Is Mobile App Security Part of Your Device Management Policy?
September 03, 2012
By David Gitonga
, TMCnet Contributing Writer
BYOD strategies are taking many IT departments by storm. With many organizations being very reactive rather than proactive with mobile right now, there are many unanswered questions. With these evolving practices, everyone is asking “What should my end-user agreement look like?” or “What should my baseline security policies be?” There is no doubt that risks exist when personally-owned smartphones and tablets infiltrate the workplace. Taking the time to develop an effective mobile app policy within your overall mobile device management solution is important because it lets you scale business operations more effectively.
When developing a BYOD policy, base it on your well-established corporate policy. What is the policy of your corporate-owned phones? Your individual rules are specific to your business needs and is better than doing a hurry-up job of slapping together a not very well thought out policy. Recognizing the existing malware problem is also crucial. Malware is increasingly infiltrating organizations by way of personal smartphones and tablets and this trend is on the rise, according to MobileIron. Even where apps are “sandboxed”, like in the case of iOS apps, malware is still able to make its way onto these devices. Remember that malware can also be spread via SMS, phone dialing for premium-rate fraud, e-mail attachments, text messages through Wi-Fi, Bluetooth, USB or mobile-to-mobile connections.
A BYOD app policy should clearly spell out the approved app sources. People download and install apps from many places with popular destinations being the iOS App Store, Google Play and Windows Phone (News - Alert) Marketplace. Having your own app store or ensuring employees download apps from only official app stores should be part of an app policy to reduce malware risks. Restricting app connections by use of mobile device management apps like MobileIron, Apperian (News - Alert), Boxtone and Citrix offer effective ways of enforcing BYOD app policies.
The goal of any BYOD policy should thus be responsible not restrictive, which will help establish a trusted partnership with the end-user rather than create anxiety and confusion.
Want to learn more about the latest in communications and technology? Then be sure to attend ITEXPO West 2012, taking place Oct. 2-5, in Austin, TX. Stay in touch with everything happening at ITEXPO (News - Alert). Follow us on Twitter.