Apple recently released a report on the crazy amount of money that consumers have been spending on apps and in-app purchases. The numbers break down like this:
- Over $1.1B in purchases in the two weeks ending January 3, 2016, with both weeks setting back-to-back weekly records for purchases and traffic
- Over $144M in purchases on January 1, 2016, the most in single-day sales in App Store history
- Nearly $40B has been paid to App Store developers since 2008
- Millions of jobs have been created due to the App Store, including 1.9M in US, 1.2M in EU, and 1.4 in China
- Gaming, Entertainment, and Social Networking were the most popular categories for purchases, including subscriptions
- Apple TV and Apple Watch helped drive the purchases, with Rayman Adventures and fitness apps among the most popular apps for these new devices
A Time article on the Apple report also identified the top 10 apps in the App Store. The list includes messaging apps like SnapChat and streaming apps HBO Now and Periscope. App metrics company App Annie reports that there were twice as many downloads from the Google Play store than from the Apple App Store in 2015.
Amazon also reported record numbers in their Prime services, such as Prime Now deliveries and Prime Video. The most relevant numbers for this conversation relate to mobile shopping: almost 70% of Amazon customers shopped on a mobile device during , including the 2015 holiday season, and mobile devices were placing 33 electronics orders per second.
That’s a lot of unmanaged apps coming into the work environment. These apps bring risks like malicious code that can compromise the network, attacks that can give control of the device to the attacker, and Wi-Fi communication interception. Some apps work in tandem with PC attacks, like Perkele bot kit described here. It’s never been easier to bring a computing device into a work environment and connect it to a company network. A compromised phone or a malicious insider can misappropriate confidential company data within a matter of minutes.
How do you mitigate this risk? There are a few different things you can do to reduce the likelihood that your network will be compromised.
Define a mobile security policy: Assuming you already have laptops in the organization, you may find it easy to simply manage your smaller, more mobile devices in the same way. If this doesn’t work, a new set of processes building on your existing management set may work. An active choice has to be made regarding the security of mobile devices. This should include parameters on who is responsible for each aspect of the mobile device.
Deploy a multi-platform Mobile Device Manager: BYOD initiatives have brought many different types of devices into the work environment. A multi-platform MDM (like ours here) can provide a single point of administration for more than one type of mobile Operating System. The MDM can authenticate the user and enforce security policies, which means less risk of misappropriated data on your network.
User training and accountability: There is nothing that can replace user education. Train your users to understand the basics of mobile device security and application management. Something simple like reading the install conditions of an app can prevent the device from becoming infected.
Mobile security is a company-wide issue, and it will take more than just the IT Department to secure the workplace. If you encounter resistance in deploying mobile security practices, you may need to take a more sales-oriented approach to convince the management team. Get real numbers on security breaches, and become versed in what those numbers mean. Prepare a plan for deployment that includes timeframes and dependencies. If the decision makers see that you did your homework, they’ll trust that your recommendations are thoughtful and informed.
How do you manage mobile apps in your company? Let us know in the comments.