Get Started Today!  217-475-0226

croom new

Decatur Computers Inc. Blog

Decatur Computers Inc. has been serving the Decatur area since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Basic Errors Have Made Hundreds of Applications a Risk to Data

Basic Errors Have Made Hundreds of Applications a Risk to Data

Earlier this year, it became known that almost 2,000 mobile applications suffered from some type of security threat, thus putting a lot of sensitive data on the line. Let’s examine how you can ensure that your business doesn’t suffer from mobile app security issues.

Access Permissions Are the Major Culprit

Apps are not fully hosted on your device the way a desktop application might be on your computer. Rather, they are hosted in the cloud, and the app itself is more of a hard-coded shortcut that allows you access to the data or service provided by the application.

At least, that’s just how it should work in theory. According to Broadcom’s Symantec Threat Hunter, this type of single-purpose login process allows hackers to access all of the files that a cloud service contains, including company data, backups of databases, and system controls.

The scariest part is that multiple apps use the same publicly available software development kits, or SDKs, and many apps are built by the same company, allowing these login credentials to be used for multiple different types of applications and services found on the same infrastructure.

So, if a hacker were to gain access to one of the access tokens used by a company, they could potentially gain access to all of the applications which that access token provides access to.

Research conducted on Android and iOS platforms found around 2,000 applications that had their credentials hard-coded to Amazon Web Services (around three-quarters of those granting access to private cloud providers, and half of those granting access to private files), half of which also contained access tokens for unrelated applications.

What Can You Do to Protect Your Business?

Naturally, you don’t want someone to be able to access your company’s private data or the data you’ve collected from clients, employees, or other interested parties. Naturally, you should have some level of control over who within your organization can access what data.

Let’s look at it this way; the human resources department at your business might need access to employee information, but nobody else should be able to access that data. The same can be said for other data, too, according to the employee’s role within the company. The fewer people who have access to data, the less likely you are to expose said data to a security breach.

So, long story short, to keep your data safe from these types of mobile application exploits, control who can and cannot access specific data.

To learn more about how you can protect your business, call Decatur Computers Inc. at 217-475-0226.

×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

USB Drives Carry a Lot of Business Risk in a Tiny ...
Declining PC Shipments Suggest New Business Comput...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Saturday, December 03 2022

Captcha Image

Mobile? Grab this Article!

Qr Code

Latest Blog

You’ve probably seen the word “metaverse” pop up in your news feed at least once or twice over the past couple of months, but the concept can be a bit difficult to understand, as it’s a bit complicated by nature. Let’s discuss what the metaverse is, why it’s important today,...

Latest News

Decatur Computers Inc. is proud to announce the launch of our new website at http://www.decaturcomputers.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for prospective clients.