This paper covers some of the critical security gaps today’s mobile-cloud enterprises must address:
• Unsecured devices. Unsecured devices allow users to easily access business data from mobile apps or cloud services simply by entering their credentials into an app or browser on the device. Once on the device, data can be easily compromised or shared with unauthorized, external sources.
• Unmanaged apps. These typically include business apps, such as Office 365 productivity apps, that the user has downloaded from a personal app store instead of the enterprise app store. As a result, these apps are not under IT control but can still be used to access business content once the user enters his or her credentials.
• Unsanctioned cloud services. Most enterprise cloud services have associated ecosystems of apps and services that integrate using APIs. While the enterprise cloud service might be sanctioned, apps and services from its ecosystem might not be.