On-the-go defense

Share this article:

This featured article is a sample of our "Mobile Spotlight" issue and discusses mobile apps in the enterprise and how employees downloading them is cause for concern for IT departments.

On-the-go defense
On-the-go defense

Where devices go, applications follow. And in today's bring-your-own-device (BYOD) world, with personal devices increasingly flooding onto the enterprise network, a plethora of unexpected and sometimes unwanted applications are coming through the floodgates as well. This massive change is throwing even the most confident IT managers for a loop, according to many experts.

“Traditionally, things were cut and dried in the BlackBerry days,” says John Sawyer, senior security analyst with In Guardians, an information security consultancy based in Washington D.C.

“The company provided one device with one management platform and [had] hundreds of controls and a locked-down environment. In the past few years, with the economic crisis, companies are cutting costs and [giving] employees the new devices they want with BYOD. And consumer products that no one ever thought of being there are entering the enterprise.”

Companies need to understand the risk and the opportunity implicit in mobilizing the workforce – and that means learning to operate security in a completely different paradigm than they have before, says Nicko van Someren, chief technology officer for Good Technology, a Sunnyvale, Calif.-based provider of multiplatform enterprise mobility. “Mobility is an increasingly important tool,” van Someren says. “IT organizations have been used to having a great deal of control on the machines on which their information is resting. But in a mobile world, they don't control the connectivity, they often don't control the device, and there are more issues with the loss of control of the data that legitimately makes it onto the devices and then is moved somewhere else.”

“Operating systems don't sell devices... what sells devices is the apps.”

– Tyler Shields, senior security researcher and mobile expert, Veracode

Indeed, if employees are using their own personal devices for work, they will often enlist personal applications on that device through the corporate network. In addition, mobile users are also seeking out and finding applications for business use that they download onto their personal or even company-issued phones or tablets. As Sawyer points out, there are an ever-growing number of enterprise applications targeting everything from health care to industrial control systems. So, both business-related apps that are neither used nor sanctioned by the company, in addition to just plain fun ones, are getting downloaded onto both personal and corporate-controlled devices. BYOD or no, it seems the line between the private and the professional is blurring beyond recognition.

And it's not surprising considering how important the application has become in the scheme of device usability. “Phones don't sell mobile devices,” says Tyler Shields, senior security researcher and mobile expert for Veracode, a Burlington, Mass.-based application security company. “Operating systems don't sell devices. What sells devices is the apps.”

Click here for full access to our exclusive Mobile Spotlight issue. 

Page 1 of 3
Share this article:

Related Slideshows

Sign up to our newsletters

More in News

Cyber Command tests gov't collaboration in wake of attacks

The two-week exercise, "Cyber Guard 14-1," was completed this month.

Text message spammer settles charges filed by FTC

Text message spammer settles charges filed by FTC

Rishab Verma and his company agreed to settle charges filed by the FTC that Verma sent millions of spam text messages that deceitfully promised free merchandise.

Rhode Island hospital to pay $150K for past data breach

More than 12,000 patients' personal and health information was compromised in a breach at The Women & Infants Hospital of Rhode Island.