Wednesday, November 27, 2013
Researcher: Free file sharing apps riddled with vulnerabilities
Modern technology trends have changed the way professionals function.
Modern technology trends have changed the way professionals function. Today, increased collaboration is the norm, even among colleagues who are dispersed across large geographic areas. The increase in Internet access in many markets has resulted in close connectivity among workers and clients, but has also increased the need for secure file sharing tools.
With bring-your-own-device policies being adopted at an accelerated rate, IT leaders are struggling to control employee activity on mobile, desktop and other devices. One of the major challenges for today's IT managers is getting workers to avoid using malicious smartphone and tablet applications.
However, a large number of professionals utilize such apps, particularly free file sharing tools that can be downloaded in seconds from the Apple App Store and other app portals. The main attraction of these programs is that they are usually free. Even so, the security risks associated with them mean they should not be used.
Bruno Oliveira of Trustwave Holdings recently conducted a study to test how vulnerable free file sharing apps are, according to ITBusiness. The source noted that Oliveira looked into finding ways to breach 10 different consumer-grade file sharing tools for the iPhone and found that it was rather simple to access the respective programs.
"If you go deeper on these applications, they are very badly designed," Oliveira told the source. "If you are going through the application, you are going through the system - not compromising the application, but all of the iOS device."
He stated that it was so simple to circumvent the rudimentary security features of these apps that even a low-level hacker would have no trouble breaching them.
New tools to combat threats
This is a major concern for enterprise leaders because the threat landscape is constantly evolving, meaning the use of such tools can leave organizations open to the latest and most damaging cyberattacks. For example, eWeek reported that PandaLabs found nearly 10 million new strains of malware were created between January and September.
One of the best ways to prevent employees from using these devices is by introducing secure file transfer tools into the organization's tech environment. In most cases, these programs offer more features than free applications that are susceptible to outside access.
Also, businesses that operate in virtual settings can leverage cloud FTP software to help employees share data and collaborate in a secure network. These solutions may not be free, but they are certainly less costly than the financial ruin, regulatory penalties and security overhauls that are common with data breaches.