TechGuard Blog

Are Application Permission Creeps Compromising your Business Data?

 

"You are a superwoman. You've remembered to wish you dear friend "Happy Birthday" on Facebook, added a few connections from LINKEDIN, logged consumed calories on your fitness app and texted back and forth with a couple clients to confirm appointment times. You remembered to text your husband to remind him about his doctor appointment and also to send that updated file to your coworker for review.  It's only 9:30 a.m. and you are a multi-tasking star, but are application permission creeps compromising your business data?"

 

 

Application permission gives permission to access data from another application.

 

Do you Work Remotely?


Many businesses are allowing employees to work remotely at times. One vulnerability that needs to be considered when working remotely is the risk of sharing confidential business information with other applications on smart devices. Many are mixing business with personal and unknowingly compromising private information resulting in putting the company at risk.

 

Understand that sharing devices such as smart phones, laptops, or tablets creates an increased risk for vulnerability. Having separate devices for personal and work is recommended best practice. Pay attention to the permission and privacy setting on each application. Most of the time an application should tell you exactly what information will be collected from another application and what the data will be used for.

 

There's a lot of information to consider protecting including intellectual property, client contact information, business agreements, text conversations, photos, and credit card information.

 

Take Action


If the budget does not allow providing separate devices for work and personal use, then there are steps that can be taken to reduce the risks:

 

  • EDUCATE your employees.
  • Do not give applications permission to access another application.
  • Block ads and clear cookies.
  • Use software that allows separating personal and work applications.


If the company has provided devices for work, make sure the employees understand why it's important to keep personal activity off of the company devices. Don't let application permission creeps compromise your business data.