Gartner predicts that, by 2015, most mobile apps will sync, collect and analyze deep data about users and their social graphs, but most IT leaders are failing to consider the deep impact that mobile apps have on their information infrastructure.
Gartner also predicts that, by 2017, wearable devices will drive 50 percent of total app interactions.
This includes desktop-based app interactions and mobile apps, with mobile apps making up the majority of these interactions.
"IT leaders should ensure they have infrastructure in place that takes into account data collected, not only via mobile apps, but also from apps running on wearable devices," said Roxane Edjlali, research director at Gartner.
To date, most applications have been developed to support specific business-to-consumer interactions. For example, some use location data to offer contextually relevant information, and some also collect other information about their users — such as gender and age group — to further refine the interaction.
"Personal data is often collected solely in support of a mobile app's requirements and not considered an asset within an organization's overall information infrastructure," said Ms. Edjlali. "Consequently, although this data is accessed and potentially stored in support of an app, it is not managed as a full 'citizen' of an enterprise's information infrastructure."
The line between acceptable and unacceptable use of consumer data can be very thin, and it gets even thinner as the data collected becomes more detailed and personal. For example, organizations collecting biometric data through mobile apps linked to wearable devices could be tempted to monetize this data by reselling it.
"Even if personal or biometric data is anonymous, it could have a major impact on a person's ability to get adequate health insurance, if they are identified as belonging to a risk category," said Ms. Edjlali. "In addition, mobile apps that use third parties for authentication deliver data on customer behavior to those third parties."
These risks relating to data collected from mobile apps require organizations to rethink their governance policies and adjust their information infrastructure.
Such organizations should:
- Manage the persistency and perishability of data collected from mobile apps.
- Monitor access to and control of this data. It is important to ensure that personal data collected from mobile apps remains private, and that it is secured, anonymized and accessed according to the organization's governance policies. Proper management of user agreements and opt ins are important aspects of this.
- Control the sharing and reuse of mobile app data for other purposes.
“Organizations should plan to manage information across cloud and on-premises implementations, as combining all data on the premises or on a single repository is no longer viable. It is important to understand the service-level agreements (SLAs) for various use cases that access mobile app data, and adapt the information capability accordingly,” said Ms. Edjlali.
For example, colocation of data from mobile apps with other application data on the premises can be a better option for use cases such as offline and near-line analysis. However, using data virtualization to combine data in the cloud with data on the premises can be a better option if colocation does not suit the governance or SLAs of a use case. Using integration-platform-as-a-service capabilities for cloud service integration can complement existing data integration strategies by moving data from the cloud to the premises, or from cloud to cloud as needed.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.