It’s already difficult for end users to determine whether an app they use has been compromised, and with malicious mobile app threats such as last year’s Masque attack creeping into the enterprise, it’s about to get harder than ever for IT departments to determine that, as well.

Dangers of the Mobile App Explosion

According to the State of Mobile App Security report released in November 2014, there will be 253 billion app downloads in 2017, nearly double the 127 billion downloaded in 2014. Business apps in particular saw impressive growth last year in both the Apple App Store and the Google Play Store, with gains of 210 percent and 220 percent, respectively. This highlights the trend of employees increasingly using apps on their personal devices for work purposes.

It’s clear that we are currently in the midst of an unstoppable app explosion. IT departments must be ready to defend the enterprise against mobile app attacks from both outside the organization and its unknowing end users within.

No mobile device or operating system is completely safe as is, and no matter how unlikely a threat may seem, all it takes is one mistake to set in motion a cascade of critical leaks that could quickly take down a business. With this in mind, the following are four tips aimed at helping your organization prepare for the evolving nature of mobile app threats on the horizon:

1. Deploy an EMM Solution

First and foremost, your organization needs to employ an enterprise mobility management (EMM) solution. Having the right EMM solution in place lets you monitor and manage the apps and devices being used by your fellow employees, giving you visibility into the mobile environment within the enterprise and helping you act on threats before they affect your organization. Mobile threat management, another facet of EMM, provides organizations with mobile malware prevention and enhanced active protection through the ability to detect, assess and mitigate mobile security risks as they arise.

2. Establish Policies Around App Usage

One of the most mission-critical aspects of ensuring end users are safe from the mobile apps they use is through the establishment of policies that mandate app usage within the organization. Instituting security policies such as blacklisting and white-listing apps and compliance checks can set the ground rules of mobility in your organization and help you take action in real time to enforce compliance and stop potential data leaks before they happen.

3. Utilize an Enterprise App Store

To be sure the apps being used in your organization are of the utmost security and effectiveness, your IT department should leverage the capabilities of an enterprise app store. By utilizing an enterprise app store, you can simply and securely select, make available and distribute a wide range of key public and enterprise apps without compromising policies, productivity or the overall end user experience.

4. Ongoing End User Education

Although having security protocols around apps is common sense to IT departments, the same cannot be said for end users. Organizations must provide education with regard to best practices for app usage and mobile device use. It’s important to express the dangers of downloading apps from untrusted sources, whether they are from third-party app stores or links not sent from IT (phishing); highlight the threats associated with accessing corporate data and documents from unapproved apps; and inform them about the personal and corporate problems stemming from jailbreaking personal smartphones and using them for work. Doing this periodically will help keep your end users updated on new forms of potential attacks and help protect them from themselves.

Fighting Off Mobile App Threats

As the mobile app landscape evolves, so, too, will the threats that can take advantage of the tiniest of vulnerabilities. Acting on these four tips can help your organization combat malicious attacks and fight off rapidly advancing mobile app threats before it’s too late.

More from Application Security

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

‘Patch Tuesday, Exploit Wednesday’ is an old hacker adage that refers to the weaponization of vulnerabilities the day after monthly security patches become publicly available. As security improves and exploit mitigations become more sophisticated, the amount of research and development required to craft a weaponized exploit has increased. This is especially relevant for memory corruption vulnerabilities.Figure 1 — Exploitation timelineHowever, with the addition of new features (and memory-unsafe C code) in the Windows 11 kernel, ripe new attack surfaces can…

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…

Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers

Overview In this post, IBM Security X-Force Red offensive hackers analyze how attackers, with elevated privileges, can use their access to stage Windows Kernel post-exploitation capabilities. Over the last few years, public accounts have increasingly shown that less sophisticated attackers are using this technique to achieve their objectives. It is therefore important that we put a spotlight on this capability and learn more about its potential impact. Specifically, in this post, we will evaluate how Kernel post-exploitation can be used…

Detecting the Undetected: The Risk to Your Info

IBM’s Advanced Threat Detection and Response Team (ATDR) has seen an increase in the malware family known as information stealers in the wild over the past year. Info stealers are malware with the capability of scanning for and exfiltrating data and credentials from your device. When executed, they begin scanning for and copying various directories that usually contain some sort of sensitive information or credentials including web and login data from Chrome, Firefox, and Microsoft Edge. In other instances, they…