Many of the most popular mobile apps for the iPhone and Android-based devices pose serious security threats, leaving users vulnerable to data loss and other cybercrime activities, a new study found.
According to ViaForensics' latest appWatchdog report, mobile applications from several top internet companies fail to meet the necessary data security standards to protect user information. The computer security firm reviewed 30 social networking, productivity, financial and retail apps commonly found on iOS- and Android-based smartphones and tablets.
Of the 30 apps reviewed, only three received passing grades. Meanwhile, 19 received a warning rating, and eight were labeled as failing to provide adequate levels of security.
Social networking apps proved to be the most vulnerable, with Foursquare and LinkedIn both failing. However, other failing apps included Netflix, Square and WordPress, among others
"This latest round of testing also continues the trend from last month’s findings, where social networking apps remain fairly insecure, financial apps are generally more secure and productivity and retail apps fall somewhere in the middle," viaForensics stated in a blog post. "Hopefully, these latest results help serve as a wake-up call to app developers to better secure their users’ data on smartphones – BEFORE [sic] there is a major exploit of such data."
Mobile security woes are nothing new, but they have been receiving a greater deal of attention in recent years with the rise of mobile devices – particularly in enterprise environments. Given the growing popularity of employee-owned smartphones in the workplace, it is important IT managers incorporate these devices into their data security policies to protect against data loss and regulate usage.
According to a recent IDC report, one way to bolster security practices is by deploying mobile virtualization. This approach enables employees to remain productive away from the office by giving them access to their desktop computers from their mobile devices. It also improves security, because the data accessed on those devices can be isolated from one OS to the next, minimizing exposure to sensitive information, IDC stated.