You wouldn’t let someone you didn’t know view your personal files, contacts, calendar, or photos; however, you’ve probably unwittingly given companies that market mobile applications access to that information, according to the Postal Service™ Corporate Information Security Office (CISO).
“Many of us don’t think about the access we routinely grant applications,” said CISO Information Systems Security Manager Dan Holmberg.
Apps often request location information and permission to send notifications to a user’s mobile device. For some apps, the information may be necessary for travel arrangements, traffic alerts, and weather updates.
Some apps request more access. For instance, a popular free mobile game requires access to the user’s calendar and contacts, Wi-Fi connection information, photos, and videos.
“This could result in your phone being tracked for unintended purposes or your contact list being used to ‘advertise’ applications as being ‘endorsed’ by you,” said CISO Manager Chuck McGann. If an app wants too much personal information, McGann recommends shopping around for a different app.
“Check your smartphone configurations on a regular basis to make sure one of these ‘free’ applications didn’t start an unauthorized service,” McGann said.
McGann also advises parents to review apps before allowing children to download them.
— Corporate Information Security Office,
Information Security Officer, 9-18-14
