By Hormazd Romer, Senior Director of Product Marketing, Accellion
IBM company Fiberlink recently surveyed mobile workers and tallied the mobiles apps installed on their devices. As reported on Dark Reading, the survey found:
- 17% of employees have 9 or fewer apps on their devices
- 18% have between 10 and 24 apps
- 35% have between 25 and 49 apps
- 25% have between 50 and 99 apps
- 5% have 100 or more apps
Most mobile phones and tablets come with about 10 apps by default. These include an email app, a maps app, and a calendar app. Many enterprises provide their employees with additional apps, such as apps for special business functions and services, like a CRM app. Other enterprise apps might address IT security, such an app for VPN. Of apps provisioned by enterprises, 38% have been customized in-house by IT, and the rest are publically available apps that IT departments have tested and endorsed.
It’s safe to assume that those 30% of employees carrying 50 or more apps on their devices have some, if not dozens, of consumer apps that were not tested and provisioned by the IT department. These apps might include public-cloud file sharing services like Dropbox that operate outside the control of the IT department. The apps might also include games and social media apps that most likely were purchased impulsively and not evaluated for safety or stability.
These untested, unsanctioned apps pose potentially serious risks to the enterprise. Some apps may be infected with malware, which grew 167% last year. Others might be used in intentionally or accidentally to share confidential data with unauthorized users.
What’s the lesson here for enterprise IT departments and security teams?
Enterprises should adopt security models that assume that employees will install multiple unknown and untested apps on their devices. To protect business data, on-device BYOD solutions should include secure containers for data and apps, so that business data is always shielded from potential malware threats and unauthorized access. Enterprises should be able to remotely wipe the apps and data in a secure container, should a device be lost or stolen, or if an employee leaves the company.
In addition, enterprises should ensure that mobile workers can perform all their work-related tasks with apps that have been officially provisioned by the enterprise. These tasks include file sharing, ad hoc communications such as messaging, and other everyday forms of collaboration. Employees might be tempted to rely on consumer apps for these services, but consumer apps cannot be trusted to keep business data safe. By creating a “white list” app store of tested and trusted apps, enterprises can reduce the chances of employees turning to risky apps for everyday work.
By assuming that BYOD devices will mix business with pleasure, enterprise IT organizations can design and deploy mobile solutions that keep business data safe, no matter how many apps—or dozens of apps—employees have installed.