Mobile applications are becoming a priority in the enterprise, and with good reason – they enable companies to achieve higher levels of workforce productivity, employee satisfaction, and revenue. However, along with all the positives associated with mobile apps, there are significant security concerns. Employee use of third-party apps to share corporate data or edit sensitive content invariably puts corporate information assets at risk.
The good news is that it’s possible to mitigate this risk while still granting employee access to productivity-enhancing (and revenue-boosting) mobile apps. Here’s how:
- Make mobile application management part of the bigger picture. Deploying, securing, and managing mobile apps should be part of the larger Enterprise Mobility Management (EMM) strategy.For example, Calero’s application management service is a core component of our broader managed mobility services. By managing devices, data, content, services, and apps, we holistically address the enterprise’s mobility needs and enhance information security.
- Blacklist high-risk apps. Conduct an audit to identify which mobile apps pose the highest risk, and blacklist them within the enterprise. Commonly blacklisted apps are DropBox, Facebook, Google Drive, SkyDrive, Angry Birds, and Netflix. If you blacklist a high-risk productivity app, be sure to offer a low-risk.
- Leverage an enterprise application catalog. An enterprise application catalog enables users to view, download, and update corporate-approved apps, based on the end user’s profile. It enhances security, increases manageability for IT, and makes compliance easier for employees.
- Manage and enforce policies. Proactive management is perhaps the most important component of a successful mobile app program. For starters, IT will need to track and update app versions efficiently, as well as resolve user issues that arise along the way. For security, IT will need to restrict access for jail-broken devices; configure automated enforcement actions based on the end user’s profile; wipe the device remotely; and block network access when necessary.