It's often said in security circles that a massive percentage of intrusions and breaches could be thwarted by the IT equivalent of eating your vegetables and exercising regularly. Whereas CFOs are often attracted to—or, in some cases, repelled by—the shiny objects of high-end security defenses, the mundane wash-your-hands-before-eating rules have the most impact. That means not reusing passwords, never clicking on unknown links, logging off before walking away and 50 other boring but amazingly effective tactics.
One of the easiest on that mundane list is simple app maintenance, the practice of routinely deleting unused apps and scanning your systems to watch for anything that is on your system that you don't know about. As Tech Republic just noted in a piece about Android apps, this process absolutely hits mobile environments as much as desktop/laptop ones. That said, there's also a big difference.
Although it's absolutely possible for malware disguised as an app to sneak into someone's phone, the icon nature of a smartphone's GUI makes it a bit harder to hide. That doesn't mean a mobile end-user can't be tricked—on the contrary, it happens far too often—but deceptive software has a much easier environment to hide on a desktop/laptop.
That's the most popular desktop operating systems—Windows, Linux, Unix and MacOS—are simply horrible at transparency. How often have seen a pop-up alert telling you that some odd-named file, which you've never heard of, is malfunctioning? Then you choose to spend the time to hunt it down and you can't find it on your machine—and ultimately find a Google result telling that it's part of your OS?
That futile exercise raises even more troubling concerns. How many nasty pieces of malware live on my system and don't have the manners to break down so I'm flagged to their existence? And if some cyberthief or cyberterrorist was indeed intent on doing me and my company harm, isn't it possible that they would have the foresight to create bogus web pages—done in a way to be ultra-easy for Google, Bing and Yahoo to find—falsely testifying to the file's innocuous nature?
Strategy One: Don't wait for anti-malware, anti-virus or some stroke-of-luck dialogue box to flag an unknown file. Allocate time every week to review all files and look for and challenge anything you don't recognize. Note to OS manufacturers: Y'all could make this so much easier by labeling every file with the name of the app they are associated with. At least that would make this task far easier. I know you'll never do it, but a guy can dream, no?
Strategy Two: Scan your app list. In Windows, for example, it's easy to do via Add/Remove Programs. Look for anything you no longer use or want and obliterate it. This accomplishes three things: First, it makes "Strategy One" that much easier. Second, lightening the load on your disk can pay pleasant bandwidth and overall operational speed dividends. Third, some malware actively seeks little used apps as places to hide their most venomous files. It's a good strategy. Even the most meticulous IT person is likely to ignore elements associated with a known app.
There are third-party products that specialize in automating much of this (Veracode naturally has its own) but making these routine maintenance tasks part of your regular chores can pay off delightfully. In my book, a day without baffling unknown file dialogue boxes is like a day with sunshine.