juanjo tugores - Fotolia

Mastering the top enterprise mobility challenges

From compliance to security to app development, mobility adds a new layer of challenge for admins to deal with. Find out how to handle five of the most common issues.

Enterprise mobility challenges have changed the game for IT administrators, forcing them to stay on their toes as they look for the next curveball to come their way.

Mobility introduces concerns that never existed when desktops were the only game in town. Desktops didn't move. Desktops didn't access corporate data from different locations around the globe all day every day. Desktops didn't have multiple operating systems and versions fragmenting their market. Simply put, desktops were easier to control.

Today, admins must figure out how to protect their data and stay compliant while developers work to build mobile apps that employees want to use.

Creating an effective mobile app strategy

IT admins need a mobile strategy that ensures apps bring value to the business. The process starts with creating a portfolio that consists of apps that meet the goals of every mobile initiative as well as the company's overall business objectives. This way admins can decide which app initiatives can add the most value.

Mobility introduces concerns that never existed when desktops were the only game in town.

Next, if developers plan to build mobile apps in house, they must find the right universal development tools to fit their needs and make sure all of the tools involved are standardized. That way support, training and updates are much easier because everyone only needs to learn things once. If they don't feel they have enough staff to build all the necessary mobile apps they can hire more developers or turn to third-party developers.

Finally, developers must establish governance and standards so there are consistent rules for mobile app development and usage across the organization. With a set of standards, developers can more consistently deliver secure apps and measure app performance.

Simplifying mobile app development

Developing mobile apps is no simple task, and some organizations lack the in-house talent to get it done efficiently. One of the top enterprise mobility trends for app development is mobile application development platforms (MADPs), which make the entire process simpler so less experienced developers can still build mobile apps. MADPs are low-code tools that often include templates and drag and drop capabilities to make mobile app development straightforward.

There are a few considerations developers should keep in mind before they pick a MADP provider. First, developers must make sure the MADP they choose has common development standards and access to third-party app script libraries to ensure users have consistent experience across all apps and operating systems (OSes). Developers should also make sure they have complete control over the app lifecycle. From a security perspective, they must know if the MADP supports identity management, what type of encryption it has, where it stores the encryption keys and how it integrates app security with any existing systems.

Keeping mobile data safe no matter what

Secure containers can go a long way toward preventing data loss by encrypting all enterprise data and separating it from any personal assets on a mobile device. IT admins also get granular control over the data so they can limit users' ability to forward, print or copy and paste data. They can also make sure data users cannot transfer data outside the container.

Secure containers cannot do the job alone, however. IT admins should take steps to make sure a user's OS is not compromised.

Protecting against device loss and malware

A user could forget a phone or tablet somewhere, and a hacker could easily get into a company's data. To combat this threat, Android includes stored data encryption on its devices, and iOS has a kill switch so admins can prevent devices from being activated.

Some mobile apps even collect data they don't really need. Adware in some apps captures device IDs, locations, contacts and more. It can also make a device Web request that leaks personal data. Apps with auto-sync features can send private data into a public cloud without the user or IT ever knowing it. The best way to fight back is to prevent devices from downloading apps from unauthorized app stores. Admins can also research apps to see if other organizations have run into problems.

Mobile malware applies to every OS, not just Android. Threats such as surveillanceware, which bypasses the App Store, are common on iPhones and iPads. Admins should not allow users to have jailbroken devices because users can install apps on them from anywhere they want.

Ensuring constant compliance

To ensure organizations are not in violation of any state or federal regulations, IT admins must secure their data storage and processing.

Personally identifiable information (PII), which includes passwords, addresses, Social Security numbers and more, is part of a lot of compliance regulations. Protecting PII is challenging on mobile devices, because it can be hard for IT to keep track of each and every device on the network -- as well as which devices are corporate owned versus personally owned. As a result, admins might not even know that certain devices have PII on them. Admins can mitigate this problem by requiring passwords, keeping patches up to date, and opening the lines of communication between IT and compliance officers and internal auditors.

Next Steps

Mobile compliance best practices

Fight back against mobile DLP

Get the right results from a mobile app strategy

This was last published in March 2016

Dig Deeper on Enterprise mobility strategy and policy



Find more PRO+ content and other member only offers, here.

Related Discussions

Eddie Lockhart asks:

What are the most common enterprise mobility challenges you run into?

1  Response So Far

Join the Discussion



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: