Industry Updates

Mobile App Vulnerabilities Found To Leave Data Unsecured

Most apps these days make use of cloud storage in order to minimize their footprint on your device. That’s good in theory, but based on new research from Zimperium, a disappointing percentage of app developers don’t do nearly enough to secure the data they’re housing for you. In fact, the recent study indicated that fully 14 percent of iOS and Android apps that use cloud storage had insecure configurations or were otherwise vulnerable to attacks by third parties.

Naturally, depending on the exact nature of the apps you use, the nature of the data that’s stored within them will vary markedly. Thus, hackers who breach those unsecured cloud storage systems may wind up with little more than your email address and your latest high score on whatever game you’re obsessed with at the moment, or they could wind up with sensitive financial and/or health-related data.

It should be noted though, that even relatively innocent apps like games (that don’t keep much in the way of personal information) often ask for and receive a wide range of intrusive permissions on your device. That means the developers of those apps could be harvesting a lot of more sensitive data you weren’t even aware of.

The study puts the exclamation point on the end of two very important points that are well worth remembering. One, it pays to read every app’s terms of service agreement closely and monitor exactly what permissions every app you install is asking for, and selectively denying that permission if you deem it to be a bit too intrusive for your comfort.

Second, it’s well worth taking a bit of extra time to uninstall any app that you lose interest in and stop using. By keeping it on your device just in case you decide to circle back to it later, you’re increasing your exposure and increasing your risk.