The consumerisation of IT and bring-your-own-device (BYOD) trends have been sweeping through organisations up and down the country, complicating the lives of many good IT managers. However, it is not just the devices themselves that create a big worry: employees using smart mobile devices for work purposes don't just make phone calls and check emails; oh no, they run apps too. This might seem like a blatant fact, but for anybody with basic knowledge of corporate security, alarm bells will be ringing.

There are many millions of apps supported by platforms including iOS, Android, BlackBerry, Windows Mobile and Symbian just waiting to be downloaded by unsuspecting individuals with a single click. By letting employees loose on them, there is no way for businesses to monitor the suitability and safety of every app that is being used alongside corporate data. This can have serious implications.

The criminal underworld never sleeps

With the proliferation of smartphones and tablets, targeting apps has now become a profitable business for cybercriminals. Malicious malware and trojans can be hidden in innocent looking third party applications, such as games. These offer criminals ways to spy on the mobile phone users, steal data or infect the corporate network, all without the user’s knowledge. This means without tight controls, there is no way for employees to know what they are downloading. 

According to McAfee, the number of mobile malware samples discovered by McAfee Labs in 2012 was 44 times the number found in 2011, meaning 95 percent of all mobile malware samples appeared in the last year alone. The motivation for deploying mobile threats is rooted in the inherent value of the information found on mobile devices, including passwords and address books, as well as new “business” opportunities that are not available on the PC platform. These dangers have already led enterprises to consider deploying their own custom mobile applications.

It also explains the rise of the enterprise app store. According to a Gartner forecast, 25 percent of organisations will have their own enterprise app store for managing approved apps on mobile devices and personal computers by 2017, something the analyst firm hails as one of the top 10 strategic technology trends for 2013. 

Advantages of an in-house app store

In addition to the obvious security advantages a walled garden approach offers, the benefits of an enterprise app store go well beyond corporate defence.

For starters, there are a number of monetary advantages. By regaining control over which applications can be downloaded and the ability to monitor how many licenses are used, expenditure can be curbed. Enterprise app stores also have very similar functionality to their public counterparts, including an internal app rating feature, which means companies can save money by removing licenses of apps that are not well liked or underused. In addition, enterprise app store systems offer the option to integrate with public stores including Apple’s App Store and its Volume Purchase Programme, which allows visibility across both, enterprise and public app stores.

Moving an app store in-house also brings a number of maintenance and management benefits to the corporate IT department. For example, IT managers regain administrative control and can ensure employees only connect with apps that meet corporate security policies. Another benefit is that an enterprise app store simplifies implementation of apps to larger groups through the ability to push apps to whole sections of employees at the same time.

Consider an integrated approach

For organisations still struggling with mobile device management itself, the need to control employee app usage is another unwelcomed complication. However, there are already a number of integrated mobile device management (MDM) software packages on the market that are able to control all layers, including BYOD, mobile app management (MAM) and enterprise app stores. This means devices and apps can be managed under a single hub while the internal app store allows approved apps to be quickly deployed, configured and automatically updated with newer versions.

There is no way of ignoring the problem

While businesses might try and resist the BYOD trend for as long as possible, most enterprises already rely on their employees carrying mobile communications devices, which means a security hole already exists and needs to be addressed. 

This is why my advice would be to deal with the issue head-on while the problem is still in its infancy and easily contained as it is only a matter of time before the next consumer technology trend will try and find a way into your corporate fortress.

Raj Sabhlok is the president of Zoho Corp., which is the parent company of Zoho.com and ManageEngine. Follow him @rajsabhlok.


Enhanced by Zemanta

Find your next job with techworld jobs