Digital Edition

SYS-CON.TV
Mobile App Security, Vulnerabilities and App Development
There are potential vulnerabilities when you have third-parties develop your mobile apps

I had the privilege of attending a mobile security event this week and speaking with many experts on the matter.  I am not a mobile security expert, so my role was to speak on mobile strategies and trends and to learn as much as I could.

What did I learn?  I learned the difference between a mobile security containers and mobile app wrapping. I confess prior confusion in the matter.  Mobile app wrapping is a process of securing an existing app, by injecting code into and around the app that secures it and provides monitoring analytics. Mobile security containers, in contrast, enable mobile app developers to develop new apps inside a security container that protects it and provides a framework for security.  Don't ask me more as I have reached the limit in this subject with those two sentences.

I also learned there are potential vulnerabilities when you have third-parties develop your mobile apps.  Manageable vulnerabilities, but ones that must be considered and addressed.  Most mobile app security solutions are designed to protect an app from outside attack, but what happens if the app code is designed and developed purposely with nefarious intent?  Mobile security systems are not designed specifically to find or prevent that event.  What if the mobile app has been developed purposely to store credit card data and then to send it off-shore?  The mobile app has not been attacked or hacked, it was developed that way and delivered to an unsuspecting vendor.  Yikes!!!!

With that vulnerability in mind, companies having third-parties develop apps need ways to test and verify the code and behavior of the mobile app matches the original intent, purpose and design.

I also learned that MAM (mobile application management), MDM (mobile device management), EMM (enterprise mobility management) with a pinch of mobile application lifecycle management can all be found in the same vendor, or not.  It seems all of the mobile security vendors are both partners and competitors emphasizing different aspects of their solutions and ambitions depending on if their partners are present in the room or not.

The bottom line, however, is that my weekly newsletter on Mobile Cyber Security is the most read newsletter I publish each week.  This is a very important topic.  It appears from all of the sessions I attended that today it may take a combination of mobile security vendors to cover your full mobile security and application management needs.

********************************************

Kevin Benedict
Writer, Speaker, Senior Analyst
Digital Transformation, EBA, Center for the Future of Work Cognizant
View my profile on LinkedIn
Learn about mobile strategies at MobileEnterpriseStrategies.com
Follow me on Twitter @krbenedict
Browse the Mobile Solution Directory
Join the Linkedin Group Strategic Enterprise Mobility
Join the Google+ Community Mobile Enterprise Strategies
Recommended Strategy Book Code Halos
Recommended iPad App Code Halos for iPads

About Kevin Benedict
Kevin Benedict serves as the Senior Vice President, Solutions Strategy, at Regalix, a Silicon Valley based company, focused on bringing the best strategies, digital technologies, processes and people together to deliver improved customer experiences, journeys and success through the combination of intelligent solutions, analytics, automation and services. He is a popular writer, speaker and futurist, and in the past 8 years he has taught workshops for large enterprises and government agencies in 18 different countries. He has over 32 years of experience working with strategic enterprise IT solutions and business processes, and he is also a veteran executive working with both solution and services companies. He has written dozens of technology and strategy reports, over a thousand articles, interviewed hundreds of technology experts, and produced videos on the future of digital technologies and their impact on industries.



ADS BY GOOGLE
Subscribe to the World's Most Powerful Newsletters

ADS BY GOOGLE

The question before companies today is not whether to become intelligent, it’s a question of how and...
While some developers care passionately about how data centers and clouds are architected, for most,...
ChatOps is an emerging topic that has led to the wide availability of integrations between group cha...
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting ch...
As Marc Andreessen says software is eating the world. Everything is rapidly moving toward being soft...
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know ...
Is advanced scheduling in Kubernetes achievable?Yes, however, how do you properly accommodate every ...
The cloud era has reached the stage where it is no longer a question of whether a company should mig...
The need for greater agility and scalability necessitated the digital transformation in the form of ...
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an over...
Coca-Cola’s Google powered digital signage system lays the groundwork for a more valuable connection...
In his session at 21st Cloud Expo, Raju Shreewastava, founder of Big Data Trunk, provided a fun and ...
"Since we launched LinuxONE we learned a lot from our customers. More than anything what they respon...
DevOps is under attack because developers don’t want to mess with infrastructure. They will happily ...
"As we've gone out into the public cloud we've seen that over time we may have lost a few things - w...
In his session at 21st Cloud Expo, Michael Burley, a Senior Business Development Executive in IT Ser...
Sanjeev Sharma Joins June 5-7, 2018 @DevOpsSummit at @Cloud Expo New York Faculty. Sanjeev Sharma is...
We are given a desktop platform with Java 8 or Java 9 installed and seek to find a way to deploy hig...
"I focus on what we are calling CAST Highlight, which is our SaaS application portfolio analysis too...
"Cloud4U builds software services that help people build DevOps platforms for cloud-based software a...