The security firm Wandera SmartWire Labs has released a new report detailing how many popular business apps used by large enterprises leak data and present a multitude of security risks.
The company assessed the threats that exist on popular business apps and how they could be potentially damaging to large companies in Europe, the US and Asia. Wandera's report was able to shed light on 10 apps, widely used by enterprise employees, that failed to employ secure data storage and protect information that could personally identify users.
However the firm did not reveal the names of the apps, which have been downloaded an estimated 1.4 billion times from the Google Play Store, in its report.
To test the apps, Wandera used the Open Web Application Security Project (OWASP) test which revealed that the most common vulnerabilities are insecure data storage, lack of binary protections, insufficient transport layer protection and poor authorisation and authentication.
Wandera also tested a total of 28 business apps and discovered that all of the top apps contain at least five weaknesses. 90 per cent of the apps tested were also vulnerable to Man-in-the-Middle attacks as a result of Certificate Pinning. In addition to these vulnerabilities, Wandera found that 8 out of the 10 apps allowed their users to utilise weak passwords and that 3 out of the 10 apps use weak encryption.
The CEO of Wandera, Eldar Tuvey shared his thoughts on the result of the report: “In our increasingly mobile world, enterprises need to gain complete visibility in order to maintain control of their mobile data, ensure compliance and prevent security threats. Security is an essential concern when it comes to mobile app development and it should not be sacrificed for the sake of speed and convenience.”
Hopefully Wandera's report leads to businesses doing further research on the apps they choose to use at their enterprises and to individual users deciding to do the same.
Image Credit: Kirill Wright / Shutterstock