Cupid's arrow could sting for CIOs this Valentine's Day

With Valentine’s Day coming up, CIOs operating in the BYOD era must be aware of the potential security risks of employee use of online dating apps.

A report from Flexera Software analysed the 25 most popular dating apps available for iOS, including Grindr, OKCupid and Tinder, and found that the functionality and behaviour of these apps could violate many companies’ internal BYOD policies.

A wide majority of the apps were capable of accessing a device’s location services (88%) and support ad networks (76%), the report found.

Some 60% are capable of accessing the device’s social networking apps and SMS/texting functions, 36% can access a device’s calendar and 24% can access the address book.

Depending on a company’s business, risk profile and BYOD policies, apps capable of these behaviours may or may not be seen as risky, the report states. They may also fall afoul of some organisations’ confidentiality and privacy policies.

“IT operations team have significant experience and expertise when it comes to traditional enterprise apps — so they understand what the apps do, how they work, what data they access and whether or not they are risky. However, mobile apps are another story,” Flexera Software VP of Product Management Maureen Polte said.

“Most IT operations professionals do not have the faintest idea what apps are loaded onto employees’ BYOD devices and whether those apps behave in a way that the organisation would deem risky.”

She said companies should have processes in place to test all traditional and mobile apps that will be hitting their networks and blacklist any they deem to be in violation of their policies.

Image courtesy of Nan Palmero under CC