To Ban or Not to Ban: Ensuring App Security

By Ching Mac, National Sales Director – End User Computing and Mobility

The Government of Canada made headlines recently by banning certain applications from mobile devices used by government employees. While this may have been the most high-profile example of an app being banned in Canada, many organizations, including governments and government agencies, have strict policies around which apps are acceptable on their phones – whether provided by the employer, or the employee brings their own.

Mobile devices are the gateway to your business, so there are many good reasons for companies to have policy standards about which apps employees can download. Phishing schemes, data breaches, malware and stolen IP can all happen through mobile applications.

But how can organizations best determine which apps pose risks, and how should they approach data protection, while also allowing for the use of productive apps, and managing minimal interference on employee devices?

When it comes to mobile device security there are a couple of things to keep in mind:

Up-to-date policies is best practice

With the growing popularity of BYO device policies and the proliferation of popular and useful apps over the past few years, efforts to find the right balance have become more challenging. Organizations have been increasingly willing to block apps from devices, but they also need to set policies in place that will improve their overall security posture. In addition to limiting certain applications, it is also important to ensure that device software is up to date, that employees are using devices that have not been compromised or jail broken, and that appropriate settings are activated to protect the user.

Once policies are set, they also need to be reviewed frequently. It can’t be a “set it and forget it” exercise, but instead policies need to be constantly revisited and kept up to date for current trends and threats.

Are you a good app or a bad app?

Mobile apps can be fun, functional, and productive. But they can also be dangerous. And the reason for blocking specific apps can vary for different companies, industries and organizations.
Social media and messaging apps are some of the most common apps to be banned, as anything that might allow users to click on a link can pose a significant risk to the organization.

But before blocking apps, organizations must consider what applications and data are essential for business, what can help the productivity of their employees, and what the reaction of employees will be to losing that access. That then needs to be weighed against security considerations, including how well the data can be protected from misuse. And finally, companies also need to plan for how it can be removed should that need arise, like if the phone is lost or stolen.

Providing containerized security for data on these devices is an important way to limit risk and gain better visibility, while also providing employees autonomy and the tools they need to do their job.

Workspace ONE can help

At VMware, we’ve been helping companies safely adopt these BYOD policies for many years. Workspace ONE UEM is a powerful tool that can help you to accomplish your mobile device security goals. And Workspace ONE Mobile Threat Defense (MTD) detects a myriad of threats encountered by Android, iOS, and Chrome OS devices, including phishing and smishing attacks, malicious, leaky, or poorly configured apps, jailbreaks and device vulnerabilities, and behavior associated with rogue networks. MTD is integrated within the Workspace ONE UEM platform (you can watch a VMware VMware TechZone demo here), and was recently awarded Gold at the 2023 Cybersecurity Excellence Awards.

Whether you’re implementing a new mobile security policy, have an existing policy that could use some fine-tuning or want to block unwanted apps, we’re here to help.


Leave a Reply

Your email address will not be published. Required fields are marked *