While malware makes headlines, the risk of legitimate mobile apps exposing enterprise data to unauthorised third parties should be of greater concern to enterprises.
So says Nader Heinen, security advisor at BlackBerry's security group, and speaker at the forthcoming ITWeb Security Summit 2014.
Heinen notes that vast numbers of mobile applications connect to users' personal information and contact lists. "While these applications may be legitimate, they may share the data on a mobile device - such as contact lists - with a third-party without the consent of those contacts. This could be in contravention of privacy laws," he says.
Heinen notes that the average user does not read the terms of use for apps or consider the risks of exposing their mobile data to third parties. "Within hours of buying a new handset, people place all their contacts on it, add their mobile banking credentials and install a range of consumer apps without necessarily checking how secure they are or what the terms are," he says.
"In many cases, the apps won't work without access to data on the device. Geo-location apps, for example, may be useful, but what if the user is a government official whose whereabouts should not be tracked?"
Heinen says in a BYOD era, having enterprise data on the same devices as vulnerable consumer apps raises serious governance, risk and compliance issues for the enterprise. BlackBerry believes the solution lies in multi-layered security, careful management of the app store, and the segregation of enterprise content from personal content on the mobile device.
"Instead of asking millions of users to update their mobile security regularly, OEMs [original equipment manufacturers] and service providers need to take on the responsibility of keeping the environment as secure as possible - it's just good business," he says.
Heinen says over the past two decades, BlackBerry has managed to keep its application environment secure through a multilayered approach, with a security division that continually updates and innovates to stay ahead. This success has prompted it to extend its enterprise mobile security solutions to the iOS and Android environment, with Windows set to follow soon.
BlackBerry will participate in the upcoming ITWeb Security Summit 2014, exhibiting its enterprise mobile security solutions, Heinen will also address the event on the subject of mobile security threats. For more information about this event, click here.
Share