Digital Edition

SYS-CON.TV
Mobile App Security, Vulnerabilities and App Development
There are potential vulnerabilities when you have third-parties develop your mobile apps

I had the privilege of attending a mobile security event this week and speaking with many experts on the matter.  I am not a mobile security expert, so my role was to speak on mobile strategies and trends and to learn as much as I could.

What did I learn?  I learned the difference between a mobile security containers and mobile app wrapping. I confess prior confusion in the matter.  Mobile app wrapping is a process of securing an existing app, by injecting code into and around the app that secures it and provides monitoring analytics. Mobile security containers, in contrast, enable mobile app developers to develop new apps inside a security container that protects it and provides a framework for security.  Don't ask me more as I have reached the limit in this subject with those two sentences.

I also learned there are potential vulnerabilities when you have third-parties develop your mobile apps.  Manageable vulnerabilities, but ones that must be considered and addressed.  Most mobile app security solutions are designed to protect an app from outside attack, but what happens if the app code is designed and developed purposely with nefarious intent?  Mobile security systems are not designed specifically to find or prevent that event.  What if the mobile app has been developed purposely to store credit card data and then to send it off-shore?  The mobile app has not been attacked or hacked, it was developed that way and delivered to an unsuspecting vendor.  Yikes!!!!

With that vulnerability in mind, companies having third-parties develop apps need ways to test and verify the code and behavior of the mobile app matches the original intent, purpose and design.

I also learned that MAM (mobile application management), MDM (mobile device management), EMM (enterprise mobility management) with a pinch of mobile application lifecycle management can all be found in the same vendor, or not.  It seems all of the mobile security vendors are both partners and competitors emphasizing different aspects of their solutions and ambitions depending on if their partners are present in the room or not.

The bottom line, however, is that my weekly newsletter on Mobile Cyber Security is the most read newsletter I publish each week.  This is a very important topic.  It appears from all of the sessions I attended that today it may take a combination of mobile security vendors to cover your full mobile security and application management needs.

********************************************

Kevin Benedict
Writer, Speaker, Senior Analyst
Digital Transformation, EBA, Center for the Future of Work Cognizant
View my profile on LinkedIn
Learn about mobile strategies at MobileEnterpriseStrategies.com
Follow me on Twitter @krbenedict
Browse the Mobile Solution Directory
Join the Linkedin Group Strategic Enterprise Mobility
Join the Google+ Community Mobile Enterprise Strategies
Recommended Strategy Book Code Halos
Recommended iPad App Code Halos for iPads

About Kevin Benedict
Kevin Benedict serves as the Senior Vice President, Solutions Strategy, at Regalix, a Silicon Valley based company, focused on bringing the best strategies, digital technologies, processes and people together to deliver improved customer experiences, journeys and success through the combination of intelligent solutions, analytics, automation and services. He is a popular writer, speaker and futurist, and in the past 8 years he has taught workshops for large enterprises and government agencies in 18 different countries. He has over 32 years of experience working with strategic enterprise IT solutions and business processes, and he is also a veteran executive working with both solution and services companies. He has written dozens of technology and strategy reports, over a thousand articles, interviewed hundreds of technology experts, and produced videos on the future of digital technologies and their impact on industries.



ADS BY GOOGLE
Subscribe to the World's Most Powerful Newsletters

ADS BY GOOGLE

The explosion of new web/cloud/IoT-based applications and the data they generate are transforming ou...
CI/CD is conceptually straightforward, yet often technically intricate to implement since it require...
Containers and Kubernetes allow for code portability across on-premise VMs, bare metal, or multiple ...
Enterprises are striving to become digital businesses for differentiated innovation and customer-cen...
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As au...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't com...
DXWorldEXPO LLC announced today that All in Mobile, a mobile app development company from Poland, wi...
The now mainstream platform changes stemming from the first Internet boom brought many changes but d...
DXWorldEXPO LLC announced today that Ed Featherston has been named the "Tech Chair" of "FinTechEXPO ...
Chris Matthieu is the President & CEO of Computes, inc. He brings 30 years of experience in developm...
Bill Schmarzo, author of "Big Data: Understanding How Data Powers Big Business" and "Big Data MBA: D...
Andi Mann, Chief Technology Advocate at Splunk, is an accomplished digital business executive with e...
In this presentation, you will learn first hand what works and what doesn't while architecting and d...
The Internet of Things is clearly many things: data collection and analytics, wearables, Smart Grids...
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitori...
We are seeing a major migration of enterprises applications to the cloud. As cloud and business use ...
If your cloud deployment is on AWS with predictable workloads, Reserved Instances (RIs) can provide ...
Disruption, Innovation, Artificial Intelligence and Machine Learning, Leadership and Management hear...
We build IoT infrastructure products - when you have to integrate different devices, different syste...
Consumer-driven contracts are an essential part of a mature microservice testing portfolio enabling ...