Commonly blacklisted and whitelisted iOS and Android apps include DropBox, Netflix and Angry Birds. Why aren't more companies blacklisting mobile device apps?

Mathew J. Schwartz, Contributor

August 13, 2013

4 Min Read

9 Android Apps To Improve Security, Privacy

9 Android Apps To Improve Security, Privacy


9 Android Apps To Improve Security, Privacy (click image for larger view)

Which iOS and Android apps do businesses block most?

That honor goes to file-sharing services Dropbox, SugarSync, Box.net and Google Drive. Both Facebook and streaming media services Netflix and Pandora also make the top 10 list of blacklisted apps, as does Angry Birds.

Those findings come via device management service provider Fiberlink, and are based on a study of the 2 million endpoints managed using the company's software. The study found that when blacklisting is used, it's most often employed in the manufacturing and service industries.

[ London smartphone users can breathe a sigh of relief, for now. Read Spying Trash Cans Banned. ]

One big caveat to the findings, however, is that the vast majority of businesses don't blacklist mobile device apps. Notably, less than 10% of studied businesses blacklist apps on iOS devices, and less than 5% of them blacklist Android apps.

When blacklisting is used on iOS devices, an average of five apps get blocked.

Top 10 Blacklisted Apps: iOS Devices

-- Dropbox
-- SugarSync
-- BoxNet
-- Facebook
-- Google Drive
-- Pandora
-- SkyDrive
-- Angry Birds
-- HOCCER
-- Netflix

When blacklisting is used on Android devices, on average seven apps get blocked.

Top 10 Blacklisted Apps: Android Devices

-- Dropbox
-- Facebook
-- Netflix
-- Google+
-- Angry Birds
-- Google Play Movies & TV
-- Google Play Books
-- Sugarsync
-- Google Play Music
-- Google+ Hangouts Why do so few businesses blacklist apps on mobile devices? "Part of the reason is, IT starts to look at what they actually allow on the laptop, and they say, we don't block them on their laptops, so how can we block them on their tablets?" said Jonathan Dale, director of marketing at Fiberlink, speaking by phone.

When businesses do impose app-usage restrictions, "the number-one driver is reducing data risk, and specifically where corporate data ... can go," he said. The second biggest driver is using blacklisting and whitelisting to ensure that a device doesn't contain inappropriate apps, based on how it's used. "It could be a tablet in a classroom, or an iPad being used by hostesses in a casino, and they want to make sure that device is being used for its intended purpose," Dale said. The third biggest concern, finally, is curtailing excessive bandwidth consumption.

Roughly the same number of businesses that blacklist apps also employ whitelisting, which means allowing only approved apps to run on a device. The practice is most prevalent in the retail and services industries, which suggests the devices are being used -- at least in part -- for point-of-sale applications, customer catalogs, product displays and so on.

When whitelisting is used on an iOS device, an average of 16 apps are allowed.

Top 10 Whitelisted Apps: iOS Devices

-- iBooks
-- Adobe Reader
-- Google
-- Citrix Receiver
-- Numbers
-- Dropbox
-- Pages
-- itunes U
-- Keynote
-- WebEx

For businesses that employ an Android whitelist, an average of 10 apps are allowed.

Top 10 Whitelisted Apps: Android Devices

-- NITDroid
-- Adobe Reader
-- Lookout Mobile Security
-- Google
-- Skype
-- Citrix Receiver
-- Android Translator
-- Antivirus
-- ZXing (barcode processing)
-- Google Maps

Given that the majority of mobile devices entering the workplace are now employee owned, can businesses really blacklist and whitelist apps on those devices? Dale said the answer is yes. "What we see is that employees using their own devices are relatively tolerant of having some common-sense restrictions imposed on their device," he said.

For example, people with access to sensitive information might agree to have their camera blocked. Furthermore, dynamic policies can be employed to make restrictions location dependent, so that, for example, cameras -- or bandwidth-hogging media apps -- might be disabled when the device is within a mile of the workplace.

Unfortunately, businesses sometimes find themselves having to block certain apps because they can't block underlying device functionality. "There are certain restrictions that you're not able to push down to a device, and that could be dependent on the OS," Dale said. For example, iOS apps can't be selectively blocked from transferring data via the cellular network -- while allowing Wi-Fi access -- unless they're designed that way from the start.

About the Author(s)

Mathew J. Schwartz

Contributor

Mathew Schwartz served as the InformationWeek information security reporter from 2010 until mid-2014.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights