The Popularity of Native Apps Ups the Ante for Mobile Security

Mobile users prefer by a wide margin native apps written to run specifically on mobile operating systems such as Android or iOS, to browser-based apps, according to a recent survey by mobile analytics firm, Flurry. On average, mobile users are spending almost three hours a day on their devices, and 86% of that time is spent on native apps. Only 14% of that time is spent using a Web browser. Native apps rule the day.

In a recent article in SC Magazine, Patrick Harding points out this preference for native apps has big implications for mobile security, especially when business data is involved.

Harding’s argument goes like this: Every business has BYOD users and these users have come to prefer native apps, which provide superior performance and user experience compared to browser-based apps. But native apps pose several important problems for data security.

First, because BYOD devices mix personal and business data, they are often difficult for Mobile Device Management (MDM) and other mobile security solutions to secure properly. If employees think that an MDM solution might put their personal data at risk of being wiped clean, they might be tempted to circumvent the MDM’s systems controls. For example, some employees don’t report devices lost, because they worry that IT administrators will wipe them clean of all data, including personal data such as photos. Enterprises should adopt security solutions that protect business data while leaving personal data under the control of employees themselves. A “dual persona” solution is the best choice here.

Second, native apps typically store data locally. Local storage makes data accessible to users even when devices are off the network. This local storage needs to be secure, if only because, as Harding points out, 1 out of 10 of these devices will end up being stolen. He recommends separating personal from business data on mobile devices and ensuring that the business data is encrypted for protection.

A third risk posed by native apps is poorly secured API calls. Native apps often call databases and other secure data stores, but do so through programming methods are not sufficiently secure.

Enterprises should address all of these risk and find ways to enable IT administrators to protect and monitor business data on employees’ mobile devices. Native apps that have been tested and whitelisted by IT can run within their control and protection whether data is in transit and at rest.

This way, employees stay in control of their personal data, while enterprises get the controls and oversight they need for effective mobile security and regulatory compliances.

To obtain the free e-Book - Making Your Enterprise Mobile Ready – click here or email sales@mpa.co.nz

Latest Security Problems Solved

Privileged Password Management - Pitfalls to consider More >
SIEM matures, however landscape changes. More >
2014: The Year Encryption Comes of Age More >
The key to a secure BYOD-enabled enterprise More >
Our Solutions
Security Solutions

We work with leaders in the fields of data protection, authentication and perimeter security to protect your organisation and manage any threats with the most effective security systems. More >

Technical Services

MPA New Zealand Ltd provides a range of technical services to compliment the vendor technology our company brings to the local market. More >