"During our initial analysis of mobile applications we found that 91% of the top mobile apps unnecessarily expose a user's personally identifiable information. Despite this, most mobile users and businesses aren't aware of the risk these apps pose to their organization," said Sam King, EVP Product Strategy & Corporate Development, Veracode. "Our Mobile Application Reputation Service shines light on the behavior of these applications. When used in conjunction with Mobile Device Management (MDM) or Mobile Application Management (MAM) solutions, enterprises have a powerful tool to both inform and enforce their BYOD risk management policies."
The use of third-party apps creates a gaping security hole in enterprise IT infrastructures. Together with Veracode's mobile application vulnerability scanning, MARS equips organizations with a comprehensive and quantitative risk analysis on mobile applications supplied by public app stores, commercial developers and enterprise developers to inform enterprises' BYOD policies.
"Mobile computing raises new security concerns in an increasingly mobile world, where devices may be employee-owned, frequently changed, and used for both personal and business purposes," according to Gartner Research. "With the growing penetration of mobile devices in the enterprise, security testing and protection of mobile application and data become mandatory precautions against attacks."1
Using MARS, Veracode conducted an analysis of the most popular mobile applications used within enterprises today. The results show that many of these apps access confidential and sometimes personal data on the mobile device and expose sensitive information to unknown parties.
Veracode has partnered with industry-leading MDM and MAM vendors so that enterprises can use the information obtained through MARS to easily enforce BYOD risk management policies by setting up rules to automatically allow or block apps from the mobile device, based on the apps' risk ratings. Veracode recently announced one such partnership with MobileIron.
Over the past seven years, the Veracode Platform has scanned and analyzed billions of lines of code, including those in web and mobile applications, to help secure the world's software. Veracode MARS is the next step in the evolution of mobile application security.
For more information on MARS visit: https://info.veracode.com/mobile-info-request.html.
Veracode secures the world's software. We help commercial enterprises and government agencies address the acute threat posed by hackers who are targeting software vulnerabilities to gain access to critical data. Veracode provides an automated, policy-driven application risk management platform to secure mobile apps, web applications and third-party applications from across the software supply chain. Veracode works with customers in more than 80 countries, representing a variety of Global 2000 brands. For more information, visit www.veracode.com, follow on Twitter: @Veracode or read the Veracode Blog.