apps present significant risks, partly because they connect to a user's contact database. They can mine data and send it to third parties over the Internet. -
Dangerous Liaisons
Analysis of more than 4,500 social media apps showed that while some are relatively safe, many expose users to data loss, account takeover and privacy violations. -
Bad News
Many news sites rely on compiled code from ad networks. In some cases, the code extracts private data, which can lead to account takeovers. -
A Sporting Chance
95% of the apps tested posed little or no risk of data loss, but the other 5% were rife with malware, and many sites posed a privacy risk.
The business world has changed immeasurably since the introduction of mobile apps. Only five years ago, the idea of bring-your-own-device (BYOD) initiatives—along with employees installing software on their personal mobile devices and using them for work-related tasks—was largely unknown. Today, thousands of mobile apps exist, including a wide range of third-party tools that tap into everything from social media services to music and entertainment. Identifying the types of apps that present the greatest potential threats to business is a growing concern. Marble Labs, the threat research unit of Marble Security, has released a report that outlines the threat. "Marble Security Mobile App Threat Report March 2014" reports that certain categories and apps do present a greater threat to organizations. Marble Labs analyzed more than 200,000 Android apps during the month of February. It used static (permissions that apps request and data apps access), dynamic (studying apps over time) and behavioral (using a virtualized kernel to determine actual app behavior) analyses. "IT leaders need to consider the risks that apps can pose to the broader security posture of their organizations," advises Marble Founder and CTO Dave Jevans. "Employees who have risky apps on their devices can expose companies to devastating targeted cyber-attacks. IT leaders need to deploy security technology to analyze and prevent these risks on mobile devices." A number of the report's conclusions are listed in the following slides.