member blog article by Real Asset Management
Corporate apps are fast transforming the way individuals operate within the business. But how many organisations – or individuals – recognise the highly variable levels of security between apps and the inherent risks associated with badly considered mobile deployments?
Whether an organisation is looking to replace expensive, dedicated Personal Digital Assistants (PDAs) for tasks such as asset audits and management, or simply supporting an increasingly flexible workforce, it is vital to understand the security risks inherent within the mobile app portfolio.
While mobile apps clearly provide a chance to transform business processes, Karen Conneely, Group Commercial Manager, Real Asset Management, outlines the importance of looking beyond the core features and assessing the security components of any mobile app before making the move.
The explosion in business apps in tandem with global ‘Bring Your Own Device’ (BYOD) strategies is transforming the way organisations can exploit and share information and with the right apps, organisations can fundamentally transform key business functions – such as asset management. Traditionally the annual asset audit has been undertaken – often reluctantly – by an individual within finance or IT tasked with touring the organisation to verify that the information on the asset register matches the assets in situ.
In recent years, these individuals have benefitted from the introduction of PDAs to replace the tedious manual process of ticking paper lists and then rekeying the information into the asset register. This approach has significantly streamlined the asset audit process and improved data quality. However, PDAs are an expensive investment and are often used for just one or two days each year.
Now with the latest generation of mobile apps, organisations have the chance to devolve responsibility for managing and auditing the asset estate away from IT and Finance towards budget owners.
Armed with the mobile asset management app, staff can undertake physical audits using the camera on a smart device to scan barcodes – in the same way the laser scanner on the PDA has been used in the past. The difference is that with the commonly used smart phone, an organisation can move away from dedicated equipment and dedicated audit individuals to devolving responsibility more broadly across the organisation. The one off or annual audit can be replaced by far more regular activity undertaken by those with actual budget responsibility.
But how secure is this model? With the majority of apps requiring simply a user name and password, the reality is that this sensitive data related to key company assets can be incredibly insecure. So before making the move from PDA to app, it is essential to consider the diverse security features on offer.
Best practice app development demands robust authentication, such as a PIN. It should ensure authentication is linked to the user’s credentials on the enterprise application to provide additional verification. Given the sensitivity of corporate asset information, it is also important to understand whether any user can have access to any information or are facilities in place to limit access to subsets of information? Delivering this level of security is becoming best practice for the latest generation of business app – but it is not a given. It is essential to ask the right questions before making an investment.
With the right level of security, the app model is indeed compelling, enabling those with responsibility for individual assets to take control over keeping the asset information up to date. This transforms the business cost associated with managing assets, ensuring the data is accurate for insurance purposes and enabling department managers to have far more understanding of and control over their own asset estates.
However, it is essential to understand the implications: an app is an excellent solution to a business problem – but not all apps are the same. Ensuring best practice app security is key to safely and securely realising the vision of devolved asset management.
Read more about mobile app development in this Information Week article