How many apps do you have installed on your devices? Several; Today, we use apps for almost everything, from communicating with others to creating a shopping list.
However, some of them can get us into trouble and even into … serious trouble. Let's see what he says Daniel Chromek, Head to themeInformation Security at the global digital security company ESET, about the most common ways we unwittingly put our data at risk through apps.
When suddenly some personal information turns out to be more serious than we thought
We often don't realize that we may be sharing extremely sensitive data, says o Chromek. Such is the case today in the US, where once abortion became potentially illegal in several US states, women were warned about apps they may be using to record their period and track their menstrual cycle or sex life.
Several sources said that if law enforcement authorities have access to uncover possible illegal abortions, these apps can now be used as incriminating evidence against their users.
As explained, for example, by Washington Post "in case of abortion, the address IP would be important because, with the help of ISPs, law enforcement authorities can trace people from the addresses IP». In this case, data that was previously shared without concern, such as addresses IP, quickly turned into sensitive data.
What type of data needs protection?
Every day we deal with our own personal data, but also with the digital information of our employers, employees, colleagues and customers. While public data may be readily accessible to anyone who seeks it, many types of digital information must be carefully handled and protected. These include:
- Internal data – that is, internal communication
- Confidential data - e.g. identification numbers
- Restricted data – eg, government protected data
Understanding her difference between public and sensitive data you may be able to avoid compromising any digital information that should remain private. However, data classification can also change due to personal, professional or even political reasons, so never handle any digital information carelessly.
The most common applications and their risks
Many people don't read the Terms and Conditions – although it is highly recommended that you read them before using any new app or signing up for any new service.
This is especially true if you plan to use the app to manage not only your personal information but also work-related material. We all use many of these applications so often that we may not even think about their potential impact on our digital security.
Let's look at some apps that may compromise your data security according to the Chief Information Security Officer of ESET.
1) Free translation apps
Translation applications often need to process information to turn it into the final, translated text. "It is not a problem to translate a specific word. The problem starts when whole paragraphs and documents are given for translation. When, for example, a lawyer gives the content of a sensitive contract to an insecure translation application, the potential consequences are serious – data breach under the General Data Protection Regulation (GDPR), disclosure of highly sensitive corporate information, etc. Mr.", explains Mr Chromek.
Be careful what kind of data you put into translation apps and be especially careful with unlicensed free apps.
2) Remote access applications
Want to check what your dog is doing while you're at work? Or do you want to turn on the heating before you get home? Remote access applications allow you to do this. However, they also work the other way around: you never know who's controlling who. "Remote access services can become a gateway for outsiders to get into your device, manage it, and steal the data stored on it," warns Chromek.
3) Shared calendars
“Shared calendars often include contact lists. You need at least the email address to share your program with someone. So if they are not secure enough, these apps can be an issue GDPRnotes the Chromek. Additionally, some settings in shared calendars can be confusing for their users, so they may not be sure what data they're sharing with whom: if they're only sharing their calendar with the people they intended to send it to, such as their colleagues , or if they have made their program visible for any outsider to see.
4) Note apps and notebooks
In this case the risks have to do with what you want to use them for. If you use note-taking apps to create shopping lists, there isn't as much risk as there might be if you use them to record notes from your business meetings or even to remember your passwords (for which you should always use a password manager, not any other app). "It should also be noted that these apps often allow images, videos or voice files to be added to your notes, which is another opportunity for data to leak," says the expert. ESET.
5) Format changer apps (format) files
Have you ever had to compress a document to fit quickly into one e-mail. Or change its format, for example, to PDF; One of the common ways to do this is to use an online conversion tool or file format changer application. "Everything that has been said about translation apps also applies to file format changer apps," points out Chromek. These services must process potentially sensitive data in uploaded documents, so always be careful and only use approved applications.
6) Messaging apps
Messaging apps often allow many actions – file sharing, phone calls, video calls, sending messages, voice recordings, etc. As a result, many permissions are needed on your device, including access to your camera, microphone, or storage. Additionally, some messaging apps do not encrypt the information they collect, so when compromised, attackers have access to all the data collected, including sensitive information.
“There is also a difference in the type of security these apps offer in terms of encryption. Most Messengers encrypt data in transit (data in transit) – however, some apps offer additional security by using end-to-end encryption, which means that even the messaging app provider cannot decrypt messages - only communicating parties can," he explains.
7) Public file sharing applications
In addition to potentially accessing sensitive information, most public file sharing applications operate on the cloud. When the provider cloud or your account is hacked, there is a possibility of data leakage. However, some file sharing applications can be combined with transparent data encryption solutions, which can be recommended to increase the security of your data.
Most of the apps mentioned above share some of the same risks.
- First, This makes it a perfect choice for people with diabetes and for those who want to lose weight or follow a balanced diet. cloud that they use to store data may not be secure. By storing personal data, these services cloud access data GDPR.
- We must also remember that some applications use services from third parties, so there is always a risk of service failure.
- Finally, to remain functional, applications need funding and free apps have limited options for funding their activity: through ads, donations, using data for commercial purposes, or selling your data to other services. This only happens if you agree – the possibility of data sharing has usually been mentioned in the Terms and Conditions that many people fail to read.
Always consult your IT or security experts.
In conclusion, apps can be useful in our daily and professional lives, but they all carry risks. Without an IT background, you may not be able to fully recognize the severity of their potential risks, so it is always recommended that you reach out to the IT and your company's cybersecurity policy for each new application you plan to use.
