Lookout Endpoint Security
Endpoint Security

May 26, 2017

min read

Understanding Data Leakage From Mobile App Behaviors & Configurations

When many enterprises consider threats to their data via apps on a mobile device, they rightfully think of malware. However, there are many less obvious ways that apps leak data.

It's a well understood trend that enterprise are adopting SaaS as part of digital transformation.

What's not as well understood is that access to corporate data in the cloud is predominantly through mobile devices, as mobile devices now are the most frequent way that people access the internet. Taking that one step further, employees don't access the internet via browsers on their mobile devices. They do it predominantly using mobile apps.

The most sought after mobile apps in the business world are those that make employees most productive. However those are not always the apps built by the SaaS providers themselves, but rather apps that bring together many different services or what we call "mashups" of different APIs.

The challenge is that developers building those apps frequently don't understand the regulatory compliance issues that face certain industries, don't understand enterprise security policies, and don't understand data sovereignty rules. What they're focused on is innovating and making a great experience for their users.

Since the vast majority of mobile apps leverage pre-built open-source libraries, and are not coded from scratch, there is a danger that any app can exhibit data leaking behaviors even if it is not malicious. For example, apps that access employee personally identifiable information (PII) may not be classified as malware, but may present a compliance and data leakage challenge for CISOs and CIOs.

What app behaviors are considered a data leakage risk?

Mobile productivity apps often need access to device components or data to function, such as a teleconference app requiring access to the microphone. However, some apps aggressively seek access to data that may not be necessary to perform an enterprise task.
The six types of app behaviors that are considered potential risks include: access to sensitive data, data exfiltration, use of cloud services, data sovereignty violations, insecure data handling, and vulnerabilities.

Sensitive app behaviors

Protecting against data leakage from mobile apps

To reduce the risk of data leakage from mobile apps, the first thing security leaders need is visibility into the myriad of applications that employees download.

Lookout app analysis technology
The Lookout app analysis technology is powered by intelligence from over 40 million iOS and Android apps, giving you visibility into app-based risks.

Lookout Mobile Endpoint security delivers the combined capabilities of Mobile App Reputation Solutions (MARS) and Mobile Threat Defense (MTD) solutions. It enables security leaders to see and protect data from known threats out of the box, as well as understand and set policies against app behaviors that create compliance challenges for their own industry.

The risks to sensitive data from the mobile ecosystem exist on a spectrum that goes beyond malicious threats, the risk of non-malicious apps with sensitive behaviors that leak data falls within the "Behaviors & Configurations" element of the Mobile Risk Matrix.