Mobile application policy can be tricky when there are rogue apps that can threaten your company's security. Here's how to create a corporate policy for the bring-your-own-device crowd, according to MobileIron.
As more personally owned smartphones and tablets infiltrate the workplace, IT pros are having to develop company policies for mobile applications. Most IT shops have managing email down, but when it comes to assessing the risks associated with mobile apps, it can feel overwhelming. Malware especially is a rising threat. That's why it's important to take the time to develop an effective mobile app policy for the bring-your-own-device crowd. Follow these tips for a good start.
-- Base it on your corporate policy. BYOD policies tend to be slapped together with not much thought behind them. A hurry-up job is the wrong way to go about deploying a BYOD program. Start with the policy for your corporate-owned phones, which is probably well-established and has withstood the test of time, and expand it for BYOD with the specific needs of your organization in mind.
-- Recognize the malware problem. As more apps are deployed into the enterprise by way of smartphones and tablets, the possibility of malware increases. According to mobile device management software company MobileIron, mobile malware is on the rise. Types of malware attacks include SMS or phone dialing for premium-rate fraud; data stolen or destroyed via Trojans and viruses; operating system exploits to root or disable the device; and stolen credit card information through the use of key loggers.
Apps in the iOS platform often are "sandboxed" so they are harder to penetrate. However, malware still can make its way onto devices--through websites, email attachments, and ringtones. It can creep in through text messages or Bluetooth, Wi-Fi, USB, or mobile-to-mobile connections. Firmware breaches and even physical access are also infection possibilities.
-- Spell out approved app sources. Apps can come from many places. Although your enterprise might have its own app store, many smart phone and tablet users will want to download apps from popular app stores such as the iOS App Store, Android Market, Windows Phone Marketplace, and Blackberry App World. Employees should always use official app stores or at least do some research about the app before downloading it to reduce the risk of malware.
-- Ask employees to stay on alert. Users should regard with suspicion any email notification that tells them to install an application update.
-- Consider restricting app connections. Your policy could restrict apps that hook up to social networks or cloud storage.
Building A Mobile Business MindsetAmong 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps – and it's past time for those with no plans to get cracking.
InformationWeek Must Reads Oct. 21, 2014InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.