Australians hold a range of organisations responsible for the security of personal data collected by mobile apps, according to a new study by IT services vendor, Unisys.
The national study, The Unisys Security Index, commissioned by Unisys and conducted by Newspoll, surveyed 1200 Australians on who should be responsible for protecting personal or financial data collected and stored in mobile apps.
The findings show that Australians put the weight of responsibility on the organisation offering the app to their customers or community, as well as government. They see social media companies, app market places and developers as having the least responsibility.
Eight out of 10 Australians surveyed said the provider of the service a mobile app links to is responsible for protecting personal or financial data collected.
Government ranked second most responsible, despite previous Unisys research that indicated only 40 per cent of Australians support greater government surveillance of the Internet.
Unisys Asia-Pacific security program director, John Kendall, said mobile apps have become a popular way for organisations, such as banks, government departments, insurance companies, and airlines, to interact with their customers, citizens or target community.
“Some apps are very open about the fact that they collect personal data – and this may even be positioned as a convenience to the user. The Unisys Security Index findings show that the Australian public expects these organisations to protect any personal data they collect via mobile apps,” he said.
However, Kendall claimed that mobile apps may also contain hidden malicious code designed to secretly gather and transmit data.
“Individuals must also take personal responsibility to be aware of what information their mobile apps are accessing, particularly if the mobile device the app sits on is being used in the workplace – regardless of whether the device is owned by a company or an employee.”
He also highlighted the need for people to be aware of the risks and take steps to minimise the chance of mobile apps accessing data without permission – both their own and their employer’s.
“Employees could inadvertently allow mobile apps to capture sensitive information such as unencrypted data, location tracking, contacts and sign-on details, putting their employers at risk,” Kendall added.