The rapid proliferation of smartphones has left companies at a crossroads between accommodating their employees and securing their enterprise network. This does not have to be an either-or decision, however, there are many ways IT can safeguard their network while still encouraging a Bring-Your-Own-Device (BYOD) environment. After all, we recently read just how important this can be. A November study conducted by Cisco showed that one-third of college students and young professionals under the age of 30 value device flexibility over salary when considering a job offer, and 45% said they would accept a lower-paying job that allowed more device flexibility.
As smartphones increasingly find a home in the enterprise space, IT departments are faced with security obstacles that naturally occur when multiple unregulated devices and software versions run on the corporate network. This problem persists with every software update or new device release, which makes it critical for companies to implement a solid mobility management solution.
A successful mobility management strategy must be comprehensive. While device and software choices is one factor, as evidenced with the Cisco study, setting expectations and limits to what employees download and run on their devices (especially mobile applications) is just as important.
Leveraging mobile apps in the workplace is quickly gaining traction, but it is not a new phenomenon. In fact, mobile apps have been popular in the corporate world ever since the introduction of wireless email capabilities via BlackBerry devices. However, as smartphones have been more widely adopted for personal use, mobile consumer apps have exploded since.
In the future, we can expect a similar surge of business apps that perform basic business functions and improve productivity. We are already beginning to see this with the Salesforce mobile app, for example. While a physical device has virtually no return on investment, mobile apps installed on these devices can increase efficiency and provide a demonstrable return on investment.
Many companies have also started to develop their own mobile apps exclusively available to employees; they can perform business functions such as order processing, inventory queries and pricing information -- all in real time. As mobile apps continue to penetrate the enterprise market, IT executives must develop a solid strategy for managing these apps in conjunction with their overall MDM solution.
While applications are typically the most common culprit related to security breaches, companies should keep in mind that mobile application management is not the final solution for mobility needs. Individual solutions implemented sporadically and in silo will not effectively optimize network performance and security. Application management is only a piece of a long-term, comprehensive suite of solutions administered to ensure proper control over the enterprise network.
Here are five steps that can serve as a roadmap to your business’ enterprise application management strategy:
1. Know Your Network
The most important rule of thumb, and the first step IT departments should take, is to have a clear understanding of their network. It is critical for IT to know everything, both hardwired and wireless, that has access and is running on their enterprise network. If not, the IT department is setting itself up for serious issues and potential security breaches down the road. A robust device management platform will provide valuable insight into the network.
Once you have a clear understanding of your network, the next step is to know which applications are running on every device. This should not be invasive, as it is more about protecting your network from rogue apps and security breaches, as opposed to monitoring your employee’s time spent playing Angry Birds.
So what are rogue apps, exactly? They are simply applications designed to carry out additional functions -- generally negative -- beyond what is directly conveyed to the downloader. On a deeper level, rogue apps have the potential to tunnel into the enterprise network and obtain private corporate data, which can seriously compromise your security.
So what can you do about this?
2. Implement Minimum Baseline Security Measures
Security and application management standards go hand-in-hand. Since applications on wireless devices are the most common source of security breaches in the enterprise space, implementing proper controls and regulation policies over the long-term must go far beyond the physical device.
To safeguard the corporate network from security gaps that arise with mobile apps, IT executives should, at the very least, establish an application whitelist. This is a company-wide list of approved apps that have been tested and deemed safe by IT. If IT discovers an unapproved app running on the enterprise network, the device can be automatically disconnected.
A whitelist, however, is based on the honor system. At times, this can be unreliable. A better option is to develop a corporate app store, exclusive to your business network.
3. Develop a Corporate App Store
A corporate app store is the most effective solution -- regardless of the nature or size of the business -- to manage and overcome potential security threats that unregulated or rogue apps pose to your network.
Corporate app stores can be customized to suit your company’s unique needs: it can contain only third-party apps that have been approved by IT, only apps developed exclusively for your company, or a combination of both. Most importantly, a corporate app store gives you control over the devices running on your enterprise network.
Once developed, the corporate app store becomes the only place an employee can download an app for use on the company network. Employees can recommend and request apps -- for both business and personal use. If approved, the apps are posted and downloaded directly in the corporate app store.
In this regard, it is important to develop a standard policy and procedure for testing and approving apps.
4. Establish a Procedure for Testing Apps
When an employee requests an app for inclusion in the corporate app store, perform a test on your network to decide if it is safe to download. It is important to ensure a speedy approval process; if it takes too long to approve or block an app from your corporate app store, employees may get frustrated and find a way to circumvent IT and access the app (which can compromise security).
5. Manage Your Corporate App Store Long Term
A corporate app store, which is akin to managing and maintaining an inventory, is a critical element to any successful enterprise management plan. Managing a corporate app store is. Just as you have an inventory manager at a warehouse, you need to delegate a member of your team to be the “Corporate App Manager.” This does not need to be the sole function of a position, yet there should be one person responsible for overseeing and managing all aspects of the corporate app store.
On a day-to-day basis, the mobility application processes should be aligned with the strategies and processes IT follows with any new software implementation -- or while managing the corporate intranet. This includes testing and approving requested apps, incorporating them into the enterprise app store, and ensuring everything is functioning properly.
For small-to-mid-sized companies with more limited IT capacity, this can become a component of your overall managed services package; your corporate app store may be comprised of only third-party applications. Apple, for example, offers bulk purchasing options specifically for companies that have their own corporate app store. Instead of approving an application and having every employee download and pay for each one, companies can buy 1,000 copies for their corporate app store. Alternatively, companies can automatically equip all devices on their network with specific apps.
Regardless, it is important to realize a corporate app store can be a key component of an effective device management strategy. It is not a stand-alone piece, but rather part of a comprehensive mobile-device-managed suite of services that companies should be running to ensure proper security measures are in place.