How March Madness Impacts Enterprise Mobile Data Usage and BYOD Security
|Richard Harris in Security Tuesday, April 5, 2016|
Oversized events like March Madness and the Olympics not only can cause decreased productivity from employees, but also may increase security risks for companies whose employees are using devices that access corporate data. We visited with Michael Covington, VP Product for Wandera, to discuss research the company conducted during the NCAA basketball tournament to learn more on the impact on IT of these types of events.
ADM: Why did you opt to undertake this research? What were you hoping to uncover?
Covington: March Madness has become one of the most famous annual sporting events in the United States. Each year, sports fans spend a tremendous amount of time online consuming content related to the basketball tournament, whether it be to stream live games or to keep on top of their brackets. We were curious to see what might be hidden in all that mobile data.
We structured the research so that we could focus on two specific areas of investigation. First, we wanted to better understand how the games were impacting mobile data usage trends. Our customers look to us to provide explanations for spikes in mobile traffic so they can select the right plans for their employees or impose the right policies for the company.
The second area that we explored was security; with every big event or catastrophe there are those who look to exploit a situation for their own benefit. Since the games kicked off a few weeks ago, we have been paying extra attention to the threats specifically targeting sports fans and NCAA apps.
ADM: What did you find as a result of your analysis? What would you identify as the top takeaway from the report?
Covington: We took a look at mobile usage for the period leading up to the big games and zeroed in on four popular sports apps - NCAA March Madness Live, ESPN, CBS Sports and Yahoo Sports - as well as their corresponding websites. We found, compared to the month prior, that the number of employee devices connecting to the websites increased 211%, while the number of devices utilizing the apps increased 126%.
This spike in usage is pretty dramatic. I’m not in any position to say whether this type of usage results in lost productivity, but it is definitely the kind of activity that mobile administrators need to stay on top of in order to ensure they don’t suffer any unexpected overages in next month’s mobile service bill.
ADM: Were the results of this study surprising to you at all?
Covington: Although we expected to see an increase in traffic to certain websites and from specific apps, the actual numbers were definitely unexpected for one particular reason – all of this activity was on corporate devices.
The same corporations that are restricting employees from installing applications on corporate laptops and desktops are allowing this type of access on mobile devices where the data connection does not come for free. I think this is a reflection of changing policies in the workplace, but it also represents an area of potential risk for the enterprise.
ADM: So enterprises can expect employee productivity to drop during tournaments like these? Is there anything they can do to minimize the impact?
Covington: It’s always difficult to balance strict corporate policy with convenience, and enterprises often struggle to successfully manage their assets without being overly restrictive. The good news is that it’s certainly possible to minimize the impact of events like March Madness through mobility management tools that focus on real-time activity.
Wandera’s Secure Mobile Gateway, for instance, is a platform that provides visibility and control over mobile data. Mobility teams who are able to prepare for events like the Big Dance with eyes wide open - fully understanding who their big data users are, where their users travel and what websites and apps they are using - will be able to make informed decisions as to what type of policy to enforce.
ADM: What are some best practices you would highlight for preparing for similar events in the future?
Covington: We always recommend that mobility teams engage their users and ask them how they would use corporate-owned mobile devices before broadly enacting a mobile policy. IT teams need to engage the end user in order to avoid making employees feel restricted. Acceptable use guidelines will help to minimize impact to employee productivity without restricting convenience, so that events like March Madness remain an enjoyable distraction, rather than a costly affair.
ADM: Do you think IT managers can effectively implement a mobile policy without employees feeling restricted?
Covington: I do. A successful mobile policy effectively balances convenience, security and corporate policy. If IT is too cumbersome or inconvenient, employees will find ways to avoid it, exposing the organization to even more risk. Developing a mobile policy that keeps employees happy and protects your organization from risk and lost productivity is a difficult task, but it’s not impossible.
ADM: Keeping these findings in mind, what should be done next? Is there a silver bullet solution to this problem?
Covington: In this day and age, there is never a silver bullet solution because the threat landscape continues to evolve, hackers continue to get more evasive and new technologies are being developed at an astounding rate. The biggest thing enterprises need to keep in mind is that visibility is essential to both mobile data management and mobile security.
If you don’t know what sites/apps your employees are using or where your data is being stored, how can you expect to maintain security and avoid data loss? The answer, quite simply, is that you can’t. To be in the best position moving forward, enterprises need to take steps to gain full visibility of all corporate liable devices and mobile traffic. From there, they can implement a mobile policy that will suit the needs of their organization, as well as their employees.
Editor’s Note: Flexera Software also conducted research during March Madness that analyzed 28 popular media and sporting iOS apps to determine what data the apps accessed, what device features they could interact with and could these apps pose a potential security risk to organizations or violate their BYOD policies.
Read more: https://www.wandera.com/