← Back to CommsBlack Training
Module 11 — App Selection & Risk
📱 1. How Apps Leak Data
- Tracking SDKs and analytics frameworks.
- Permissions for contacts, calendars, sensors and location.
- Background network requests for updates, ads and profiling.
📝 2. App Vetting Checklist
- Who makes this app and what is their business model?
- What permissions does it request, and are they justified?
- Does it still work with tighter network and sensor restrictions?
✅ 3. Safer App Patterns
- Prefer well-maintained apps with transparent privacy information.
- Minimise the number of apps installed, especially in high-risk roles.
- Review app lists regularly and remove what you no longer use.
🧩 4. Per-Kit Strategy
- Shield: broader set, but still curated.
- Shadow: essential tools only; everything else moves to Shield.
- Ghost: minimum viable set for the specific operation.
