Check Point Software has released a new study analysing the authenticity of business apps on thousands of iOS devices. It discovered that the majority of enterprise certificates for these apps were linked to mystery developers with shady reputations. Just what are your employees downloading?
As part of a case study, Check Point researchers analysed the enterprise apps on approximately 5000 devices in a Fortune 100 company. They found that 318 unique enterprise apps had been installed, 116 of which contained unique enterprise certificates. These are certificate signed by Apple that developers can use for signing apps they create in XCode.
While the relaxed restrictions on these apps can be convenient for businesses conducting large fleet roll outs, there's also an inherent risk. Because they can be installed outside the traditional App Store vetting process, there's a real potential for abuse from third parties.
As Check Point explains: "Third-party app stores like vShare, 25PP, Kuaiyong, 7659 and others abuse certificates as a distribution method. These third-party app stores register as an enterprise with Apple to enter the program and obtain an enterprise certificate. They use the certificate to install apps on their customers’ devices, claiming they are “staff members.” "
As the above graph shows, most of the certificates in Check Point's study belonged to developers with little or no information about their reputation.
According to Check Point, this potential security flaw could be used to install malicious apps on enterprise employees’ iPhones and iPads and stage man-in-the-middle attacks that hijack communications between managed iOS devices and Mobile Device Management (MDM) solutions. You can read more on Check Point's website.
[Via Check Point]