A fitness app, called Polar Flow, was recently found to be exposing the name, profile picture and whereabouts of high-ranking military personnel by oversharing user location data. Unfortunately, this is not the only security incident leaking user location. Back in February, Appthority noted how students had been able to piece together data on US military personnel and bases from Strava data.
Further, Appthority’s Q2 2018 Mobile Threat Report revealed how 25 million GPS location records (among other sensitive data) are exposed to the world from apps with insecure backend servers. These security incidents show that empowering users with the decision to allow or deny an app permission to access location data is not a strong enough security approach for organizations wanting to keep that data more private.
When an enterprise wants to ensure its location privacy, there are several aspects to consider:
- Do you trust the app accessing the location data?
- Do you trust the location where the data is stored?
- Do you trust the security of the systems storing data
- Do you trust third-parties to the app with your data?
Appthority provides enterprises with visibility into these aspects through its mobile security solutions but other contextual information can also be helpful in creating and enforcing organizational policies against certain types of location access. Here, we identify the common reasons why apps access location and how enterprises can use such information for security management and in creating security policies.
Since most enterprise devices are on the iOS platform and iOS provides a structured way of describing why apps access location, we focused our analysis on iOS only. We looked at 621,315 unique iOS apps with ‘when-in-use’ location access and 279,604 unique iOS apps with ‘always-on’ location access. By analyzing the “NSLocationWhenInUseUsageDescription” and “NSLocationAlwaysUsageDescription” keys in the iOS plist, we identified a set of common reasons for these two types of location access.
|Reason for Location Access|
Apps Accessing Location
(Out of 621,315)
|For calculating the distance, speed, arrival time or route|
|For showing or finding nearby stores or branches|
|For showing nearby offers and rewards (possibly ads)|
|For showing nearby events|
|For sending location-based alerts or notifications|
|For tracking fitness, training and running|
|For finding nearby friends or sending user location to friends|
It is not surprising that one of the most common reasons for accessing location for both types of access is for calculating the distance, arrival time and route. After that, ‘when-in-use’ location access is most commonly used to show nearby stores or branches, while ‘always-on’ location access is most commonly used for sending location-based alerts and notifications as well as for showing nearby offers and rewards. Note that individual users are allowed to force an app to use ‘when-in-use’ location access, although the app requests for ‘always-on’ location access.
Based on this information, enterprises may consider implementing mobile security policies that:
- Block both types of location access for advertising and for showing offers and rewards and inform users about alternatives, including using paid apps
- Encourage users to only allow ‘when-in-use’ location access, except for apps that send location-based notification, alerts or messages during disaster or emergency.
- Do not allow employees with high security clearances to share their location with friends or apps that re-share the location.
Each enterprise has its own views on risk and data sharing that can be supported by creating unique policies. Contextual information, such as the type of location access, the reason for location access, the app category, as well as the user’s security level, are some of the many criteria that enterprises can use to create security policies. While our aim is to provide valuable insights into why apps access location and how they can be used in enterprise security policies, the impact of creating your own unique policies should be tested and analyzed before the policies are deployed to enterprise employees.
Learn more about Appthority MTP’s easy and flexible scoring and policy options.
*** This is a Security Bloggers Network syndicated blog from Mobile Threat Blog Posts | Appthority authored by Su Mon Kywe. Read the original post at: https://www.appthority.com/mobile-threat-center/blog/8-reasons-mobile-apps-access-location-security-policies-to-consider/