A new study has found that employees installing dating apps on corporate-issued or Bring Your Own Device (BYOD) phones could create potential security risks for a business.
The report, from application readiness expert Flexera Software, looks at how the functionality and behaviour of many popular dating apps could in fact violate an organisation’s BYOD policies – which allow employees to access corporate networks from their own smartphones.
The company examined 25 popular dating apps available in the App Store, including Bumble, Coffee Meets Bagel, LOVOO and Tinder, assessing them for potential risks.
Using its AdminStudio Mobile – which helps organisations identify, manage, track and report on mobile apps – Flexera Software tested the apps to determine whether they interact with certain iOS functionalities, such as location services, sharing and calendar.
During the test, the company found that 88% of the apps, including Grindr, OkCupid and Tinder, can access a device’s location services, which according to Flexera, could cause confidentiality and privacy concerns for organisations.
The study also found that 76% of the apps tested, including Blendr, HowAboutWe and Zoosk, support ad networks, and 60% can access a device’s social networking apps, as well as SMS/texting capabilities.
And almost a quarter of the dating apps (24%), are actually able to access the device’s address book, with 36% being able to view a device’s calendar – two areas that could cause an infringement on BYOD policies and put both corporate and personal information at risk.
However, out of all the apps tested, Match.com was the only one that had the capability to access a device’s sharing function, which if manipulated, could risk personal employee data or content being shared with a corporate social media site.
According to the report, some companies have policies against allowing apps onto employer-issued or BYOD devices capable of accessing the share function, in order to prevent this.
Speaking about the study, Vice President of Product Management at Flexera Software, Maureen Polte said: “IT Operations team have significant experience and expertise when it comes to traditional enterprise apps — so they understand what the apps do, how they work, what data they access, and whether or not they are risky. However mobile apps are another story.
“Most IT Operations professionals do not have the faintest idea what apps are loaded onto employees’ BYOD devices and whether those apps behave in a way that the organisation would deem risky.
“That’s why we recommend that organisations centralise their Application Readiness processes to test all apps, including mobile, that will be hitting their networks — allowing IT Operations teams to ‘blacklist’ any they deem to be in violation of their policies.”
The study has certainly identified an area of safety that many companies may not have considered when issuing employees with corporate or BYOD devices.
However, given the growing popularity of dating apps, it could be something which we see companies tighten their grips on in the near future.
For a visual representation of the findings, see the infographic below, or download the report here.
