Cybersecurity Checkup© for June
Connecting with Apps
How many mobile applications have you downloaded, on your phone or tablet? When you download a mobile application, do you take the time to read the end user license agreement (EULA) or do you simply hit accept? Are you aware of what those free apps are going to cost you? For example, have you already agreed to give access to your contact list, in exchange for playing a game, knowing where a farmer’s market is, or how long before the sun sets?
Both personally and professionally, I often deliver the message that mobile applications are flawed. The truth is that many businesses are having a difficult time with mobile application development and security. These apps are often created within a very short time frame, with little attention to adequate security controls, while focusing on monetizing, from your private data; this is something which should concern you and me.
Does this mean that all mobile applications are bad? No, it does not, however, it does mean that you need to be aware of the permissions you are granting and the condition of use which you are accepting. Some access to your phone is usually required in order to make the application successful, such as access to the mobile storage device. So what mobile applications are safe and how do you know?
Before you download a mobile application, take a look at the date of the last update. There should be consistent updates, indicating that the company is actively ensuring that the application remains current. Since 2013, 43-47 percent of all vulnerabilities are application based.
Next, look at the permissions that the mobile application is requesting. For example, the Facebook application requests the ability to: “read your calendar events including confidential information, add or modify calendar events and send email to guests without your knowledge, read and modify your contacts, GPS location, read your text messages, directly call phone numbers, read, modify or delete the contents of your USB storage, take pictures and videos, and record audio.” You may want to think about connecting to Facebook via the web application. This is how I connect.
Finally, before you add an application to your phone, spend a few minutes to research what others have to say about their experience with said app. Remember tech people like to talk about their toys and tools, take a look at the rankings, the problems, and the benefits which users of that app, take time to post on-line. If the reviews are not glowing, keep looking.
Remember that this is about housekeeping, so like the tools which you have not used in this century or the clothes you have not worn in a year, if you have applications on your phone that you are not using, just delete them, as less access to your life, through your phone, the safer you will be.
By the way, do you have the mobile flashlight application? If so, you are not alone, five hundred million people presently have this mobile app. The top ten flashlight apps that you can currently download are all malware. The flashlight mobile application has the ability to copy all of your contacts, access to the USB storage, use pictures in your gallery, take new photos, using your phone, record video, and use GPS location, which is then sent to China, India and Russia.
How Connected do you want to be?
