idspopd - Fotolia
Outdated apps: What are the best ways to address them?
Dead and outdated apps can pose serious security risks for enterprises. Expert Nick Lewis explains how to find and remove dead apps before they become a problem.
I've seen that "stale" or "dead" apps, as well as devices that run on outdated operating systems, are emerging...
Continue Reading This Article
Enjoy this article as well as all of our content, including E-Guides, news, tips and more.
as an enterprise mobile security concern. What are the issues caused by outdated apps and old OSes, what is the best way to deal with them, and how can enterprises detect when users have dead apps on their mobile devices?
Outdated apps or OSes have been an issue since the first applications were deployed on computers. One of the benefits of mainframes was that only the single mainframe itself needed to be updated. But in the current scenario today, all client systems and some servers need to be updated, along with the software on those systems. The difficulty in keeping an accurate inventory of systems and applications is that keeping the applications updated -- or even uninstalling an app -- contributes to dead apps staying on a device or system much longer than desired. Enterprises have tried to manage PCs -- and to some extent, Macs -- using centralized management tools like Microsoft's System Center Configuration Manager, Dell KACE, IBM's BigFix and others that push software updates for applications or new OSes. Enterprises try to keep up with security patches and new functionality and stay in licensing compliance by using these tools. Virtually every security standard or best practice recommends, for good reasons, that all enterprise apps have current security patches in place.
Mobile devices have the same challenges; they have a different model and typically use an app store provided by the OS developer or device manufacturer, but there are similar enterprise mobile device management products like AirWatch, Good, MobileIron and others that fill in the gaps from app stores. Enterprises can use these tools to centrally detect when users have outdated apps or dead applications on their mobile devices, but this typically requires the end user or IT department to manually install the management tool on the device. Once the MDM is installed, the devices can be secured to meet the enterprise's security policy.
Ask the Expert:
Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)
Discover why enterprises should update their applications and security policies after Heartbleed
Read more on why security updates can be difficult to manage
Find out if state-sponsored malware attacks on mobile devices can be traced
Dig Deeper on Application and platform security
Related Q&A from Nick Lewis
What are port scan attacks and how can they be prevented?
Port scans provide data on how networks operate. In the wrong hands, this info could be part of a larger malicious scheme. Learn how to detect and ... Continue Reading
Explore benefits and challenges of cloud penetration testing
Cloud penetration testing presents new challenges for information security teams. Here's how a playbook from the Cloud Security Alliance can help ... Continue Reading
What are the best criteria to use to evaluate cloud service providers?
Many cloud providers are tight-lipped about internal security control details. Learn how to evaluate cloud security providers with certifications and... Continue Reading