The age of the app is well and truly upon us. It feels like a very long time ago now that Apple was first pushing its app for that message, and today, barely a second thought is given to downloading the latest app from the iOS or Android app store. But what does that mean for mobile data security?
Most of us are reasonably well versed in what to look out for when it comes to bad apps. Dodgy looking icons, suspicious imagery and inaccurate names are all big signals that the app listing in question is not quite the real deal. Fake versions of Fortnite, for example, are rife on the Play Store – a phenomenon regularly seen whenever a new app soars to the top of the popularity list.
The security savvy will also be wary of apps made available outside of official channels. Switching off third party downloads and being extremely careful when installing APK files are widely accepted best practices for mobile security.
For businesses, adopting a Mobile Threat Defense (MTD) tool will keep users safe from these kinds of threats. Yet there’s something potentially even more scary to be aware of.
Mobile Data Security Threats Hiding in Plain Sight
With phones locked down by an EMM, secured with an MTD, and users educated about prevalent threats, you might think that the risk is all but gone. The problem, however, is that even the most legitimate apps might be doing things you wouldn’t want them to do.
Modern applications like WhatsApp, Facebook, Snapchat and so on will communicate with dozens, if not hundreds, of locations as they deliver functionality to the user. These locations might be needed to access resource libraries, to communicate with integrated services or to transmit information to and from advertising networks. This kind of communication is entirely normal.
Or is it?
Sometimes even the most reputable applications have been known to exhibit highly suspicious behavior. The most recent example of this was Friday’s news that certain Nokia devices were communicating with servers located in China. The problem here is that no one could really explain why this was happening. Even more alarmingly, this data was being transmitted in plain text – essentially sending information without encryption – leaving it dangerously exposed to potential interception.
Mobile Data Security Must Address Apps
Weather apps, wallpaper apps, social games – even a supposed anti-Adware app for MacOS – have all been shown to send data to countries they shouldn’t be without necessarily being malware or overt cybersecurity threats.
Ultimately, for any organization wanting to stay on top of these rogue communications, they must first embed the necessary technologies and processes to monitor traffic for anomalous activity.
The Threat is Real
This week alone NetMotion customers have identified more than a dozen such unusual signals, including instances in the US and Japan in which data was being transmitted to China (and other regions) for no discernible reason in otherwise legitimate applications. These events prompted administrators to implement new policies to block these outbound connections, which in neither case actually limited the functionality of the apps in question.
Data can be exposed in countless ways on mobile, from simple phishing campaigns to sophisticated malware attacks. It’s probably impossible to defend against these comprehensively, but any security strategy should begin with visibility (where is my data going?) and end with action (how can I block any unwanted connections?).
- Best practices in legal IT: Daniel Demonakis from Linklaters
- Verified IT and security leaders reveal highest-rated ZTNA platforms in new G2 Grids
- Best practices in finance IT: Sven Goelles from Lincoln International
- Inside NetMotion: A security engineer’s view of SASE
- Best practices in public safety: Alex Bowen of the UK’s National Enabling Programmes