Sports apps raise staff security risks

Many of the popular mobile apps designed for the EURO 2016 UEFA European Championship could violate corporate risk policies and leave companies vulnerable to attack, a new report from Flexera Software shows.

The report indicates that if used on employer-issued or employee-owned BYOD devices, the popular apps used by millions of soccer fans worldwide could pose security risks for enterprises.

Many of the apps can access sensitive data functions and data, including ad networks with potentially malicious payloads, location services and even a device’s microphone.

Of the nearly 50 most popular iOS EURO 2016 apps tested, 73% support ad networks, 69% support location services and tracking, 67% support telephony, 57% support in-app purchasing, 57% support social networking and 4% support accessing the microphone.

Maureen Polte, Flexera Software vice president of product management, said the results of the analysis should serve as a wake-up call for IT leaders.

“Enterprises do a great job monitoring the various enterprise apps running on their networks and mitigating risks, however most do not extend their Application Readiness best practices to their mobile apps — an oversight which could invite unacceptable risk into the organisation,” she said.

“CIOs need to understand that the behaviours of the mobile apps their employees are using may interact with their corporate systems and data — because not all mobile app developers are trustworthy.”

Image courtesy of Bay Area Bias under CC