The world today runs on smartphones. With accessibility going up and costs coming down, the smartphone market is thriving. When we factor in the advancements in technology that enable faster Internet access on smartphones, they become a very powerful medium to interact with people. Users are no longer happy with browser-based access to websites on their phones: They prefer specialized applications to get things done in a simpler and faster manner. This has led to the boom in the mobile apps development space.
Nowadays you have apps available for just about anything, including e-commerce, mobile wallets, banking, social, transportation and more. The high demand for apps has caused developers to churn them out at such a rapid pace that it has actually become difficult to keep track of the number of new programs being released each day. In the hurry to get apps to market, however, developers often overlook key security aspects that may leave apps vulnerable to breaches.
Securing Mobile Apps and Data
Take a look at the data to which these mobile apps have access on our phones. When installed, most ask for permission to access information such as location, contacts, messages, pictures, cameras, etc. We normally accept these terms and conditions with the assurance that apps are secure and our data will not be misused.
But what if these apps were hacked? It would leave critical personal and company data exposed. A recent survey found that 88 percent of corporate employees used personal devices to access official email, and 93 percent of enterprises have mobile devices connected to corporate networks. An Arxan study, the “State of Mobile App Security,” revealed that 97 percent of Android and 87 percent of iOS mobile apps have been hacked.
There is no such thing as a free app. Developing mobile apps costs money, and that has to be recovered somehow. Even apps like games have access to information and can misuse personal data on your device.
Most mobile malware is hidden in application updates that get installed without much thought by the end users. Once they infect the device, they can access everything from calls, location data, cameras and even contacts. This makes it very important for enterprises to look into securing mobile apps and for organizations to put in place a comprehensive mobile security strategy to safeguard assets and intellectual property.
Today’s enterprises must be able to verify the security of their own in-house applications, while also enabling runtime risk detection, tamper resistance and enhanced control via white-listing or blacklisting outside applications. The big question is what enterprises can do to ward off these threats for malicious applications.
To Learn More
Watch the IBM on-demand webinar “Surviving the Mobile Phenomenon: Shielding Mobile Apps From Fraud and Malware” to hear mobile security experts discuss the current state of the mobile security market and threats facing the enterprise; share the four key imperatives that must be a part of a holistic mobile security strategy; and take a deep dive into the key imperative: safeguarding applications and data.