Did you know mobile is now a preferred attack vector for hackers? It is perceived as a weak entry point into the corporate network. With millions of apps available on the iOS and Android platforms, it is incredibly challenging to keep on top of the apps your employees decide to use. We can help.
Tag: Mobile
Do you like football? Beware of APPs!
As football fever sweeps across Europe due to the 2016 UEFA European Championship, the SmartWire Labs Team at Wandera has been analyzing the mobile data traffic patterns across our network of enterprise customers in the European countries that make up this year’s tournament. By investigating the billions of daily data inputs that are scanned by our Secure Mobile Gateway, we’ve made some startling discoveries about data security and mobile phone usage in the lead up to and during the tournament (Research period 25 May to 24 June 2016).
MALICIOUS WEBSITES AND DATA LEAKS
With the tournament in full swing, users are becoming more active on their mobile devices, by exploring new content and being exposed to an increasing number of online ads. As a result of this spike in activity, SmartWire Labs discovered an increase in the number of malicious websites being accessed by smartphones. Worryingly, it seems that the host country has been actively targeted by hackers with 72% of malicious websites and 41% of exposed passwords being detected on smartphones in France.
During our research period, the number of data leaks observed by our research team increased. We predict this number will continue to rise as the tournament goes on as a result of more people travelling across Europe and using unfamiliar apps and websites to access match information. Our research suggests that data leaks will peak in late June towards the end of Euro 2016 before going back to normal levels in late July.
UEFA APP FOR FANS IS LEAKING DATA
One of the most startling discoveries by our researchers relates to the ‘UEFA EURO 2016 Fan Guide’ App. It’s one of the official UEFA mobile applications for Euro 2016, designed to provide practical tourist information for fans that are travelling to France for the tournament.
We have discovered that user credentials (including username, password, address and phone number) submitted to the online UEFA store website, are being transferred by both the iOS and Android versions of the app, over an insecure connection. The app itself has over 100,000 downloads on the google play store alone, and a very high rating. The implications of this are huge with potentially thousands of people having their personally identifiable information exposed and possibly stolen.
CONCLUSION
Overall, the increased data usage during the beginning of Euro 2016 will come as no surprise to anyone. The risks associated with this increase in traffic however have huge implications. With more people traveling across Europe, using unfamiliar websites and apps, as well as the shocking discovery that the official UEFA app is leaking data could all lead to serious security breaches with thousands of fans’ data being put at risk.
UEFA’S RESPONSE
Since SmartWire Labs exposed the treat UEFA have acknowledged the problem and fixed the issue. A UEFA spokesperson confirmed:
It is correct that there is an issue with the fan app, concerning a third party component in the myfanzone section, where the contact details of around 4,000 users (name, email and phone number) were not fully protected.
Within a few days UEFA made the following statement:
All security vulnerabilities have been solved. Data exchange between the mobile App and the server are now encrypted.
Download report
Download “Euro_Paper.pdf” Euro_Paper.pdf – Downloaded 354 times – 778 KB
Enterprise Mobile Device Management
Security & Application Management for your Mobile
Enterprise Mobility Management (EMM) is the set of people, processes and technology focused on managing mobile devices, wireless networks, and other mobile computing services in a business context. EMM typically includes all of MDM Standard functions, but with the security services and additional tools create a more comprehensive solution.
C.H. Ostfeld sells VMWare AirWatch EMM, world market leader in this kind of solution.
The sale and technical support staff are certified by VMware AirWatch.
In addition we offer Wandera solution for the management and security of mobile devices. The solution enables deep integration with AirWatch.
The solutions provided are:
VMWare AirWatch
AirWatch® was founded in 2003 and achieved early success in managing wireless endpoints and rugged devices. In 2006, as smart devices entered the enterprise and employees required access to corporate information, the AirWatch leadership team strategically pivoted the company’s focus to manage any device in an organization’s mobile fleet. Today, AirWatch is the leading enterprise mobility management provider. In 2014, AirWatch was acquired by VMware. With the combined power of AirWatch and VMware, organizations have a complete solution that allows end users to work at the speed of life from any device, anywhere, anytime.
Open/Close all the descriptions
>
VMware AirWatch Enterprise Mobility Management
Workspace ONE
I Dispositivi mobili e la gestione del traffico dati
Gestire i dispositivi mobili e’ ormai prassi comune in tutte le realta’ che hanno visto proliferare nelle aziende, in questi ultimi anni, l’utilizzo di smartphone, tablet, etc.
Fino a qualche tempo fa si riteneva anche che IOS fosse una piattaforma molto sicura mentre Android fosse piu’ vulnerabile.
Tutti gli sforzi dei produttori di MDM in particolare AirWatch erano quindi orientati nel rendere piu’ “blindata” la piattaforma Android in modo da utilizzarla con maggior tranquillita’ in azienda. In questo senso AirWatch ha collaborato strettamente con Samsung e con gli altri produttori hardware su piattaforma Android per fornire garanzie di sicurezza alle aziende che adottavano questa piattaforma.
Un aspetto meno in evidenza e’ invece stato quello relativo alla sicurezza e alla gestione del traffico dati.
In questo campo si evidenziano parecchie brecce di sicurezza anche su piattaforme considerate sicure come Apple.
Alla gestione del traffico dati si dedica Wandera una soluzione integrata in AirWatch che affronta proprio il campo del traffico dati, la cui crescita esponenziale pone nuove sfide ai reparti IT, Security e Governance.
Wandera si occupa anche di contenere i costi del traffico affrontando la questione del roaming ma anche della riduzione tramite compressione dei dati stessi in transito.
Scarica il documento