While many mobile apps add fun and convenience to daily life, some can pose security risks.
Brock Information Technology Services (ITS) cautions the University community that some mobile apps can maliciously gather and share users’ personal information.
Most apps installed on personal devices are not vetted by Brock ITS and may contain vulnerabilities that could be exploited and result in security incidents, such as data breaches, ransomware and phishing attacks. These incidents can put both the user and the University at risk, especially when mobile apps are installed on personal devices that access Brock’s confidential information.
Brock ITS urges its students and employees to consider the risks when installing and using mobile apps, especially on Brock-issued devices.
Mobile app risks:
- Malware — Apps can be used to deliver malware, which can slow down a device, deliver unwanted ads and steal sensitive data, including credit card numbers, personal photos and stored passwords.
- Identity theft — Cybercriminals can use personal information shared on social media apps to impersonate users and access confidential data, such as bank account information.
- Privacy setting loopholes — Personal information and communications posted on social media apps may not be as private as expected and can be accessed by unintended readers or recipients.
- Information collection — Some apps may collect personal information in the background, such as shopping trends, search history and travel patterns, and share it with marketing firms or other agencies without users’ knowledge.
Tips on installing and using mobile apps:
- Research the mobile app — Before installing a new app, do some research to determine if there are any known privacy or security concerns associated with it.
- Pay attention to app permission requests — Users often receive requests from apps to access information (such as photos) or device functions (such as the phone’s microphone) and may blindly grant permission to all apps. It’s important to be aware of the permissions granted to each app and what information apps can access.
- Review the terms and conditions — Read the app’s privacy policies and terms and conditions to be aware of its data collection and sharing policies.
- Download apps from trusted sources — Always download apps from trusted sources, such as Apple App Store or Google Play. Untrusted sources sometimes have legitimate looking apps that are created by cybercriminals to trick users and deliver a malicious payload.
- Don’t overshare on social media apps — Limit and curate what is shared on social media apps. Public sharing settings includes cybercriminals who may be scanning apps for personal information.
Questions about mobile app privacy and security can be emailed to email@example.com