Itasca, IL - Mar 24, 2015 - When the Kim Kardashian Hollywood game app, which an Environmental Protection Agency (EPA) employee was playing on her mobile work phone, tweeted out to the EPA's 52,000 Twitter followers without her knowledge, "I'm now a C-List celebrity in Kim Kardashian: Hollywood. Come join me…," Chief Security Officers everywhere shuddered. And rightly so. According to a new report, The BYOD Trojan Horse: Dangerous Mobile App Behaviors & Back-Door Security Risks prepared jointly by Flexera Software and IDC, enterprises are not doing nearly enough to understand which mobile app behaviors hitting their networks and data are risky, nor are they testing apps for those risky behaviors to ensure proper enforcement of their BYOD policies.
The report provides a sobering wake up call to enterprises, underscoring that BYOD risk doesn't just arise from malicious hackers and rogue nations. Threats to data and security are hidden, as in a Trojan horse, in the most innocuous-seeming apps that employees can unwittingly unleash on the enterprise, like a flashlight app that illegally transmits user data to advertisers, or common banking apps capable of capturing device logs, accessing contacts lists, reading SMS messages or even installing packages on the phone. Among the report's findings:
"BYOD policies are critical to organizations seeking to maximize the value and minimize the risks they encounter by integrating mobile devices and apps within their infrastructures, because these policies define the behaviors that are and are not acceptable," said Robert Young, Research Manager, End Point Device & IT Service Management and Client Virtualization Software, IDC. "But BYOD policies are inadequate if appropriate enforcement mechanisms are not put into place and followed."
"Most organizations already have strong processes to test and remediate traditional desktop, virtualized and cloud based applications to make sure they're safe and reliable. But as the report indicates, enterprises have not extended these Application Readiness best practices to mobile apps," said Maureen Polte, Vice President of Product Management at Flexera Software. "These same processes can and should be extended to mobile apps to ensure that risky app behaviors and apps are identified and appropriate measures are taken to contain those risks."
Learn more about Flexera Software's:
Flexera is reimagining the way software is bought, sold, managed and secured. We view the software industry as a supply chain, and make the business of buying and selling software and technology asset data more profitable, secure, and effective. Our Monetization and Security solutions help software sellers transform their business models, grow recurring revenues and minimize open source risk. Our Vulnerability and Software Asset Management (SAM) solutions strip waste and unpredictability out of procuring software, helping companies buy only the software and cloud services they need, manage what they have, and reduce compliance and security risk. The Flexera RightScale multicloud management and cloud cost optimization solutions enable enterprises to drive top-line revenue while optimizing cloud usage to reduce risk and costs. Powering these solutions and the entire software supply chain, Flexera has built the world’s largest and most comprehensive repository of market intelligence on technology assets. In business for 30+ years, our 1300+ employees are passionate about helping our 80,000+ customers generate millions in ROI every year. Visit us at www.flexera.com.
About This Report
This report is based on the 2015 Application Usage and Value survey, conducted by Flexera Software with input from IDC's Software Pricing and Licensing Research division under the direction of Amy Konary, Research Vice President - Software Licensing and Provisioning at IDC. The surveys were completed between November, 2014 and January, 2015, by more than 580 respondents from software vendors, intelligent device manufacturers and end-user enterprises. This annual research project looks at software licensing, compliance and installation trends and best practices.
*All third-party trademarks are the property of their respective owners.