Mobile application policy can be tricky when there are rogue apps that can threaten your company's security. Here's how to create a corporate policy for the bring-your-own-device crowd, according to MobileIron.
As more personally owned smartphones and tablets infiltrate the workplace, IT pros are having to develop company policies for mobile applications. Most IT shops have managing email down, but when it comes to assessing the risks associated with mobile apps, it can feel overwhelming. Malware especially is a rising threat. That's why it's important to take the time to develop an effective mobile app policy for the bring-your-own-device crowd. Follow these tips for a good start.
-- Base it on your corporate policy. BYOD policies tend to be slapped together with not much thought behind them. A hurry-up job is the wrong way to go about deploying a BYOD program. Start with the policy for your corporate-owned phones, which is probably well-established and has withstood the test of time, and expand it for BYOD with the specific needs of your organization in mind.
-- Recognize the malware problem. As more apps are deployed into the enterprise by way of smartphones and tablets, the possibility of malware increases. According to mobile device management software company MobileIron, mobile malware is on the rise. Types of malware attacks include SMS or phone dialing for premium-rate fraud; data stolen or destroyed via Trojans and viruses; operating system exploits to root or disable the device; and stolen credit card information through the use of key loggers.
Apps in the iOS platform often are "sandboxed" so they are harder to penetrate. However, malware still can make its way onto devices--through websites, email attachments, and ringtones. It can creep in through text messages or Bluetooth, Wi-Fi, USB, or mobile-to-mobile connections. Firmware breaches and even physical access are also infection possibilities.
-- Spell out approved app sources. Apps can come from many places. Although your enterprise might have its own app store, many smart phone and tablet users will want to download apps from popular app stores such as the iOS App Store, Android Market, Windows Phone Marketplace, and Blackberry App World. Employees should always use official app stores or at least do some research about the app before downloading it to reduce the risk of malware.
-- Ask employees to stay on alert. Users should regard with suspicion any email notification that tells them to install an application update.
-- Consider restricting app connections. Your policy could restrict apps that hook up to social networks or cloud storage.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
2017 State of IT ReportIn today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.