Mobile apps can introduce a variety of security risks into an organization -- if IT allows it.
With a mobile app blacklist, IT can protect end users from running potentially dangerous or distracting apps. When an organization includes a mobile app on a blacklist in a mobile device management (MDM) tool, the MDM prohibits end users from accessing that app on their devices.
Whitelisting, on the other hand, requires IT to manage a list of authorized applications rather than unauthorized apps. When an end user starts an application, the MDM platform checks if the app is on the whitelist. End users aren't able to open apps that do not appear on the list.
How to implement an app blacklist
Many MDM platforms, such as ManageEngine or VMware AirWatch, include blacklisting capabilities. If IT sets an application as restricted, then the MDM platform can perform periodic scans to check for the use of blacklisted apps in a specific environment. If the MDM platform detects a blacklisted application on a mobile device, then IT can disable the app, uninstall the app or send a warning email to the user.
Organizations must define what qualifies an application for a blacklist. IT can choose to include applications that could introduce security threats, vulnerabilities or distractions in the work environment. IT should consider blacklisting mobile apps that send unencrypted data or that commonly access the camera and microphone.
For example, organizations commonly blacklist WhatsApp, a mobile messaging app, because it can send information such as the end user's address book to a remote server. IT can blacklist Android apps such as Poot and Where's My Droid because they often contain malware. Organizations may also blacklist apps because they serve as distractions, such as social media applications or games.
It's important for IT to keep track of the apps on the mobile app blacklist in a clear, organized way. To do so, IT should immediately update the list as they add or delete apps from the blacklist.
How to approach an app blacklist review
IT should periodically review the app blacklist, but it's up to the organization to choose how frequently this should happen.
Some organizations manually review and update blacklists often to maintain a higher level of security and productivity. This approach, however, can be impractical when the blacklist becomes too extensive to easily manage.
Wrap that app
App wrapping allows IT to blacklist and add security policies to individual apps using mobile application management. App wrapping applies an extra management layer to a mobile application without changing the application itself.
The extra management layer can enable the administrator to specify policies such as requiring authentication to enter a specific app or allowing or prohibiting certain APIs. App wrapping enables IT to set restrictions on applications for both blacklisting and whitelisting. It also enables IT to focus on managing applications instead of specific devices.
Many organizations prefer a low maintenance approach to reviewing blacklists. IT can use EMM tools to periodically manage and update an app blacklist, as well as third-party threat monitoring tools to ensure that apps do not pose security risks.
Organizations that use a mix of whitelists and blacklists can often manage blacklists more easily. For example, organizations can use a blacklist in one environment where there are productivity concerns and use a whitelist in another environment that contains sensitive data to prevent data leaks or malware infection. This process keeps the length of both lists to a minimum and makes frequent periodic reviews possible.