Welcome!

The Digital Future

Kevin Benedict

Subscribe to Kevin Benedict: eMailAlertsEmail Alerts
Get Kevin Benedict via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Article

Mobile App Security, Vulnerabilities and App Development

There are potential vulnerabilities when you have third-parties develop your mobile apps

I had the privilege of attending a mobile security event this week and speaking with many experts on the matter.  I am not a mobile security expert, so my role was to speak on mobile strategies and trends and to learn as much as I could.

What did I learn?  I learned the difference between a mobile security containers and mobile app wrapping. I confess prior confusion in the matter.  Mobile app wrapping is a process of securing an existing app, by injecting code into and around the app that secures it and provides monitoring analytics. Mobile security containers, in contrast, enable mobile app developers to develop new apps inside a security container that protects it and provides a framework for security.  Don't ask me more as I have reached the limit in this subject with those two sentences.

I also learned there are potential vulnerabilities when you have third-parties develop your mobile apps.  Manageable vulnerabilities, but ones that must be considered and addressed.  Most mobile app security solutions are designed to protect an app from outside attack, but what happens if the app code is designed and developed purposely with nefarious intent?  Mobile security systems are not designed specifically to find or prevent that event.  What if the mobile app has been developed purposely to store credit card data and then to send it off-shore?  The mobile app has not been attacked or hacked, it was developed that way and delivered to an unsuspecting vendor.  Yikes!!!!

With that vulnerability in mind, companies having third-parties develop apps need ways to test and verify the code and behavior of the mobile app matches the original intent, purpose and design.

I also learned that MAM (mobile application management), MDM (mobile device management), EMM (enterprise mobility management) with a pinch of mobile application lifecycle management can all be found in the same vendor, or not.  It seems all of the mobile security vendors are both partners and competitors emphasizing different aspects of their solutions and ambitions depending on if their partners are present in the room or not.

The bottom line, however, is that my weekly newsletter on Mobile Cyber Security is the most read newsletter I publish each week.  This is a very important topic.  It appears from all of the sessions I attended that today it may take a combination of mobile security vendors to cover your full mobile security and application management needs.

********************************************

Kevin Benedict
Writer, Speaker, Senior Analyst
Digital Transformation, EBA, Center for the Future of Work Cognizant
View my profile on LinkedIn
Learn about mobile strategies at MobileEnterpriseStrategies.com
Follow me on Twitter @krbenedict
Browse the Mobile Solution Directory
Join the Linkedin Group Strategic Enterprise Mobility
Join the Google+ Community Mobile Enterprise Strategies
Recommended Strategy Book Code Halos
Recommended iPad App Code Halos for iPads

More Stories By Kevin Benedict

Kevin Benedict serves as the Senior Vice President, Solutions Strategy, at Regalix, a Silicon Valley based company, focused on bringing the best strategies, digital technologies, processes and people together to deliver improved customer experiences, journeys and success through the combination of intelligent solutions, analytics, automation and services. He is a popular writer, speaker and futurist, and in the past 8 years he has taught workshops for large enterprises and government agencies in 18 different countries. He has over 32 years of experience working with strategic enterprise IT solutions and business processes, and he is also a veteran executive working with both solution and services companies. He has written dozens of technology and strategy reports, over a thousand articles, interviewed hundreds of technology experts, and produced videos on the future of digital technologies and their impact on industries.