Dangers of downloading unapproved apps

A security firm found that between 75 and 80 percent of the top free apps on Android phones or iPhones were breached. The number jumps as high as 97 percent among the top paid apps on those devices.

Whether these apps help advertisers target you or help hackers rip you off, you'll want to do your homework before downloading apps, reports CBS News correspondent Anna Werner. California's Susan Harvey said she was a victim after she used a debit card to download a slot machine game app to her cell phone through a Google Play store account. I physically, I was sick, because I didn't know what they were," Harvey said. That story's no surprise to cybersecurity expert Gary Miliefsky, whose company SnoopWall tracks malware.

He said certain apps are designed to steal your personal information. You're gonna wonder why there was a transaction. You're gonna wonder how someone got into your bank account and paid a bill that doesn't exist," Miliefsky said.

The information in this article is up-to-date which helps. I installed many mobile apps but never consider any apps dangerous. But after reading this i understood the harmness of apps. I will more conscious about it. Thanks a lot. I used to think all apps were safe, and I do not give them permissions, but I guess I need to be careful from now on what I download and keep on my phone!

I thought all apps were screened by Google or Apple. Time to get aware! These have become rampant nowadays and I am wary of downloading anything unless it is completely necessary. Informative, informative, informative! Totes Newsworthy. Wednesday, November 24, Sign in. Forgot your password? Get help. Password recovery. Home Buyer Beware. Buyer Beware Totes Newsworthy. By Totes Newsworthy. January 20, Viruses made themselves known way back. Android Ransomware If you thought ransomware only targeted company networks and computers, you are gravely mistaken.

Wonderful job: Loading Productivity, collaboration, and project management tools. Aiming to better organize teamwork, collaborate with colleagues, and improve productivity , employees often experiment with online services. But using insecure tools like Trello, Asana, and Zoom for sharing work-related information may be a cause of unintentional data leaks. Messaging apps. People often use messengers for both work-related and non work-related chats. This can be a severe cybersecurity issue if workers share corporate files, data, and credentials within insecure messengers like WhatsApp, Signal, or Telegram.

Email services. The majority of employees have at least two email addresses: a personal and a corporate. With an average of sent and received business emails per employee each day, workers can get mixed up between their email accounts and unintentionally expose sensitive data to third parties. Why do people use shadow IT? What are the risks of shadow IT? Unpatched vulnerabilities and errors Software vendors constantly release new patches to resolve vulnerabilities and fix errors found in their products.

Compliance issues Shadow IT may break compliance with various regulations, standards, and laws, which in turn may lead to fines, lawsuits, and reputational losses. Learn more about Meeting IT Compliance Requirements Inefficiencies Even though boosting efficiency is one of the reasons many people start using shadow IT in the first place, chances are high that the result will be the complete opposite.

Financial risks Unapproved software and services often duplicate the functionality of authorized ones, meaning your company spends money inefficiently.

The short answer is to improve management of all technology resources. The best tactic for dealing with shadow IT is to: 1. Here are six efficient strategies for mitigating shadow IT security risks in your organization: 1. Here are examples of categories in which you can place shadow IT resources: Sanctioned. Additional software whose use is allowed Prohibited. Potentially dangerous solutions that may have vulnerabilities or store data insecurely In case employees want to use solutions absent from the lists of sanctioned and authorized software, they should first ask your IT department to check their security.

Educate your employees on shadow IT One of the most effective ways to mitigate shadow IT risks is to educate your employees about the true dangers of using unapproved software.

Read also: People-centric Security for Remote Workers 3. Give your employees the tools they need Remember why people usually turn to shadow IT in the first place? Keep an eye on the cloud Not all cloud-based services provide decent data security. To do that, adopt solutions that monitor your corporate networks and detect: Anomalous network activities Software downloading and installation Data and workload migrations Other indicators of possible shadow IT practices 6.

Monitor your networks and employee activity Monitoring what happens within your corporate network is an effective way to gather information about the software, applications, and web resources your employees work with. Learn more about Employee Monitoring Ensure efficient and robust monitoring with Ekran System Ekran System is an insider risk detection platform that provides you with complete information about user activities, whether users are in-house employees, remote workers, or subcontractors.

Ekran System can help you: Monitor software use. See what kind of software your employees use and how. This allows you to not only discover shadow IT sources but also understand how shadow IT originated and why it persists. Monitor internet use. Receive information about the websites visited by your employees and the time spent on each.

In this way, you can discover unauthorised use of cloud services. Monitor and block USB devices. Detect connected USB devices and block them automatically or manually.

See firsthand what happens to your sensitive data. With Ekran System, you can see exactly how your sensitive data is accessed and used — and by whom. This can help you detect and target shadow IT applications that directly interact with sensitive data. Then, you can adjust the selection of approved software in order to improve the effectiveness of current processes and mitigate the need for shadow IT. Conclusion Shadow IT is not only a cybersecurity issue but also can be a symptom of an inefficient IT strategy.