Saving Time and Effort with Seamless Security for East Renfrewshire Council
Mobile security used to be incredibly time and resource-intensive for East Renfrewshire council. Whenever employees wanted access to a new app on their council devices, IT staff had to spend hours trawling through developer privacy and security policies, and fruitlessly reaching out for more information.
“You might find a contact form on the website, but they’d be under no obligation to respond, especially if it’s a free app and you’re not even a customer yet,” explains council’s Senior ICT Officer for Cybersecurity & Compliance.
“It was a huge struggle and a constant time sink.”
Fortunately, those days are over now MOBSTR is on board.
The challenge for the predecessor and her team was that they wanted to support employee productivity, but in a way that didn’t invite excessive security, privacy and compliance risk. Research from a few years ago reveals that 62% of workers agree mobile phones or tablets play a key role in helping them be productive at work. Yet any hidden vulnerabilities or even malware lurking in legitimate-looking apps could lead to breaches of customer data, inviting regulatory scrutiny and potential fines.
The Senior ICT Officer explains that the “many hours of manual work” needed to sign-off on usage of a new app are compounded by further checks required to ensure that any app updates do not conflict with council policy.
Against this backdrop, MOBSTR offered a compelling solution for East Renfrewshire Council. The SaaS-based mobile security assessment and ratings platform provides powerful AI-backed scanning to check for hidden vulnerabilities, insecure development practices, privacy risks and more. It’s being used not only to approve or block apps for use by council workers, but also to continuously monitor them to ensure they remain compliant with policy.
MOBSTR’s simple-to-use risk scores guide policy for the council. If an app is graded a “B” or above, it will be waved through. But a “C” warrants a hands-on review from the Senior ICT Officer. One such example was a “bird call identifier” app, which required access to the device microphone and location. On review, the Senior ICT Officer approved it for the environmental team after judging these permissions were necessary rather than excessive.
“It’s been a huge jump and such a simplification for us,” the Senior ICT Officer explains. “This work would be impossible even for a larger team; a huge commitment time wise.”
MOBSTR is not only continually mitigating mobile-related risk for the council, whilst supporting employee productivity and saving the IT team countless hours of manual labour across 120 managed apps. It also provides useful independent assurance that can be shared with employees requesting access.
“You can run the scan, export the results and attach it to a change request, and you’ve got a paper trail as an IT person,” the Senior ICT Officer explains. “It’s sometimes about having a definitive source to say ‘no’, because that’s often harder to do than just say ‘yes’ to everyone.”
The Senior ICT Officer has also been delighted with the support received from MOBSTR and is looking forward to extending the relationship with upcoming features that will support Microsoft Store scans.
“Anytime I’ve logged a support query the guys have been fantastic at getting back to us and are all over anything straightaway,” the Senior ICT Officer concludes. “The Microsoft integration will be great for us. It will be another massive jump.”
Contact us now