Welcome!

Digital Transformation (DX) Headquarters

Kevin Benedict

Subscribe to Kevin Benedict: eMailAlertsEmail Alerts
Get Kevin Benedict via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Article

Mobile App Security, Vulnerabilities and App Development

There are potential vulnerabilities when you have third-parties develop your mobile apps

I had the privilege of attending a mobile security event this week and speaking with many experts on the matter.  I am not a mobile security expert, so my role was to speak on mobile strategies and trends and to learn as much as I could.

What did I learn?  I learned the difference between a mobile security containers and mobile app wrapping. I confess prior confusion in the matter.  Mobile app wrapping is a process of securing an existing app, by injecting code into and around the app that secures it and provides monitoring analytics. Mobile security containers, in contrast, enable mobile app developers to develop new apps inside a security container that protects it and provides a framework for security.  Don't ask me more as I have reached the limit in this subject with those two sentences.

I also learned there are potential vulnerabilities when you have third-parties develop your mobile apps.  Manageable vulnerabilities, but ones that must be considered and addressed.  Most mobile app security solutions are designed to protect an app from outside attack, but what happens if the app code is designed and developed purposely with nefarious intent?  Mobile security systems are not designed specifically to find or prevent that event.  What if the mobile app has been developed purposely to store credit card data and then to send it off-shore?  The mobile app has not been attacked or hacked, it was developed that way and delivered to an unsuspecting vendor.  Yikes!!!!

With that vulnerability in mind, companies having third-parties develop apps need ways to test and verify the code and behavior of the mobile app matches the original intent, purpose and design.

I also learned that MAM (mobile application management), MDM (mobile device management), EMM (enterprise mobility management) with a pinch of mobile application lifecycle management can all be found in the same vendor, or not.  It seems all of the mobile security vendors are both partners and competitors emphasizing different aspects of their solutions and ambitions depending on if their partners are present in the room or not.

The bottom line, however, is that my weekly newsletter on Mobile Cyber Security is the most read newsletter I publish each week.  This is a very important topic.  It appears from all of the sessions I attended that today it may take a combination of mobile security vendors to cover your full mobile security and application management needs.

********************************************

Kevin Benedict
Writer, Speaker, Senior Analyst
Digital Transformation, EBA, Center for the Future of Work Cognizant
View my profile on LinkedIn
Learn about mobile strategies at MobileEnterpriseStrategies.com
Follow me on Twitter @krbenedict
Browse the Mobile Solution Directory
Join the Linkedin Group Strategic Enterprise Mobility
Join the Google+ Community Mobile Enterprise Strategies
Recommended Strategy Book Code Halos
Recommended iPad App Code Halos for iPads

More Stories By Kevin Benedict

Kevin Benedict is an opinionated futurist, Principal Analyst at the Center for Digital Intelligence™, C4DIGI.com, emerging technologies analyst, and digital transformation and business strategy consultant. In the past 8 years he has taught workshops for large enterprises and government agencies in 18 different countries, and is a keynote speaker at conferences worldwide. He spent nearly 5 years working as a Senior Analyst at Cognizant (CTSH), and 2 years serving in Cognizant's Center for the Future of Work where he wrote many reports, hundreds of articles, interviewed technology experts, and produced videos on the future of digital technologies and their impact on industries. He has written articles published in The Guardian, wrote the Forward to SAP Press' book titled "Mobilizing Your Enterprise with SAP", published over 3,000 articles and was featured as thought leader and digital strategist in the Department of Defense's IQT intelligence journal. Kevin lectures and leads workshops, teaches and consults with companies and government agencies around the world to help develop digital transformation and business strategies. Visit his website at C4DIGI.com.