Skip to main content
Nov 12, 2013

Security and Privacy Threats to Enterprise Mobile Apps

enterprise mobile apps securityA recent study conducted by the research firm Ovum revealed that 70% of employees who own a smartphone or tablet use it to access corporate data through enterprise mobile apps. This staggering figure that points to the surge in the popularity of bring your own device (BYOD) policies among enterprises. While the advantages of BYOD are clear (it is strongly linked to increased employee productivity), it doesn't come without its downsides. The bottom line is: mobile security and privacy threats are a major challenge for IT departments with a BYOD policy that includes enterprise mobile apps.

Major security and privacy threats

Third-Party Apps The growth of the BYOD movement has also coincided with growth in the bring-your-own-application (BYOA) movement. As employees continue to become more tech-savvy, they've begun downloading and using 3rd party business applications that offer file sync/share, IM/VoIP, and networking features. Though employees have good intentions, the use of third-party enterprise mobile apps puts both the user and the enterprise at risk. The existence of malware and spyware in such is always a possibility. In fact, Trend Micro estimates that there are over 700,000 malware and/or adware-laden apps available to Google Android users alone. These apps do everything from steal data to initiate malicious downloads. Such threats not only put the device owner at risk, but could also compromise confidential corporate data. To compound the issue, many third-party apps are unintentionally malicious as a result of poor coding practices. Poorly written software can inadvertently gain access to or expose data and/or metadata stored on a device. Network Threats Threats to enterprise mobile apps can also exist on a network level, especially when employees use third-party apps. Though most enterprise networks are secure, there is no guarantee that the networks employees connect to outside of the office are. Unsecured Wi-Fi networks put app users at risk for man-in-the-middle attacks and Wi-Fi sniffing. Physical Threats According to a recent study conducted by Pew, one-third of cell phone owners have either lost their device, or had it stolen. Physical threats like these are an ever-present concern for both device owners and IT departments.

How IT departments can mitigate security and privacy concerns

Establish BYOD policies It is vital for organizations to establish BYOD policies before supporting BYOD. These policies should clearly define which employees are eligible to participate, what types of devices are supported, and what business functions are supported. A standard set of procedures is also required in cases where devices are lost, stolen, or otherwise compromised. Develop Internal Mobile Applications A number of mobile security and privacy threats develop from employees using third-party applications. One obvious way organizations can mitigate this threat is to develop their own enterprise mobile apps. Developing apps internally eliminates malware and spyware concerns and can also be customized to promote higher efficiency and productivity. App Wrapping With the smartphone and tablet markets spread now flooded variety of manufacturers, developing native applications complete with security features can be costly and time consuming. One solution is to develop applications using a mobile application management (MAM™), which adds an administrative layer to enterprise applications. MAM™ administrators can further employ app wrapping to set device-independent policy and security elements before deploying it as a fully contained app on their enterprise app store.


More from the Blog
May 27, 2020

Application Security: Testing is NOT Enough

In the software development world, developers are faced with a breakneck release schedule and tasked to produce applications ...
Read more
Apr 30, 2020

Mobile Application Management: A Forward View

IT Is Adapting in the Midst of the COVID-19 Pandemic The Coronavirus pandemic is a human tragedy, affecting hundreds of thou ...
Read more
Apr 16, 2020

The Next Step in the Arxan Journey

As many of you may have seen, we just announced that w
Read more