Mobile Security: Defending the App
Bryan Casey 270003BSJV BFCASEY@US.IBM.COM | | Tags:  mobile vulnerability app appscan security ibm application
0 Comments | 2,343 Visits
Today's post is from Vijay Dheap, Product Manager- IBM Mobile Security Solutions.
Mobile apps are quickly becoming the dominant interaction pattern for users of smartphones and tablets. A report by comScore highlighted that “82% of time spent with mobile media happens via apps." Browsing behavior of mobile users is taking place within app stores and they are leveraging the apps to perform specific tasks or access information. For enterprises this means that mobile apps become not only the primary means to engage consumers but also to connect with partners and empower employees. As enterprises ramp up their mobile app development efforts a new level of attention needs to be paid to defending these apps.
The security risks enterprises face when deploying mobile apps include data disclosure, malicious data injection, tampered app logic, broken cryptography, among others. An enterprise app can encounter attacks of this sort from malware on the mobile devices or by malicious users who have either stolen or hijacked the mobile device.
Several recent reports have put the spotlight on the continued rapid growth of malware and exploits targeting mobile devices. The implications of this for mobile apps is that developers have to in fact begin with the assumption that the device on which their apps will run might be compromised, particularly on the Android platform. Given the popularity of Android developers cannot just stop serving this market therefore they must begin employing techniques that will raise the security posture of their apps. (read the rest of this post at the IBM Institute for Advanced Security)