Free mobile apps put your BYOD strategies at risk

By Jeff Vance, CIO |  Consumerization of IT, BYOD, mobile apps

When CIOs worry about the Bring Your Own Device (BYOD) trend, one of the things that most concerns them is their lack of control over mobile apps. Rogue apps packing malware are a major concern, but many malware-free apps pose risks too.

Even in curated marketplaces, mobile apps can be ridiculously intrusive. Earlier this year, Apple, Facebook, Yelp and several other firms were sued for privacy-infringing apps that, among other things, pillaged users' address books.

The Enterprise App Store: 10 Must-Have Features

Open for Business: It's the Year of the Corporate App Store

At the time, many security experts warned that this was the tip of the iceberg, and a recent study by Appthority, a provider of mobile security solutions, found that free apps are particularly risky because it was discovered they have the ability to access sensitive info.

That's bad enough, but what if the app uploads a sales representatives' contact list and the developer then sells it to a competitor? That's a new type of data leakage that most organizations aren't ready for.

We Won't Let Workers Anywhere Near the AppStore

Despite the risks, Illinois-based Riverside Medical Center believed they had no choice when it came to BYOD. Trying to simply prohibit end-user devices would be counterproductive. "For a hospital like ours, BYOD is a marketing issue as much as it is a security one," said Erik J. Devine, Riverside MC's CISO. "If doctors can't use their tablets or smartphones at this hospital, they'll start checking their patients into other ones."

In order to take part in the BYOD program, end users must agree that Riverside MC has the right to remotely wipe the device if any problems arise. That could mean wiping a user's photos or personal emails, but that's the risk users must take if the enterprise is going to cope with BYOD risks.

For corporate-owned devices, of course, risks are easier to manage. "If we decide to purchase an iPad for someone, when it's a pure work tool, you can't even get to the AppStore," Devine said. Good luck telling that to someone shelling out $150/month on an expensive data plan.

iPad Security: How a Hospital Group Treated Trouble

iPad Invades the Enterprise: How Big Are Security Risks?


Originally published on CIO |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Consumerization of ITWhite Papers & Webcasts

See more White Papers | Webcasts

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness