How IT Can Protect Enterprises from Rogue Apps

By TechZone360 Special Guest
Jim Haviland, CSO of Vox Mobile
October 30, 2014

Mobile devices and cloud computing have changed the way companies do business, but as technology has evolved, so has the nature of the threats enterprises face. Just a few years ago, IT departments were focused on preventing damage to computers and networks from viruses and worms. When mobile apps became widely popular, app stores initially struggled to make downloading safe for users, but while some challenges remain, today reputable app sources have weeded out the most dangerous threats through better vetting practices.

Today, the primary danger from the mobile enterprise standpoint comes from what apps do with the information they can access. The threat doesn’t necessarily arise from malicious intent on the part of the app developer. All device designers and app developers struggle with balancing convenience and security. To name just one recent example, the Starbucks app was updated earlier this year when security watchdogs revealed that user data was stored on local devices unencrypted, exposing user data to potential misuse when devices fall into the wrong hands.

But aside from an unintentional risk that can be remedied with an update, as in the case of the Starbucks app, users are vulnerable because of a common business model in the app development community: Many development houses derive their income almost entirely from the user data they sell rather than downloads. Up to 90 percent of app developers generate revenue this way, and although they may claim they are just collecting data to improve the user experience, the truth is that user data – and the company information that passes through user devices – is at risk because of this practice.

Flashlight apps, for example, are notorious for scraping user data. When users download an app that allows them to use the light on their camera as a flashlight, they often unknowingly give the app permission to access their contacts, their geo-location and other data stored on the phone – information the app doesn’t need to operate the light on command. Apps can also push out updates that expand access to user data, and unwary users may give permission without understanding the implications for themselves – or for their employers.

IT departments are aware of the challenges mobile technology presents, particularly issues introduced by the BYOD trend. But to tackle it effectively, IT professionals need to stop thinking of themselves as app gatekeepers, and instead embrace the role of business solution collaborator. They need to work with their business unit counterparts to identify needed tools and find mobile applications that safely deliver the functionality business process owners need.

A leading pharmaceutical company that addressed this issue head-on can serve as a case study. The company partnered with an enterprise mobility specialist to catalog the apps their workforce was using on the job. At the outset of the project, there were about 9,000 devices with more than 9,400 apps, far too many to be thoroughly investigated by the typical in-house IT team, many of which are already struggling to meet urgent support responsibilities.

With the help of an enterprise mobility specialist, the pharmaceutical company discovered that hundreds of employees were using document scanning apps to perform critical job functions. The employees downloaded the scanners to be more efficient, but they were using about 70 different apps for the same function. The IT team and its partner were able to work with users to identify business needs and choose an app that met their requirements while protecting company data. This deliberate process is essential in any business, but particularly important in a highly regulated industry such as the healthcare sector.

Mobile apps have the potential to improve business operations significantly, empowering employees to manage critical business processes on the go, save time and eliminate expenses. Employees recognize this, and that’s why they download productivity apps – with or without permission. But to truly realize the transformative benefits of mobility and contain the threats unauthorized apps can introduce, IT professionals and business unit leaders need to work together, not as gatekeepers to shut down access to apps but as collaborators to give employees the tools they need to do their jobs more efficiently and effectively. 




Edited by Maurice Nagle
SHARE THIS ARTICLE
Related Articles

Consumer Privacy in the Digital Era: Three Trends to Watch

By: Special Guest    1/18/2018

Digital advertising has exploded in recent years, with the latest eMarketer data forecasting $83 billion in revenue this year and continued growth on …

Read More

CES 2018: Terabit Fiber - Closer Than We Think

By: Doug Mohney    1/17/2018

One of the biggest challenges for 5G and last mile 10 Gig deployments is not raw data speeds, but middle mile and core networks. The wireless industry…

Read More

10 Benefits of Drone-Based Asset Inspections

By: Frank Segarra    1/15/2018

Although a new and emerging technology, (which is still evolving), in early 2018, most companies are not aware of the possible benefits they can achie…

Read More

VR Could Change Entertainment Forever

By: Special Guest    1/11/2018

VR could change everything from how we play video games to how we interact with our friends and family. VR has the power to change how we consume all …

Read More

Making Connections - The Value of Data Correlation

By: Special Guest    1/5/2018

The app economy is upon us, and businesses of all stripes are moving to address it. In this age of digital transformation, businesses rely on applicat…

Read More