A recent analysis of mobile applications installed in corporate environments by Veracode revealed 14,000 unsafe applications prevailing regardless of business industry or global location. On average, according to the report, a given enterprise has approximately 2,400 unsafe applications in use, usually installed on employee devices.
More unnerving, the study reveals that of these unsafe apps, 85 percent expose sensitive data, such as device IDs, contacts, call and message logs and other SIM card information. One third of the apps retrieve or share enough personal information for an attacker to “develop a complete user profile,” and more than one third perform “suspicious security actions” like determining whether a device is jailbroken or rooted.
With 2015 predicted to see more than seventy-five percent of mobile applications failing basic security tests, according to a report by Gartner, apps remain a vulnerable portal for attackers, cyber-criminals and nation-states to exploit. Though companies seek to enhance employee satisfaction and increase productivity through measures such as BYOD programmes, the analysis underscores that existing methods to mitigate unsafe mobile apps fall short due to scalability and a constantly evolving cyber-workspace.