As BYOD becomes more mainstream, organizations have begun reaping benefits such as increased productivity and better engagement. With the benefits, however, come many risks. One of the biggest threats organizations face with a BYOD strategy in place is data loss or theft. Unfortunately, applying stringent security measures can affect the usability of enterprise apps. In fact, a complex app can force employees to find other tactics that may not respect the importance of corporate data.
So, what should it be? A user-friendly app that can compromise the security of data? Or one that’s too secure that it inconveniences users while interacting with it? Read on to find out.
A Look at Both Sides
According to the definition in the ISO 9421-11 standard, usability is “the extent to which a product can be used by specified users to achieve specified goals with effectiveness, efficiency, and satisfaction in a specified context of use.” Usability, hence, is not only about ease-of-use. It also mandates user satisfaction, which is achievable through aesthetically-pleasing and engaging content.
Entities prioritizing usability believe that users won’t achieve their goals effectively, efficiently, and in a satisfactory manner without it. This can render enterprise apps useless as users will opt for alternative apps, which by itself is risky business.
Usability is also important considering the workforce doesn’t comprise solely of mobile-enthusiastic millennials. Millennials will make up 70% of the working-age population in 2020, but currently make up 35%. The remaining 30% comprises of Gen X (35%) and Boomers (30%). Both generations have lower mobile adoption rates in comparison. Therefore, usability for them is essential to ensure the adoption of the enterprise app.
On the other hand are the entities prioritizing security, which is the protection of portable devices and networks they connect to from the threats and vulnerabilities of wireless computing. While they admit that enterprise apps are useful, they point out the numerous security implications resulting from a larger surface for attacks. This is especially true as employees also use their devices in public places and download content from other sources. Moreover, studies show that half of users don’t lock their devices using passcodes. Therefore, data loss and theft are only the least of organizations’ worries.
As the cost of prevention is lower than the cure (and usability), many propose using stringent security measures to keep devices and data secure. Regardless of how inconvenient these can be.
Enterprise App Usability? Security? Why Not Both?
There is yet to be an app that offers top-of-the-line usability with ironclad security measures. However, this doesn’t mean that finding the right balance between both concepts is impossible. In fact, the following pointers allow you to create a solution to maximizes usability AND security.
Learn About Your Employees’ Preferences
On average, your employee handles two mobile devices within the workplace, with 30+ apps on each. Some of those third-party apps were created after spending millions of dollars on usability and user experience research. Coming from that experience to one where every piece of information is trapped behind layers of authentication and loading times is a productivity killer. Even a delay of a few milliseconds while navigating a mobile app has been proven to severely degrade user experience.
What’s worse, your enterprise mobility solution may inadvertently encourage employees to look for third party solutions on their personal devices. Most of these are unmonitored, filled with potentially malicious apps, and likely susceptible to data theft.
Instead of creating an enterprise app, based on market research and decision-makers’ opinions alone, factor in employees’ preferences. Ask them what productivity apps they prefer and why. You can also test the enterprise app you create on a small group representing the workforce and then incorporate their feedback.
Have a ‘Usability First’ Approach
While implementing enterprise mobility solutions, organizations place security first. While security is crucial, forcing it into the early stages of development drastically restricts your creativity and, ultimately, the app’s capabilities.
Therefore, start by creating the best possible app that your employees will love and then figure out how to mitigate risks by implementing security measures at appropriate points. Remember – your goal should be to minimize resistance for employees so that they can use the app to its full potential.
Get Employee Feedback Throughout the Development Cycle
Asking for employee feedback at the end of the development process may be too late. By then, your organization would have spent many hours and dollars on developing your enterprise app. And if it doesn’t meet users’ expectations, your app will be more of a burden and a waste of resources.
With that in mind, schedule regular testing while the app is still under wraps. Extensive beta testing with real life networks and a range of devices will benefit the usability of the final product. Furthermore, it helps discover potential security lapses which can’t be reproduced in a controlled environment.
Invest in Infrastructure and Policies
By the end of this year, Gartner predicts that over 40% of companies will require employees to provide their own mobile devices for work related purposes. With so many devices flooding in, some policies and systems must be implemented for the effective management and security of data. The following can be useful in this regard:
- An extensive Mobile Device Management system helps monitor device activities and alerts malicious activity.
- Rigorous vetting procedures ensure devices are eligible for your enterprise mobility program.
- Secure VPNs allow the safe transmission of data to and from corporate servers.
- Standard operating procedures allow data on stolen devices to be wiped out remotely.
Final Words
Security and usability should go hand-in-hand to create a robust enterprise app that empowers employees, while protecting personal and organizational data. Security should never seriously impact usability or the other way around. The balance is achievable, but a lot of planning needs to precede the development stage in order to effectively pull it off.
