6 trends driving secure application access your customers need to know
Truly effective mobile business transcends giving employees mobile devices, which is the first step to achieving mobility goals. Unfortunately, a stolen laptop, tablet, or smartphone is a potential gateway into the heart of your customer’s networks and corporate information.
Business apps – when used with the right application management processes – increase security levels by protecting your customer’s data at a granular level.
Mobile applications are becoming a priority for businesses
As the trend of mobile working explodes, more businesses use applications as part of their processes. In fact, 40% of companies plan to prioritise the mobilisation of general business apps over the next two years. Your customers want to increase efficiency, productivity, and have their employees working on the same documents.
While mobility and productivity are crucial business goals for your customers, they will be unprepared to take any enterprise mobility management (EMM) solution forward without being assured about security. Who can blame them when 9 million of 150 millions apps scanned by McAfee were found to have malware?
The 6 secure application access trends your customers must understand
Like every technology, secure application access is subject to trends – partly because your customers share a common set of needs and goals. You can use the following points as a checklist, ensuring you can properly answer the most common questions and objections from your customers, while emphasising that application security really does come first.
1. Your customers are giving employees mobile devices – without any restrictions
When your customers give their employees a mobile device, they may neglect to control levels of access across the network. The “open everything” approach limits your customer’s control over their data and corporate information. An authenticated employee on a device may have access to sensitive systems and apps, along with access to editing and sharing rights - often not appropriate for their job seniority or role.
Containerisation allows your customer’s IT departments to deliver an isolated workspace containing applications for use with corporate data. By limiting remote access on a per-app basis, your customers can also control the resources available outside of the enterprise network. This significantly reduces the risk of data loss, theft or leakage.
2. Your customer’s employees can access corporate information on different apps
The beauty of mobile apps is that there are often multiple apps available to carry out the same task. However, this introduces a new threat of data leaks, as well as unauthorised access and editing across your customer's business. Your customers need the ability to control app usage, access, and standard working practices.
Secure application access systems and policy management allow your customers to pre-approve apps that will be allowed to pass through the corporate firewall. Control is key. By defining approved apps and setting appropriate policies, it is much easier for your customers to set and enforce security standards beyond the network perimeter.
“Mobile application management (MAM) is a component of enterprise mobility management (EMM) that allows IT to set security policies for, and otherwise control, individual mobile apps on users' devices.” – Tech Target
3. Authentication levels are too low and the risk of application breach is high
Remote workers, third party contractors, and bring your own device (BYOD) practices within your customer’s businesses all increase the risk of data breaches. Single sign-on with an all encompassing password and username has long been outdated - no longer enough for your customer’s devices, let alone their business apps.
The 2016 Mobile Application Security Report from HPE 2015 revealed that 70.6% of applications breached data collection and privacy violations by requesting access to external storage.
This concern is driving improved secure application access in a number of ways:
- Two-factor authentication asks for a user ID and password at device level and a second validation, such as a PIN or fingerprint at app level, helping your customers to identify and approve users.
- Your customers can prevent unauthorised copying and pasting of corporate data between authorised and unauthorised applications, preventing theft, loss, and corruption.
- Your customers can also use VPN at the mobile application level, providing a secure connection from the app to the company’s gateway, giving them full control.
These extra layers add to the complexity of cracking app security, keeping data and IP safer.
4. Your customer’s employees are using applications from unapproved sources
Your customers will already have secured their internal WiFi network to prevent unrecognised devices from joining. Now they need to prevent recognised users and devices from using unrecognised, unapproved applications to access data across the enterprise.
Secure application access is being driven not only by application type and authentication, but by application delivery. Demonstrate to your customers that they can deliver encrypted corporate applications to their end users through:
- Private views to public app stores.
- Direct download links.
- Enterprise app stores.
These app delivery options eliminate unauthorised users and even competitors accessing your customer’s business apps.
“By 2017, 25% of enterprises will have an enterprise app store for managing corporate-sanctioned apps on PCs and mobile devices. Enterprise app stores promise greater control over the apps used by employees, greater control over software expenditures and greater negotiating leverage with app vendors, but this greater control is only possible if the enterprise app store is widely adopted.” — Gartner Inc.
5. Application wrapping and sandbox solutions
BYOD working practices have led to the coexistence of business and personal apps on the same device, presenting a significant risk to the business and the end user. 84% of mobile users utilise the same phone for personal and business use.
Many apps are known to leak personal data – potentially taking sensitive IP with it. Some personal apps, without set permissions and controls, can access any level of data held on the device. App-wrapping and sandbox environments can be used by your customers to control or protect a wide spectrum of elements within their mobile app.
Your customers can:
- Restrict data storage from their mobile app to the device, regardless of device type.
- Prevent corporate data on the device from being accessed by personal apps.
- Isolate personal and corporate applications on a single device.
- Cover components including text messaging and camera roll.
6. Simplified management of access and permissions
Each of the trends described above has the potential to significantly add to the CTO’s workload. Which is why enterprise mobility management solutions have become so important.
From a central console, your customers are able to carry out almost all of the secure application access tips above. Without EMM, your customers face a stark choice – hire more staff to oversee mobile application operations and security, or drop their mobile programme completely. For most, neither option will be acceptable – making EMM even more important to their operations than they realise.
Driving secure application access for your customers
Secure application access is by far the safest way to improve mobile security and overall strategies. The ability to control access to applications, data and resources on a per-app basis will fundamentally improve the overall provisions of your customers. The use of EMM is the only way to properly manage the process.
- Think: The importance of EMM is to simplify mobile management operations. Make sure your customers understand the limitations of an MDM approach, and the lack of restrictions around applications, but also how to manage a list of approved, secure apps.
- Act: Suggest using app-wrapping to segregate personal and corporate apps and data on the same device. There is also a need to enrol mobile devices and deliver apps through an approved, secure source.
- Lead: Develop ideas around adding multiple layers at application level to improve overall remote security.
- Share: Secure application access is the safest way to improve mobile security and overall strategies.