With BYOD, don't leave your backend exposed
The increase in mobile enterprise apps creates unforeseen security risks for IT, warns Matt McLarty, vice president of client solutions for Layer 7 Technologies, in a GigaOM article.
The first step to reducing those risks is to map out the enterprise's mobile backend services, which include data and applications. "Mapping out your company's mobile backend services will allow you to determine which ones can be re-used across apps, and where you should run them," McLarty explained.
Backend application programming interfaces, or APIs, provide a gateway into corporate data, so IT needs to put the right access control in place, McLarty advised.
"If you don't know how this data is being accessed and fail to put the right access control in place, those pragmatic app developers will take the shortest path to what they need and potentially expose the wrong information to the wrong end user. That's a potentially disastrous situation," he added.
McLarty noted that there are a lot of "moving pieces" when it comes to protecting corporate data, such as personal devices, cloud platforms and machine-to-machine communications. "All of these identities and their relationships to the data are key considerations for protecting your backend data," he added.
Not only does the data need to be secured on the device, it also needs to be secured from the device to the data center. An enterprise's mobile backend security strategy should "ensure that appropriate security and integrity is in place before the data reaches the app. Looking at things from the backend perspective will allow you to address these requirements, whether your data resides in an on-premise data center or in the cloud," he noted.
"Since an app accesses enterprise data through an API, protecting the API while managing how it shares data is essential to a backend security strategy. So as you work on addressing device and app security for your BYOD strategy, make sure you don't leave your backend exposed," McLarty concluded.
- read the GigaOM article