MobileIron customers blacklist Dropbox, OneDrive

MobileIron has released a list of apps that pose the biggest security risk to enterprises and, among the blacklisted apps are Dropbox and OneDrive.

The list is part of the newly released “State of the App Security” statistics, which include insights about how companies are using and protecting mobile apps.

According to the whitepaper, which you can read here, employees may store corporate documents on personal Enterprise File Sync and Sharing (EFSS) apps, putting sensitive corporate data outside of IT’s protection.

Here’s the list of the blocked apps:

  • Dropbox (EFSS)
  • Angry Birds
  • Facebook
  • OneDrive (EFSS)
  • Google Drive (EFSS)
  • Box (EFSS)
  • Whatsapp
  • Twitter
  • Skype
  • SugarSync (EFSS)

At the same time, the top third-party apps currently deployable across MobileIron’s customer base are:

  • Salesforce
  • Goodreader
  • Microsoft Office Suite
  • Cisco AnyConnect
  • Box
  • Cisco Webex
  • Skype for Business
  • Google Docs
  • Evernote
  • Xora Mobile Worker

“As more business processes are mobilised, hackers look to mobile apps to capitalise on enterprises’ inability to prevent and detect mobile threats,” said Mike Raggo, Director of Security Research at MobileIron. “To protect sensitive data against the threats of tomorrow, enterprises need to rethink their security approach for a fundamentally different mobile architecture.”

MobileIron customers have also deployed more than 300,000 apps that were built in-house for employee use, the company said in a press release.

As the future of work evolves toward mobility, so will the future of data breaches and cybercrime. Recent attacks targeted mobile apps and operating systems to exfiltrate sensitive data, and many enterprises were unprepared.

The challenge with mobile devices and apps is that the user -- and not the IT administrator -- is generally in control. Devices fall out of compliance for a variety of reasons.

One in 10 enterprises has at least one compromised device accessing enterprise data, and more than 53 per cent of enterprises have at least one device that is not in compliance with corporate security policies.