College basketball's popular March Madness tournament begins this week, and fans have access to more related mobile apps than ever before. However, people who use such apps on corporate-owned of BYOD devices should beware; many of these apps can burrow into corporate networks and present real security risks.\nSome of the most popular sports-related iOS apps for iPhone and iPad can access users' calendars, share data with social networking sites, send texts, and make repeat calls to premium-priced phone numbers, according to\u00a0a new study conducted by Flexera Software, which makes software that helps developers license apps and ensure compliance.\nMajority of March Madness iOS apps share user data, track device location\nFlexera analyzed 28 iOS apps, including the popular\u00a0March Madness Live, Yahoo Sports, ESPN Tournament Challenge, and CBS Sports, and found that nearly all of them had potentially problematic features.\nMarch Madness Live, for example, can access and share users' calendar information on social media sites, and it links to ad networks, which can act as backdoors for malware. In fact, 26 of the 28 tested apps can access and share this information, and another 79 percent, including CBS Sports, Dish Anywhere and ESPN Tournament Challenge, can access iOS devices' location tracking features, according to Flexera.\nThe location features are often used to push relevant ads based on users' locations, but they can also track individuals. Fortunately, it's easy enough to turn off the feature \u2014 just open your iOS Settings, scroll down to the app you're concerned about, tap it and then uncheck the location permission button.\nFlexera found that 25 of the apps it analyzed can access iOS telephone functions. Though not particularly common, malware that places repeat calls to expensive premium numbers, usually in another country, has been discovered by researchers in the past.\nApps that access SMS functionality can potentially read text messages stored on users' phones, or create text messages and send them to random recipients, such as device contacts, if the apps also have access to contact lists. Flexera found that 19 of the apps it examined can access SMS text features.\nShould you be worried if you use March Madness apps?\nA successful attack on your company's network using one of these types of apps is unlikely. On the other hand, if one did occur you may be responsible for any associated damage\u00a0\u2014 and it could cost you your job.\nIf you work in a security-conscious environment, check in with your IT department and ask about the specific policies they have to govern personal phones that are used for business. Even if you don't use your phone for work, it's a good idea to get in the habit of checking app permissions whenever you download new software. It only takes a few seconds, and it can help avoid any number of unpleasant surprises.\nMeanwhile, enjoy the college hoops.