I asked some of TechRepublic’s Smartphone bloggers if they were aware of any Android apps that posed security risks. AndSMB made Jack Wallen’s list, because it could open up Samba shares.
8. Backtrack5 Linux Installer
Jack Wallen also mentioned WEP Cracker, but I wasn’t able to locate it in the Android Market. A similar app, Penetration Pro, was recently removed as well. But thank goodness the Backtrack5 Linux Installer app is still available, so that you have the “ability to perform assessments in a purely native environment dedicated to hacking.” Just don’t do it on the job or with your company phone.
9. kWS - Android Web Server
According to Jack, a web server on an Android phone could cause issues if the phone was connected to the our company’s internal wireless. You don’t have to be a mindless sheep to know that would be baaaaaad.
Blogger Deb Shinder also weighed in on this topic. She shared a link from The Wall Street Journal that talked about some top apps that put data at risk. The three biggies were LinkedIn, Netflix, and Foursquare. According to the post:
“The apps exposed other types of personal data in plain text on cell phones –- like emails sent from the app by a LinkedIn member, or the movie queue of a Netflix app user, or search history under Foursquare’s Places tab.”
Deb also ran across a post on WebProNews that estimates that 20 percent of Android apps pose some degree of security/privacy risk. And unfortunately, you usually don’t know which ones are risky until it’s too late and the security has already been compromised. And while it’s all good and fine to gamble with and potentially reveal your own personal information, disclosing company information is a big no-no.
So, before you go app crazy on your company phone or mobile device, check to make sure you won’t be violating any of your organization’s policies. If no policies are in place that speak to the download of mobile applications, it still would be better to be safe than sorry. Consider limiting your company device to work-related apps, tools, and features.