Brian Reed, chief mobility officer at NowSecure, said government agencies should have programs in place to facilitate continuous monitoring of mobile applications to detect and address vulnerabilities that could pose security risks to employees and data.
Reed wrote that agencies should commit to ensuring the security of mobile apps and establish mission data protections and access restrictions.
He called on agencies to conduct a thorough review of employees’ access to mission-oriented apps by developing “profile differences based on levels of device control and authority versus mission requirements.”
Agencies should come up with a vetting program for mobile apps, which Reed said involves three stages. The initial stage calls for organizations to develop an inventory of all the devices and apps on the network and the second phase requires the establishment of a process for assessing new applications. The last stage focuses on continuous monitoring of every mobile app’s new version once it is launched.
“By understanding and addressing the risks associated with mobile apps, agencies can support employee productivity with mobile tools while protecting mission data on the device, in the apps and over the network,” Reed noted.
He cited NowSecure’s automated software offering and how it helps agencies perform continuous app monitoring to safeguard their app portfolios.