As employees begin using their own mobile devices for work purposes (known as “bring your own device” or BYOD), they’re unknowingly mixing personal with business data. This is a global phenomenon across all industry verticals. Gartner predicts that 90 percent of businesses will have corporate apps running on employee-owned devices as early as 2014. This movement has presented unique challenges for how IT manages mobile devices in the workplace.
On average, most employees have between 50-250 apps on their smartphone or tablet. But did you know that nearly 80 percent of the top 50 free iOS and Android apps are associated with risky behaviors or privacy issues? How are IT departments expected to cope with any number of downloaded apps entering the workplace, which often track location or have access to address books, calendar details and other files? How can you build a mobile app policy if you don’t know what apps do?
Appthority provides the industry’s first fully automated App Risk Management service that employs static and dynamic analysis to uncover the true behavior and measure the total risk of apps within minutes. Bringing trust to the app ecosystem, the company has built the world’s largest database of analyzed public and private apps.
Here are our top three steps to building a winning BYOD program at your company while keeping apps top-of-mind:
1. Identify the needs of your company and its employees.
What apps are your employees already using? Are they using tablets, smartphones or other devices for work and play? Your BYOD policy should speak to the direct needs of both your company and its employees. Ask employees to show you what mobile devices and apps they’re using at work. Whether you’re looking to make employees more productive or streamline costs, IT should be involved in BYOD issues from the start and help oversee the program.
2. Determine your company’s policy and what apps to allow.
There is no “one-size-fits-all” answer for BYOD. Find out what apps are absolutely essential at your company and what types of data sharing is considered too risky. Is location tracking of executives ok? Do all apps need to communicate with encryption? Should the corporate address book be shared with 3rd party ad networks? Are apps with adult content still approved? CISOs, CEOs, legal and communications departments should all be involved in making this decision. Create a clear and acceptable use policy for every department to agree on. You may need different policies for different departments, as an app that is safe for an engineer might not be safe for the VP of finance.