Security for mobile project managers
More project managers are turning to cloud-based project management applications with a mobile client app — but security considerations should be top-of-mind.
Even Microsoft is putting more energy behind mobile for its Project Online platform. There’s also companies like LiquidPlanner, Mavenlink, and others who have been delivering innovative mobile project management app at speeds that desktop application vendors can’t touch. However, with all this promise, project managers need to keep security considerations high up on the list of requirements when moving their project management data to the cloud for access by tablets and smartphones.
Security options to look for when moving to a cloud project management application and mobile devices are workspace security controls on the cloud side, a well-designed mobile device client application, and access controls.
When I first started writing about cloud-based project management applications, I was struck by the multiple options to control access to project management data. I am a proponent of democratizing project management data, and with the appropriate device/cloud security, the marriage of mobile device and cloud project management application could make project management data more accessible to all levels of project team members, provided the right security is in place.
Beyond application security basics
When accessing a cloud project management application from a tablet or smartphone client, there are some basic requirements regardless of the application’s purpose, such as SSL connections being in place with verification of every call to the Web. Password resets should break the device’s connection with the cloud application immediately.
However, beyond the security basics, simple security management tools are possible in cloud project management applications that can put access security into the hands of the application owner. Cloud-based project management applications like LiquidPlanner typically use a workspace model for segregating and securing project data. When researching cloud project management applications, look for the capability for the workspace owner to shut down API access, because the introduction of mobile apps can open up new attack vectors through the theft and loss of mobile devices.
There also needs to be some segregation between the mobile device and the cloud. The cloud application should never permit interactivity, such as an upload, without explicit user permission to initiate the act. This segregation is available in a number of mobile project management apps already. You should also look for a cloud project management application that doesn’t do any long-term caching of information on the device side, so you never have to worry about the inadvertent transfer of project plans or data to PCs through a backup or synchronization process.
Security and the mobile client app
Project management applications in general have been getting larger, but mobile project management client apps break this pattern. You should look into the design of the client application and its interactivity with the cloud, especially when it comes to managing restricted access.
When moving your project management to the cloud and mobile devices, keep application, mobile app, and access control high on your list of requirements, right along with the certain productivity and reporting benefits the applications can deliver to your organization.
An earlier version of this post appeared on The Mobility Hub on August 1, 2012.
Image by taner ardalı via unsplash.com
Will Kelly is a technical writer and analyst based in the Washington, DC area. He has worked with commercial, federal, higher education, and publishing clients to develop technical and thought leadership content. His technology articles have been published by CNET TechRepublic, Government Computer News, Federal Computer Week, Toolbox.com, ZDNet.com and others. Follow Will on Twitter:@willkelly.