Data Collected by Free Apps: How Safe Are They?

You can get the Ai.type emoji keyboard app for free on Google Play. It allows Android users to customize and personalize their keyboard using various layouts, themes, fonts, colors, and emojis.

The app has become so popular with smartphone and tablet users that as of this writing, there have been more than 40 million downloads of the app.

Recently, however, some security researchers found personal data of 31 million users of the keyboard app after they found an open database online.

Eitan Fitusi, CEO, and founder of Ai.type admitted that there was a breach but denied that the reported data exposed was that extensive.

Mr. Fitsui said the data was in a secondary database and data gathered pertaining to the users’ behavior involved only the ads that they clicked.

A misconfigured MongoDB database was said to be the cause of the leak.

The company has also shut down the database and Mr. Fitsui has assured the public that users’ data is now secure.

In this case, the data involved was not sensitive. For a number of years, however, several data breaches involving sensitive user information, have occurred in the U.S. alone.

According to reports, there were 781 data breaches in 2015 with 169.07 million data exposed. In 2016, there were 1,093 data breaches that exposed 36.6 million data.

When sensitive data is exposed and used by cybercriminals, it can be very costly for a business. Statistics show that the average annualized cost of cybercrime attacks in the U.S. amounted to 21.22 million USD in 2017. Germany comes in second with an average of 11.84 million USD.

It is imperative, therefore, for companies to take necessary steps to prevent data breaches from occurring:

1.   Identify areas where data breaches may take place

Companies need to know what specific areas they may be vulnerable to cybercriminals. Cybersecurity experts can do this for you and provide you with solutions on how to address threats to security.

2.   Data should always be encrypted

Most operating systems come with full-disk encryption tools. Just switch them on and all files in your system will be encrypted automatically. However, this feature is not foolproof. Encryption activates only in situations where there is no need for a login. So, hackers can still get into the system with malware or a virus if no one is attending to the system. To prevent this from happening, computers should be set to automatically log out after five to ten minutes of inactivity.

3.   Prevent exfiltration of data

This can occur with individuals who have physical access to a computer. Sometimes this happens because of broken business processes. There are cases, however, when electronic equipment with sensitive information gets stolen. This can be prevented if all computers are physically locked down. Businesses also need to integrate security management solutions into data loss prevention in order to stop data breaches during external data transmission.

4.   Develop and implement policies for the proper disposal of data and devices

Data breaches can also occur if electronic equipment and data are not disposed of properly. For example, before any device is disposed of, all disk drives should be wiped clean of all data. Documents and other records on paper should be shredded.

5.   Security should be part of company culture

All employees should be trained on how to guard against data breaches. Employees should be told what internet practices are prohibited within the office and on company devices.

All policies regarding cybersecurity should be incorporated into employee training and should be tested regularly.

 

The best way to avoid data breaches is to consult with IT specialists who can help develop and implement policies that will help protect data.

Cybersecurity should be a priority for all businesses. By applying these simple steps to your organization, all information will be safe and you may be saving your business from being involved in an expensive lawsuit.

The post Data Collected by Free Apps: How Safe Are They? appeared first on Netswitch Technology Management.



This is a Security Bloggers Network syndicated blog post authored by Press Release. Read the original post at: News and Views – Netswitch Technology Management