Mobile malware created to compromise device or data security is often portrayed as the single biggest threat to enterprise mobile security. However, the mobile malware threat is mostly based on hype, not facts. Malware is seldom found on enterprise devices, which use mobile device management solutions to restrict users to only download apps from official app stores, and is thus not a primary threat to the enterprise.
According to a recent Appthority study, malware infects only 0.4 percent of mobile apps in the enterprise and zero of the apps found in the Top 400 most popular iOS and Android apps.
In fact, there is a much more immediate risk to enterprise environments. This risk stems from a lack of transparency in the way app stores handle post-release revocation of apps. When an app is removed from an app store – whether it was for security or vulnerability concerns, violation of app store terms and conditions, developer end-of-life plans or any other reason – the apps are removed from the app store but remain on users' mobile devices, in the wild.
An app that is no longer available from the respective app stores is an app that is no longer in a position to be updated for bugs, vulnerabilities or security fixes. In some cases, the app may have been abandoned or the domains associated with the apps have expired. These “dead” or “zombie” apps are also now in a position to be exploited by third parties, offering fake updates and content or targeting known vulnerabilities that were never patched.
According to our research, while malware can be found on less than 0.5 percent of apps, dead apps represented as much as five percent of total apps found on enterprise devices – an orders of magnitude difference.