Study: Third-Party Apps Pose Risks for Enterprises
Since mobile computing put an end to the good old days when IT departments had absolute control over software deployed in the enterprise, there’s been a rise in employees’ use of third-party applications — a rise that poses security risks to corporate environments.
That is one of the findings in a report CloudLock released last week.
The number of third-party apps connected to corporate environments increased by 30 fold over the last two years, the firm reported, from 5,500 to 150,000 apps.
CloudLock ranked more than a quarter of the apps found in business environments (27 percent) as “high risk,” which means they were more likely than other apps to open pathways into an organization for cybercriminals.
Companies have not ignored that danger, CloudMark’s researchers also found. More than half of third-party apps were banned in many workplaces due to security-related concerns.
All third-party apps pose a risk to the enterprise, but a specific subset of apps are particularly risky, according to Ayse Kaya-Firat, director of customer insights and analytics at CloudLock.
“The apps that touch the corporate backbone are the riskiest of all shadow applications,” she told TechNewsWorld.
Problems arise from the kinds of access the apps request from users, Kaya-Firat noted. “When you want to use them, some of them ask you to authorize them to use your corporate credentials. When you do that you give those apps — and by extension their vendors — access to your corporate network.”
The apps can pose a risk not only when they’re being used, but also when they’re not.