“High risk apps” is probably a phrase you will might have heard a lot. Antivirus vendor Kaspersky recently announced that they expect mobile malware to be one of the most significant security threats to businesses.
With smartphones and tablets in abundant use across most workplaces, Mobile Device Management should no longer be considered a “nice to have.” If users are permitted to use their devices on company networks, you simply must have some level of control. If you’re not already convinced of this, perhaps the fact that an estimated 20% of Android apps are technically “high risk” will change your mind? While not all of these apps are malicious, there are concerns about the information they access and how they may use it.
So how do you retain control of these high-risk apps? Here are five suggestions:
Users must understand that corporate IT systems need to remain under central control. This sometimes means trading functionality for convenience. If users wish to connect to company systems, it probably means that you need to exercise some control over their personal devices. There are obviously privacy implications here too.
Ultimately, if users aren’t happy with their device being managed, they shouldn’t connect to the network.
Plenty of software solutions now exist that allow you to lock-down and remote control mobile devices. You may choose to restrict which apps can be downloaded or used. Some mobile device management solutions even offer features such as remote lock and wipe, location tracking and WiFi provisioning.
Use your MDM software to regularly check which apps are in use on mobile devices. As part of these regular checks you should, in compliance with your policies, remove anything of concern.
Obviously, Mobile Device Management should incorporate all devices, be they Apple or Android, but when it comes to high-risk apps, the focus is currently on Android. The Apple App Store is a far more regulated place than its Android equivalents, meaning that “high risk apps” are likely to be more commonplace on Android – for now, at least.
If Kaspersky are correct about the prevalence of high-risk apps, mobile malware will be hitting the news this year. Stay informed to make sure you are ready to act on any dangerous vulnerabilities.
You can also make use of any high-profile stories to reinforce best practice to your users.
It’s hard to predict how this trend may develop, but installing security software on Android devices may become a widespread recommendation in months to come.
Until now, IT departments have focused on PCs and servers when it comes to software vulnerabilities. It seems that 2014 may be the year that malware truly goes mobile.