Outdated apps: What are the best ways to address them?
Dead and outdated apps can pose serious security risks for enterprises. Expert Nick Lewis explains how to find and remove dead apps before they become a problem.
I've seen that "stale" or "dead" apps, as well as devices that run on outdated operating systems, are emerging as an enterprise mobile security concern. What are the issues caused by outdated apps and old OSes, what is the best way to deal with them, and how can enterprises detect when users have dead apps on their mobile devices?
Outdated apps or OSes have been an issue since the first applications were deployed on computers. One of the benefits of mainframes was that only the single mainframe itself needed to be updated. But in the current scenario today, all client systems and some servers need to be updated, along with the software on those systems. The difficulty in keeping an accurate inventory of systems and applications is that keeping the applications updated -- or even uninstalling an app -- contributes to dead apps staying on a device or system much longer than desired. Enterprises have tried to manage PCs -- and to some extent, Macs -- using centralized management tools like Microsoft's System Center Configuration Manager, Dell KACE, IBM's BigFix and others that push software updates for applications or new OSes. Enterprises try to keep up with security patches and new functionality and stay in licensing compliance by using these tools. Virtually every security standard or best practice recommends, for good reasons, that all enterprise apps have current security patches in place.
Mobile devices have the same challenges; they have a different model and typically use an app store provided by the OS developer or device manufacturer, but there are similar enterprise mobile device management products like AirWatch, Good, MobileIron and others that fill in the gaps from app stores. Enterprises can use these tools to centrally detect when users have outdated apps or dead applications on their mobile devices, but this typically requires the end user or IT department to manually install the management tool on the device. Once the MDM is installed, the devices can be secured to meet the enterprise's security policy.
Ask the Expert:
Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)