Mobile // Mobile Devices
News
8/21/2012
12:36 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Implement Malware Savvy Mobile App Policy

Mobile application policy can be tricky when there are rogue apps that can threaten your company's security. Here's how to create a corporate policy for the bring-your-own-device crowd, according to MobileIron.

As more personally owned smartphones and tablets infiltrate the workplace, IT pros are having to develop company policies for mobile applications. Most IT shops have managing email down, but when it comes to assessing the risks associated with mobile apps, it can feel overwhelming. Malware especially is a rising threat. That's why it's important to take the time to develop an effective mobile app policy for the bring-your-own-device crowd. Follow these tips for a good start.

-- Base it on your corporate policy. BYOD policies tend to be slapped together with not much thought behind them. A hurry-up job is the wrong way to go about deploying a BYOD program. Start with the policy for your corporate-owned phones, which is probably well-established and has withstood the test of time, and expand it for BYOD with the specific needs of your organization in mind.

-- Recognize the malware problem. As more apps are deployed into the enterprise by way of smartphones and tablets, the possibility of malware increases. According to mobile device management software company MobileIron, mobile malware is on the rise. Types of malware attacks include SMS or phone dialing for premium-rate fraud; data stolen or destroyed via Trojans and viruses; operating system exploits to root or disable the device; and stolen credit card information through the use of key loggers.

Apps in the iOS platform often are "sandboxed" so they are harder to penetrate. However, malware still can make its way onto devices--through websites, email attachments, and ringtones. It can creep in through text messages or Bluetooth, Wi-Fi, USB, or mobile-to-mobile connections. Firmware breaches and even physical access are also infection possibilities.

-- Spell out approved app sources. Apps can come from many places. Although your enterprise might have its own app store, many smart phone and tablet users will want to download apps from popular app stores such as the iOS App Store, Android Market, Windows Phone Marketplace, and Blackberry App World. Employees should always use official app stores or at least do some research about the app before downloading it to reduce the risk of malware.

-- Ask employees to stay on alert. Users should regard with suspicion any email notification that tells them to install an application update.

-- Consider restricting app connections. Your policy could restrict apps that hook up to social networks or cloud storage.

Read our full interview with MobileIron on how its toolkit speeds up mobile device management.

Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Nov. 10, 2014
Just 30% of respondents to our new survey say their companies are very or extremely effective at identifying critical data and analyzing it to make decisions, down from 42% in 2013. What gives?
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 16, 2014.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.