Blog

App Vetting – The Ever Changing Battle Field

Government organizations and businesses are developing modern mobile apps to be engaged with their audience and to meet their objectives that range from increasing customer and employee loyalty, to sales and revenue generation. They however have to verify the compliance of mobile apps with security requirements of their organizations.

When it comes to app vetting, the job is to help users limit the attack surface and remain functional. Anything can be locked down to make it “the most” secure, but is it useful anymore? Cyber Security professionals work for their customers and make decisions for users to create limitations to balance risk.

When it comes to the process of app vetting, the decision of whether an app should be allowed starts way before the app itself is vetted. System limitations, technical or regulatory requirements, will commonly make that determination.

In an Enterprise System, if there is a clearly defined app approval process, this cuts down on the amount of time spent on approving each user app request. These can become overwhelming very quickly.

Human behavior can also help determine which apps are purchased and/or provided. It is optimal, if we have the resources in the beginning, to design a comprehensive app catalog to meet the needs of the organization. This means that the different portions of the organization were included in the process to help limit the number of requests outside of the existing catalog.

As an app is being vetted, keep in mind how it affects profile and policy management. The fewer profiles and policies that need to be managed, the easier it is to secure the system.

I think of it as a flow chart with different buckets at the bottom. As you move down the flow chart, it will determine which bucket the app falls in. These buckets represent what profile and policies a user gets. If we can limit the number of buckets, then we can limit the number of profiles and policies we need to put in place.

As we know, the needs of organizations change and new/better technologies are integrated all the time.

To help vet these new apps, it is important to know how much control the organization will have over the app itself and the data it can access. The following questions can help do this:

–          What functions can be turned on and off?

–          What type of device is it going on? Ex. Corporate owned or BYOD

–          Who made the app?

–          What monitoring or tools come with the app?

Another large consideration is whether there is another app already available to users that has the same function. Many app suites provide apps with the solutions to the same business problems. Limiting app function overlap and completing regular audits on use, can help determine whether apps are still needed.

App developers and cyber security professionals can tap into NIST Special Publication 800-163 “Vetting the Security of Mobile Applications” to obtain detailed information on the vetting process.

Jessica Clark is a Mobility Solutions Engineer at Vikheda and brings several years of network infrastructure and mobility management experience supporting large federal agencies such as the US Air Force, US Army Corps of Engineers, US Department of State and US Department of Homeland Security.

Applications of Data Analytics and Artificial Intelligence in Healthcare

Automation, machine learning and artificial intelligence (AI) have been disruptive technologies in many areas such as manufacturing, retail, logistics, financial services, Education, Human Resources, Legal, Travel, Social Media, Agriculture, Real Estate, IT & Cloud Services, and Sports. Healthcare has the potential for more substantial and positive impact than other industries.

A 2016 report from CB Insights states that 86% of healthcare provider organizations, life sciences companies and technology vendors to healthcare are using AI technology. By the year 2020, these organizations will spend an average of $54 million artificial intelligence projects.

What are the most common solutions that are being implemented in the healthcare space? We present 10 ways that AI is changing healthcare now and will change healthcare in the future.

Big data journey to unlock the untapped potential

Most enterprises agree that they can gain insights from the data that they have collected to drive business decisions. Healthcare, Financial, Retail, Manufacturing and Technology enterprises are among those that are generating  enormous amounts of data (both structured and unstructured). In addition to their own data sets, public data sets are now made available by the government. A combination of these data sets present tremendous opportunities for enterprises to seize. Yet, many of these organizations are playing catch up to unlock the value hidden in their data sets.    

Things to consider when selecting a collaboration platform

Most enterprises acknowledge that their employees and the fresh ideas they generate are critical to help  them stay competitive. Collaboration plays an important part in curating ideas.  In this digital era, collaboration solutions are essential to support teamwork between people who are geographically dispersed.

So, where do we start?.  There are so many cloud based collaboration solutions in the market and it can easily get overwhelming for enterprises to decide on which platform to consider to standardize or adopt.