March Madness Apps May Create 'Bring Your Own Device' (BYOD) Risk for Enterprises Devices Pose a Security Risk?
Unbeknownst to employees, the behaviors and functions of widely used March Madness sport and media apps may violate corporate BYOD risk policies
Itasca, IL - March 14, 2016 As American employees succumb to the frenzy of NCAA Basketball March Madness - the growing roster of mobile apps feeding their obsession could pose a security risk to organizations if used on employer-issued devices or employee-owned, BYOD devices capable of accessing corporate data. According to a new report from Application Readiness expert, Flexera Software, many of the apps popularly used by employees to do everything from create brackets to follow their favorite NCAA teams - could exhibit behaviors that violate corporate risk policies
"Many of employees' favorite March Madness apps are able to do things like access their device's calendars, contact lists, address books, and social media accounts such as Facebook and Twitter. Some can also track employees' locations or access the device's texting capabilities," said Maureen Polte, Vice President of Product Management at Flexera Software. "Before CIOs can evaluate potential risk - they must first understand what these apps do, the data they can interact with and the device functions they can activate."
The report found that of the 28 popular Apple iOS March Madness tested:
- 89 percent, including Daily Bracket, ESPN and March Madness Live, support advertising networks.
- 79 percent, including CBS Sports, Dish and Tournament Challenge are capable of accessing the device's location tracking functionality.
- 71 percent, including CBS Sports, Daily Bracket and March Madness Live are capable of accessing and sharing data with social networking sites connected to the device.
- 68 percent, including ESPN, Sports Feed and Twitter can access the device's SMS texting functionality.
- 61 percent, including CBS Sports, ESPN and March Madness Live can access the device's calendar.
"These app behaviors and functions may or may not be risky for particular organizations - depending on their definitions of risk. What may be considered safe for a manufacturing company may be risky for a financial institution," added Polte. "So, it's critical for CIO's to avoid potential risk and embarrassment by establishing their own BYOD risk profiles and policies, and then testing the apps used on BYOD devices to understand which ones violate those policies."
To compile the report, Flexera Software identified 28 popular March Madness, sports and media apps, representing a small sampling of those that can be found in the Apple App Store and that could easily be downloaded by employees to a corporate-issued or BYOD device. These apps were tested using AdminStudio Mobile, an Application Readiness solution that helps organizations identify, manage, track and report on mobile apps, simplify mobile application management, reduce mobile app risk and address the rapidly growing demand for mobile apps in the enterprise.
 The apps tested were: Breaking!, CBS Sports, Daily Bracket, DIRECTV, DISH, DraftKings, ESPN, fanatic, FanDuel, FantasyFootball, MarchMadnessLive, Rotoworld, SeatGeek, Yahoo Sportacular, Sports Feed, Sportsmanias, StubHub, SXMLiveAudioPlayer, Team Stream, theScore, Thuuz, TournamentChallenge, TuneIn Radio, Twitter, Watch TBS, Watch TNT, WatchESPN, XPlay,
# # #
Download the Report
Learn more about: