According to IDC, over 70% of the US workforce will be participating in a mobile BYOD program by 2020. This means that the need for mobile threat defense solutions will continue to grow – quickly. As you might suspect, the foundation of any mobile threat defense solution is the mobile app which end users install directly on their mobile device. This app will provide some (or all) of the following capabilities:
- Real-time monitoring and diagnostics on the mobile device itself, so that actions can be taken when alerted. This is crucial, as data suggests that 40% of mobile devices will be exposed to a network attack within the first three months of security monitoring.
- Communication between the mobile device and the solution’s server(s) so that additional analysis may be performed and IT can monitor and manage organizational risk.
- Crowd-sourced threat intelligence, where the app is bubbling up new threat data to a central location for aggregated threat analysis and alerts. This should be a key part of any holistic, layered mobile threat defense solution, though that isn’t always the case.
One could easily assume that all apps are created equal, but there is one huge difference that an IT organization should understand fully before picking a solution: public apps versus private apps.
On the surface it may seem like the only real difference is that public apps are available via official app stores, like the Apple App Store and Google Play, and that private apps are simply deployed through some other means. But, there is a lot more nuance to what differentiates a public app versus a private app, and why it has a huge impact on end user adoption and the success of your mobile threat defense solution. Enterprises should also be aware that although some vendors do offer a public app, it is a reduced-feature version of their enterprise app and cannot be used in place of their business version that uses private APIs. Let us look at the four critical components of a successful enterprise mobile security solution:
- Deployment. When an IT organization is ready to deploy their mobile threat defense solution, they’ll need to distribute the apps to their end users. With a public app, it’s as simple as each end user installing it from the App Store or Google Play as they install any other app, for example, a game. You can still leverage EMM or MDM solutions to distribute if desired, but at least end users have the option of simply installing it themselves.Private app deployment will likely require IT to leverage internal distribution tools, usually EMM or MDM, to package and deliver these apps to end users. This also often means that customers are on the hook for purchasing developer certificates through Apple, which are required when IT teams build (or rebuild) the app prior to distribution. All of this additional overhead translates into a rollout that takes longer, costs more, and can be more intrusive to end users.
- Maintenance. Every IT organization knows that rolling out a new app is only phase one. After that, IT has to monitor, manage, and maintain that deployment through regular updates. With a public app, end users get updates directly from their app store (and often automatically) which means there is no effort needed from IT or the end user, and there is significantly reduced risk of an app being out-of-date (and vulnerable). To update private apps, however, IT will have to make updates to their app, apply new certificates, repackage it, and redeliver it to end users (relying on their EMM or MDM tools again). What happens if you discover a slight packaging error after 24 hours? You’ll have to do it all over again. This all adds up to a significant time investment from IT to manage a private app and increased likelihood that end users will have out-of-date versions installed. If you have limited IT resources, a solution that relies on a private API-based app is not the right one for you.
- Reliability. When you purchase a mobile threat defense solution, you probably want to be confident they’ll be around for a while so that you can maximize your return on investment. With a public app this is easy, because public apps must rely on public APIs. Though this requires a bit more legwork (or smarter intellectual property) for the solution provider, it delivers significantly more peace of mind for their customers due to the knowledge that these APIs can’t be turned off at the drop of a hat.
Private app vendors, however, are free to use private APIs, which could unfortunately be deprecated at any time. If that happens, the app itself could lose features or be rendered inoperable. This may sound hypothetical, but there are plenty of real-world examples where apps had great functionality that simply stopped working once Apple or Google turned off certain API access. In some cases, businesses have shut down as a result, and when this happens it can cost IT lots of time and money, leave end users vulnerable, and force IT to scramble for a new solution. In fact, Apple recently eliminated some private APIs with the release of iOS 10 that may negatively impact mobile security solutions that rely on those APIs to deliver their value.
- Adoption. End users like to be (or at least feel) in control of what they’re installing onto their device. When an end user is empowered to install their mobile threat defense app, it provides them with a sense of being part of the solution. In addition to that, when an end user installs an app from an official app store, they know that this app conforms to all of the user and data privacy rules that app store mandates. In other words, they don’t have to worry that IT has just installed a backdoor into their personal life via their mobile phone. As a result, data shows that end users with public apps become a more actively engaged piece of the mobile security puzzle, by reading up on threats that are bubbled up and communicating more actively with IT on what is safe and unsafe. Users at RNDC are actually thanking the IT security team for implementing a public app solution because it maintains their privacy and also protects the personal stuff on their mobile devices.When end users are instructed to receive a private app, though, they often feel like something is being forced upon them without any real assurance that their personal data or privacy isn’t being compromised in the process. It’s a very real barrier to adoption, which is why with private apps it isn’t uncommon to have large groups of end users finding ways to delay or disrupt distribution to their device. And, unfortunately, a mobile threat defense solution is only as strong as its adoption.
As you can see, deployment, maintenance, reliability and adoption are four crucial components to the success of any mobile threat defense app rollout. Your end users, and their devices, need to be the first line of defense against a vast array of mobile threats. Using a public app like Skycure makes that need a reality because they are easy to deploy and maintain, reliable and future-proofed, and embraced by end users. When the same cannot be said of a vendor that relies on private apps, an IT organization should carefully investigate if that solution is right for their organization.
Read more on how Skycure’s Enterprise Mobile Threat Defense solution leverages a powerful public app or how Ceragon Networks is using Skycure to successfully deliver mobile threat defense to their end users.