Mobile Application Wrappers
Managing the Security of Employee Devices
Jimmy Whitten & Manjot Singh
May 12th 2016
CISS 634
Executive Summary
Over the past few years the number of mobile devices owned per person has grown, and will continue to grow, exponentially. With more and more people using a variety of different devices that suit their usability and productivity needs, businesses are trying to figure out how to adapt and remain competitive. The Bring Your Own Device, or BYOD, phenomenon has crept up on many major business, and they are now finding out the hard way that security and integration procedures cannot be overlooked. The solutions for this issue are still in their infancy, but the two most prominent include Mobile Device Management (MDM) and Mobile Application Management (MAM). Although these are considered Band-Aids for a larger issue, businesses, at this time, must adopt one of these two methods in order to provide adequate security for existing and new business information systems, while maintaining convenience and personalization for their employees.
Introduction
Background & History
Smartphones are considered to be smart because of the various different applications that can be run on them. A Mobile App is a software application that is developed to help end users in making their tasks easy. App development goes back to the 1990s when IBM developed the first smart phone, which consisted of a calculator, phonebook, calendar and a
The CSO or CIO should establish policies as to what data is allowed to be stored on mobile devices, what level of protection is required, and what access to internal systems various mobile devices can have. Regularly, these policies are part of the overall data management and access management policies. The network administrator and IT manager usually decide on which tools to use to ensure that password, virtual private network, access control, and malware protection requirements are followed. They may also decide on which types of mobile devices are authorized for use with company data and services. Managers and users are responsible for following these policies. It is tempting for employees to use personal devices with forbidden data and
Apps are now an integral part of our everyday lives. We use them to check the weather and check into a flight, to see when the next bus is coming, record notes, read books, play games and much more.
If an organisation allows employees to use personal devices for work, a BYOD policy for the use of such devices can make sure that all personnel are given notification of both the policy’s guidelines and the consequences for violating those guidelines.
Malware on personal devices in a BYOD setting can be dangerous to the organization. Employees who accidently download malicious apps to their personal devices can potentially give hackers unauthorized access to corporate data. Coupled with other threats like jail-broken phones, preinstalled malware prior to shipping and mobile vulnerabilities can be a major nightmare to the IT department implementing BYOD (“Implementing BYOD,” 2012).
Thesis; Along with the efficiency mobile devices render, come along its risks, in which raises substantial security and privacy concerns. It’s important to be aware of the possible threats a mobile can have, along with knowing what and how to secure information, as well as trying to prevent threats from happening.
Mobile devices such as smartphones, PDAs, tablets, and netbooks have become an integral part of everyday business operations. Millions of people log into their company’s secure network on mobile devices via wireless Internet or even accessing their email, making sensitive data more susceptible to data theft and hacking. Mobile technology is advancing at such a fast pace, making it harder for IT managers to keep up with newly emerging threats. Since the smartphone emerged in the business scene, cybercrime has increased exponentially. Data security has now become the main focus for most IT managers in larger corporations.
Abstract— A new trend of implementing Bring Your Own Device (BYOD) as an IT policy is being adopted by companies worldwide. It permits employees to bring their own portable devices like tablets,
BYOD is an increasing trend toward employee-owned devices within a business. BYOD is the acronym for Bring Your Own Device. Some industries are adopting BYOD quicker than others. There are both advantages and disadvantages of implementing BYOD in the workplace. Most employees are already using their personal devices in the workplace. These employees store personal information as well as company data on their devices. Although there are a variety of benefits to allowing users to supply their own devices, it also raises significant data security and privacy concerns. It is vital for any organizations to understand these benefits and concerns.
For Milestone to be successful with their mobile platform strategy their strength of integration needs to progress beyond TCP/IP and encompass the emerging technologies and standards that will lead to tablets becoming the dominant development platform of the future. At the center of these technologies are secured enterprise access encryption and remote management support including device-wide wipe and replace security architectures (Gold, 2011). These technologies make it possible for Milestone to manage each of their applications remotely and also completely erase the contents of a device if it is lost or stolen. A second major design criterion is to create an effective Application Programmer Interface (API) architecture that allows for any of the Milestone applications and associated resource calls including database integrations to gain real-time access speeds (Proffitt, 2011). The expectation customers have for smartphone and tablet PC access today includes real-time performance at a minimum with periodic application updates not requiring reboot of the device required (The Economist, 2011). This is the new normal when it comes to device performance and requires an intensive level of integration within a given device in addition to database and system integration requirements. Apple has been able to successful enterprise market for their iPhone and iPad Series of devices by concentrating on
There are mobile applications for just about everything. There are “apps” for games, social networking, banking, shopping, web browsers, word processors, weather, GPS,
Blackberry, a former smartphone juggernaut, is a company that prides itself in being the most secure and productive mobile services and software firm on the market. It will be critiqued and analyzed in this paper. Following the critique, a recommendation will be made at the end.
Challenges using personal devices arise as the popularity of these devices increase by time. A recent survey claim that 69% of employees use their personal mobile/tablet devices to access company networks. The same survey says that even though 86% of employees make efforts to erase all contents from their devices prior to selling them, over 50% still contains big amounts of personal data. Some of the main challenges in BYODs are summarized in the following sub-sections [1].
Within this Briefing Paper, the topic of Bring Your Own Device, in short “BYOD”, will be explored in regards to how it fits in to current day corporate and educational environments, and why it will be a primary focus in future IT strategies. The importance of it will be signified and why it is a major advantage for IT departments and users, and the policies governing BYOD and why they need to exist for an IT department to effectively support users and their devices. Benefits of cost reduction, comfortability through BYOD are contrasted against concerns of security, platform commitment and integration approach, and ultimately why BYOD is an exciting prospect for the future with a current large uptake that is continuing to grow year
There is being observed a mass proliferation of heterogeneous deployment of Android, Windows, iOS and Blackberry and other platforms as well connected mobile devices that have started to become a norm. This is also being embraced by organizations that is bring your own device (BYOD) trend on the other side the tablets and smartphone are increasingly becoming a center or say hub for personal and business data. And with the upcoming and already established technologies such as Bluetooth, NFC and others where machine to machine interaction is at its peak and mobile devices have started to become wallets and security badges and more.
Mobile devices have the advantage of already being customised with a wide range of the employee’s choices of operating system or e-mail manager. These personal devices are already set-up with applications and services that employees are comfortable with. Consequently the interaction with technology becomes seamless, saving precious time (and time is money). Whereas the computer provided by the company needs to be adapted.