Stakes are high for leaders when it comes down to deciding where to draw the line on what data can be gathered from corporate devices. Smart apps installed with IT’s blessings to facilitate productivity require the user to input personally identifiable information so they can function. Increasingly, these apps are gathering more information than is easily apparent, enticing the user to relax the default (more restrictive) permissions and grant greater access to data. They then create a false intimacy with the employee using the more personal data.
To blur that line even further, employees often conduct business on their personal devices, some of which may be jailbroken and onto which they’ve downloaded all kinds of unapproved smart apps that co-exist with their business-approved and connected apps. These unvetted apps may have the ability to use machine learning to detect PINs and steal contact lists, documents, images, and other sensitive corporate IP.
The operating system manufacturers aren’t helping. A ScienceNews Magazine article reports that Android has not integrated proposed sensor safeguards into their operating system because its security team is looking for a protocol that strikes the right balance between policing access for nefarious apps and restricting functions of trustworthy apps. It says that a new security system could also run the risk of breaking legitimate apps.
An AppleInsider article cites a study on Apple’s Differential Privacy technology by five researchers from the University of Southern California, Indiana University, and Tsinghua University. It says that “It doesn't go far enough to protect personal information.” It goes on to suggest that "privacy loss parameters" still allow too much specific data to slip through.
Highlighted by Wired Magazine, the study concludes both macOS and iOS 10 have issues. iOS is believed to be more problematic. It also reports that Apple does not disclose its loss parameter, aka its epsilon. This means that Apple could be arbitrarily changing it without being detected. One of the researchers, USC professor Aleksandra Korolova says, “Apple’s privacy loss parameters exceed the levels typically considered acceptable by the differential privacy research community.”
To be fair, both the Android and Apple app stores are vigilant in trying to prevent malicious apps from proliferating on their stores. Google discovered and disarmed a dangerous spyware app, Lipizzan, last year and continues to surveil Google Play for similar threats. Apple has also updated the App Store guidelines with new rules and revised some existing ones related to data security and cryptocurrency. The biggest change is guideline 2.3.12. It states that app developers must now “clearly describe new features and product changes” in the “What’s New” section of any app update. This is all good, provided that users read the section and set permissions accordingly and developers follow the rules.
This leads to the question of what can be done to prevent breaches. An article on CSO Online suggests that most of the time, users will choose convenience over security. This complacency can lead to inadvertent backdoors being opened to snoopy apps. The article offers IT suggestions to simplify usage that cut through security red tape without sacrificing actual security.
There are also some apps and systems being developed that monitor and report unusual sensor behavior that organizations will be able to implement in the near future. For example, the DEEProtect system prevents raw sensor data an app tries to access from being accessed and strips it down to only the features needed to make user-approved inferences. Developed by Supriyo Chakraborty, a privacy and security researcher at IBM, the system allows users to specify preferences about what apps should be allowed to do with sensor data.
At 2017 USENIX Security Symposium, Selcuk Uluagac, an electrical and computer engineer at Florida International University in Miami, and colleagues proposed a system called 6thSense. Users train it to learn their phone’s normal sensor behavior like calling, web browsing, and driving. 6thSense continually checks the phone’s sensor activity against these learned behaviors. If it spots something unusual, like the motion sensors gathering data when a user is motionless, it alerts the user who can see if a recently downloaded app is conducting the data harvest and then delete the app. The team recently tested the system against three sensor-based threats: (1) a malicious app that can be triggered via a sensor (e.g., light), (2) a malicious app that can leak information via a sensor, and (3) a malicious app that can steal data using sensors. They discovered it defeated 96 percent of the malicious sensor operations.