Modern cyber security organizations face significant challenges in the mobile space. Companies like DocuSign use mobile as a competitive advantage and offer a feature-rich user experience. However, its challenge is ensuring external forces external aren't exploiting DocuSign's mobile users.
A common misconception is that the mobile application ecosystem is controlled by a small number of well-known tech giants like Google and Apple. However, more than 150 global mobile app stores have well-stocked inventories, totaling more than 10 million mobile apps and counting.
Due to the diversity and global nature of the mobile app ecosystem, regulations are impossible to enforce. Unfortunately, a common practice is for unauthorized third parties to copy and re-insert branded mobile apps into one or many stores with impunity.
Rogue developers also create apps designed to look, feel and act like a brand. The end goal is to use the brand's value and reputation to attract more users.
In all this mess lurks the cyber thieves whom leverage the same methods mentioned above. Since all mobile apps come pre-configured with data capturing permissions, cyber thieves don't even need to use malware in most cases to access the desired data.
Users are trained to accept permissions as a prerequisite for downloading mobile apps. Very few would question why a flashlight app is asking for access to their contacts, camera, calendar, accounts, etc.
As a Digital Transaction Management (DTM) platform, DocuSign takes cyber security of its customers, company and employees very seriously. RiskIQ plays a critical role in ensuring DocuSign's ability to maintain the integrity of its platform, including mobile apps:
"Vendors like RiskIQ are critical to any fast growing and dynamic company. We look to scalable automation to help manage our digital footprint and integrity of our online presence. RiskIQ allows us to continue our rapid worldwide growth while helping to ensure a trusted global network for our customers to transact business," said Vanessa Pegueros, Chief Information Security Officer for DocuSign.
DocuSign turned to RiskIQ because of the convenience of our SaaS based system and our technology. RiskIQ's solution for digital footprint security discovers, inventories and monitors all apps associated with DocuSign to detect potential cyber security threats. This allows DocuSign to proactively mitigate risk and enforce their cyber security policies.
Many brands underestimate how many potentially harmful apps have already been created in their name and don't monitor the bulk of the ecosystem for potential cyber threats. These cyber threats come in the form of mobile apps that look, feel and act like they're legitimate, easily fooling customers or employees. For detailed information on your organization, please request to be contacted: https://www.riskiq.com/contact or reach out directly via social media @riskiq.