Russians probably aren't stealing your photos, but that doesn't mean your phone is secure.
Serious questions have been raised this week about how popular mobile application FaceApp handles user data. The panic has died down, but it still provides a good lesson about device management.
With FaceApp, users can take photos of people and quickly perform all kinds of impressive transformations, including aging them, making them look young and changing their gender. If you use Facebook, you’ve probably noticed some of your friends sharing the results.
For the second time since its launch in 2017, FaceApp has gone viral, but on both occasions it has had some vocal critics. The first time, it attracted criticism over its ethnicity-changing filters, but this time, there were fears about its privacy policies.
FaceApp, critics said, was collecting all the photos from your phone and sending them to Russia – possibly for nefarious purposes.
The good news is there’s probably nothing to worry about. Yes, FaceApp’s developer, Wireless Labs, is Russian, but there’s nothing to suggest it’s doing anything untoward. Despite the rumours, FaceApp only uploads the photo you’re editing, rather than all your images, and the data doesn’t go to Russian servers – in the majority of cases, they’re based in the United States.
Of course, Wireless Labs will have access to that data, but it's now largely accepted this furore was little more than a storm in a teacup. What’s more, if you use any form of social media, there’s a fairly good chance your face is already sitting in several databases already.
^ Celebrities have been getting in on the FaceApp action too.
But that doesn’t mean there aren’t useful lessons to be learned from all this – including the importance of device control. Although FaceApp seems to have been given the all-clear, it is actually perfectly possible for mobile apps to steal data and send it to remote servers. There’s also an increasing amount of mobile-based malware, particularly for Android, and rogue apps have even been found in the Google Play store.
If such an app were to find its way onto a staff member’s company smartphone or tablet, it could potentially cause a huge amount of damage to your business.
For this reason, if employees in your business have company phones, we recommend placing some limits on what they can and can’t install. This can easily be achieved with Microsoft Intune, a powerful device management solution that comes with Microsoft Enterprise Mobility + Security.
With Intune, you can define which apps users are able to install, and you can ensure that particular security features are turned on. Without adhering to these rules, these devices will not be able to access your company network and online resources.
The FaceApp panic may have been a false alarm, but there’s nothing to say the next app that gets people worried won’t be genuinely harmful. We don’t advise finding out the hard way.
If you would like to know more about Intune, contact TMB on 0333 900 9050.