Skip to main content

This post is from the Apperian blog and has not been updated since the original publish date.

Last Updated Nov 12, 2013 — App Management expert

Security and Privacy Threats to Enterprise Mobile Apps

App Management
enterprise mobile apps securityA recent study conducted by the research firm Ovum revealed that 70% of employees who own a smartphone or tablet use it to access corporate data through enterprise mobile apps. This staggering figure that points to the surge in the popularity of bring your own device (BYOD) policies among enterprises. While the advantages of BYOD are clear (it is strongly linked to increased employee productivity), it doesn't come without its downsides. The bottom line is: mobile security and privacy threats are a major challenge for IT departments with a BYOD policy that includes enterprise mobile apps.

Major security and privacy threats

Third-Party AppsThe growth of the BYOD movement has also coincided with growth in the bring-your-own-application (BYOA) movement. As employees continue to become more tech-savvy, they've begun downloading and using 3rd party business applications that offer file sync/share, IM/VoIP, and networking features. Though employees have good intentions, the use of third-party enterprise mobile apps puts both the user and the enterprise at risk. The existence of malware and spyware in such is always a possibility. In fact, Trend Micro estimates that there are over 700,000 malware and/or adware-laden apps available to Google Android users alone. These apps do everything from steal data to initiate malicious downloads. Such threats not only put the device owner at risk, but could also compromise confidential corporate data. To compound the issue, many third-party apps are unintentionally malicious as a result of poor coding practices. Poorly written software can inadvertently gain access to or expose data and/or metadata stored on a device.Network ThreatsThreats to enterprise mobile apps can also exist on a network level, especially when employees use third-party apps. Though most enterprise networks are secure, there is no guarantee that the networks employees connect to outside of the office are. Unsecured Wi-Fi networks put app users at risk for man-in-the-middle attacks and Wi-Fi sniffing.Physical ThreatsAccording to a recent study conducted by Pew, one-third of cell phone owners have either lost their device, or had it stolen. Physical threats like these are an ever-present concern for both device owners and IT departments.

How IT departments can mitigate security and privacy concerns

Establish BYOD policiesIt is vital for organizations to establish BYOD policies before supporting BYOD. These policies should clearly define which employees are eligible to participate, what types of devices are supported, and what business functions are supported. A standard set of procedures is also required in cases where devices are lost, stolen, or otherwise compromised.Develop Internal Mobile ApplicationsA number of mobile security and privacy threats develop from employees using third-party applications. One obvious way organizations can mitigate this threat is to develop their own enterprise mobile apps. Developing apps internally eliminates malware and spyware concerns and can also be customized to promote higher efficiency and productivity.App WrappingWith the smartphone and tablet markets spread now flooded variety of manufacturers, developing native applications complete with security features can be costly and time consuming. One solution is to develop applications using a mobile application management (MAM™), which adds an administrative layer to enterprise applications. MAM™ administrators can further employ app wrapping to set device-independent policy and security elements before deploying it as a fully contained app on their enterprise app store.

More from the Blog

View more
Apr 30, 2020

Mobile Application Management: A Forward View

App Management
  IT Is Adapting in the Midst of the COVID-19 Pandemic The Coron ...
Read More
May 19, 2019

Sneak Peek: How Are IT Leaders Driving Mobile App Adoption?

App Management
Apperian conducted the The Mobile Enterprise Application Survey to fin ...
Read More
Jan 30, 2019

Part 1: App Security Should Be an Integral Part of Your DevSecOps Process — Not an Afterthought

Application Security
What are the key considerations and components of DevSecOps? The in ...
Read More
Nov 19, 2018

Breaking Down the New California IoT Law

Application Security
Recently California passed legislation regarding the security of all I ...
Read More
Contact Us