Skip to main content

This post is from the Apperian blog and has not been updated since the original publish date.

Last Updated Dec 16, 2013 — App Management expert

Managing Federal Mobile Application Security with MAM®

App Management

In today’s always-on-the-go, bring-your-own-device (BYOD) world, employees want to connect to work through their mobile devices because it gives them more flexibility and makes them more efficient -- and what company doesn't want its workers to work better and smarter? The problem is that IT managers have to manage mobile application security concerns by protecting sensitive corporate data while enabling their employees to be more productive.

This is where mobile application management (MAM®) can come into play. But it’s not only enterprises in the private sector that are struggling with the mobile application security challenge -- federal agencies face the same problems. Federal agencies have to deal with mobile security issues that include employees losing smartphones or tablets which could give unauthorized people access to their networks and sensitive data. Additionally, an employee could unwittingly download an application containing malware and infect an agency’s network.

The answer is to plug these security holes by focusing on the apps that employees download. This includes; restricting which applications may be used and installed, restricting the permissions assigned to each application, installing and updating applications, restricting the use of synchronization services, verifying digital signatures on applications, and distributing the organization’s applications from a dedicated enterprise app store. Application vetting and certification is also important as it sets security, performance, and other requirements that applications must meet and determines how proof of compliance with requirements must be demonstrated.

The federal Chief Information Officers Council agrees that the threats to networks from malicious or vulnerable mobile applications can be mitigated by following best practices for secure application development, as well as the use of application whitelisting, which only allows the installation of mobile applications from an authorized enterprise app store, and application blacklisting, which disallows installation of known vulnerable applications. As part of the mobile application lifecycle, the CIO Council recommends that government agencies also develop a process for vetting enterprise mobile apps to check for vulnerabilities and malware, and digitally sign apps that have been approved. “To manage and secure mobile applications, the [federal agencies] will need to establish guidelines and an environment for mobile application development and testing, and develop a process to vet, certify and sign approved apps,” the CIO council notes. “A MAM solution (product or service) will be required for mobile application management, monitoring, and distribution to [federal agencies] government, or allowed public application stores. The MAM will need . . . to provide app whitelisting and blacklisting services, and to provide apps and updates for installation on managed mobile devices.” We agree that to protect what matters most -- sensitive agency data -- mobile application management (MAM) is the answer. The best approach to protecting sensitive data is with an enterprise mobility solution focused on MAM™, often used with an enterprise app store, or in this case an agency app store. With a MAM™ strategy, federal IT execs can secure and control agency data by managing the enterprise apps that are allowed to access that data. Using MAM™, agencies can encrypt, set, and enforce policies for apps including how they store and share documents. If a device goes missing, IT can wipe the device of sensitive data on demand or remove just the apps they are managing.

Additionally, mobile app management tools enable federal IT manager to develop, test, deploy, and control in-house and third-party mobile apps. Not only that, but employees can also download and use IT-approved and provisioned mobile apps from the agency’s enterprise app store. With MAM™, agencies can also control which workers have access to which apps, depending on their jobs. Just as in the corporate world, more and more government employees will want to access their agencies’ networks from their own devices -- and that means federal IT execs must turn to a MAM approach to ensure their workers are productive and their data is secure.

More from the Blog

View more
Apr 30, 2020

Mobile Application Management: A Forward View

App Management
  IT Is Adapting in the Midst of the COVID-19 Pandemic The Coron ...
Read More
May 19, 2019

Sneak Peek: How Are IT Leaders Driving Mobile App Adoption?

App Management
Apperian conducted the The Mobile Enterprise Application Survey to fin ...
Read More
Jan 30, 2019

Part 1: App Security Should Be an Integral Part of Your DevSecOps Process — Not an Afterthought

Application Security
What are the key considerations and components of DevSecOps? The in ...
Read More
Nov 19, 2018

Breaking Down the New California IoT Law

Application Security
Recently California passed legislation regarding the security of all I ...
Read More
Contact Us