While many smartphone and tablet owners would like to believe their devices are not at risk to similar types of malware and virus risks that plague PCs and laptops, the reality is far from the fantasy. More than “80% of mobile apps have security and privacy issues.”
A mobile device not only produces data regarding web history and browsing, it essentially turns the user into a mobile node in a giant human network. Each of these nodes produce massive amounts of usage and geo-spatial data such as proximity to commercial locations and fellow mobile users. Facebook knows this, and they are quickly implementing strategies to monetize GPS information stemming from its users.
Whether your enterprise favors Bring Your Own Device (BYOD) orCorporate Owned, Personally Enabled (COPE) policies for mobile device management, security is at the forefront of any strategic decisions regarding enterprise implementations. Due to the millions of applications available for mobile, it is near impossible for a department to manually map out the functions and capabilities of every app in the app store. However, there are ways to automate the process. For starters, a great method for streamlining the security protocols regarding mobile device management comes from Appthority.
Appthority, along with many other vendors, is designed as a ‘mobile app risk management’ solution. This automated solution analyzes mobile apps in order to delve beyond its core uses. A majority of apps have background processes that collect data from other apps, communicate with other apps, and access backend systems with no guarantee of encryption. Sensitive information within an enterprise application needs to be protected from the potential tampering by infected apps that access confidential business data.
A holistic approach to mobile device management and security is the only way to reduce the chance of valuable enterprise data being leaked to unwarranted parties. From the perspective of app developers it is important to be proactive in terms of security issues. Suggestions include active feedback analysis from users even after the apps release in order to assure users of consistent security. Tactics such as considering the ecosystem where the app will be used as well as practicing data minimization, which keeps only necessary data and trashes the rest, proactively reduces data risk and security issues.
It also doesn’t hurt to have a member of the app development team focus entirely on security problems and preventative data risk protocols.
As data becomes a lucrative asset for corporations, data privacy is certainly important to the public. Data sharing and data tracking are growing into prevalent issues in the United States. Recently introduced legislation calling for ‘app rights’ as well as PSA campaigns directly addressing data privacy are signs increased mobile data security and disclosure are beginning to gain momentum. Issues affecting individual users become even larger and more dangerous when considering enterprise-wide implementations of mobile devices.