They’re all over the company. How do you stop them from becoming a security risk?
More than 500,000 apps are currently available in the Apple Store. Businesses can be pretty certain that employees have a good selection of these apps loaded onto their mobile devices.
Whether an app was created for the consumer or business market with the purpose of improving productivity, providing entertainment, or simply for general knowledge, all apps have one important thing in common: when used in the corporate environment they can expose mobile devices to potential risks.
Despite the downside, employers certainly understand the benefit of these apps: tools that increase productivity, encourage collaboration, increase communication, and enable anywhere access.
So, it’s left to the IT administrator to solve the security dilemma: how can companies protect their data if employees have unlimited access to corporate intellectual property as well as the enterprise network?
While every corporate environment is different, most organizations of any size can and should implement mobile application management strategies. While in no way a comprehensive list, the dos and don’ts below is a good place to start when it comes to formalizing a strategy that can help you protect your enterprise.
Mobile Application Management Dos
-Have a mobile application strategy and do NOT let mobile apps “just happen.”
-Choose which business processes to mobilize and the specific needs (customer interaction, field data, prospect engagement by sales) to serve.
-Choose your development approach. You can create your own from the mobile platform software developers kit (SDK), purchase off-the-shelf applications, or choose a Mobile Enterprise Application Platform (MEAP).
-When purchasing off-the-shelf apps, it’s critical that you perform your own security and performance tests, and not rely on the public application marketplace..
-Make sure the applications leverage the available security APIs in the respective mobile platform SDKs that meet your data security requirements.
-Have a secure app distribution architecture.
-Have an application discovery platform (AKA a private app store…yours).
Mobile Application Management Don’ts
-Don't overlook each app's system requirements on different devices. Be sure the mobile app you’re deploying will peacefully coexist with apps already installed.
-Don't assume that tools and operating systems work the same way in mobile environments as they do on the desktop.
-Don't assume the new mobile app will not impact the performance of native apps.
-Don't forget to verify app installation.
-Don't forget to audit installed apps for non-compliance.
-Don't assume your MDM system supports all your platforms.
-Don't rely on users to configure required apps.
-Don't disregard a mobile device's network status.
-Don’t have less stringent rules for the executive team. Their devices and data are usually more valuable than an entry-level staffers.
Application management is the critical path for the security of a device and its data. Defining the policies for application usage and data security should be a mandatory exercise for every organization, no matter what their size.