Mobile application security failures to be primary source of breaches in future

Mobile application security failures to be primary source of breaches in future

on Jul 7, 14 • by Chris Bubinas • with No Comments

Within a few years, mobile security breaches will predominantly be caused by mobile application misconfigurations, according to Gartner...

Home » Software Security » Mobile application security failures to be primary source of breaches in future

The need for high-quality mobile security is growing rapidly. Consumers and businesses now rely on smartphones and tablets for an ever-increasing variety of critical tasks, and these devices inevitably must house and provide access to sensitive, valuable data. Mobile security breaches can put individuals and organizations at great risk of fraud, theft and more.

Mobile application security is essential in this capacity. If mobile apps are not fully protected, the users' devices will be vulnerable.

According to a recent Gartner study, this is a serious, escalating issue. Within a few years, mobile security breaches will predominantly be caused by mobile application misconfigurations.

Mobile app issues
The Gartner study noted that currently, mobile security breaches are relatively rare. However, this is not expected to remain the case, as more and more smartphones enter the market and are used more heavily. This will cause cyberattackers to turn their attention to mobile targets with growing frequency. By 2017, Gartner forecast that three-fourths of all mobile security breaches will be attributable to mobile application misconfiguration.

"Mobile security breaches are – and will continue to be – the result of misconfiguration and misuse on an app level, rather than the outcome of deeply technical attacks on mobile devices," said Dionisio Zumerle, principal research analyst at Gartner. "A classic example of misconfiguration is the misuse of personal cloud services through apps residing on smartphones and tablets. When used to convey enterprise data, these apps lead to data leaks that the organization remains unaware of for the majority of devices."

Gartner noted that these attacks will mostly center on mobile devices that have been altered at the administrative level. Zumerle explained that the most common examples of such manipulation are the jailbreaking of iOS devices and rooting of Android devices. These actions remove app-specific protections, opening up the devices and their contents to potential mobile attacks.

Protecting mobile data
In recognition of this growing threat, Gartner offered a number of recommendations for IT security leaders looking to protect their companies' mobile users. Essentially, the report made it clear that business leaders should require their employees to take steps to increase the security of their devices.

Most obviously, Gartner recommended that IT leaders forbid personnel from jailbreaking or rooting their devices. Additionally, the source suggested that employees should not be allowed to utilized unapproved third-party app stores.

Gartner also emphasized the need to require signed apps and certificates when it comes to accessing business email, shielded apps and virtual private networks.

"We also recommend that they favor mobile app reputation services and establish external malware control on content before it is delivered to the mobile device," said Zumerle.

These guidelines and the general trend highlighted by Gartner emphasized the importance of establishing standards when it comes to application security. As mobile breaches become increasingly common, firms in every sector will inevitably develop stronger standards for app use, or else risk becoming a recurring target.

This poses both a challenge and an opportunity to mobile application developers. On the one hand, developers need to pay more attention to application security than ever before. If they fail to adequately address these issues and ensure the reliability of their mobile offerings, organizations and individuals will increasingly shun their products, choosing instead to utilize more secure alternatives.

However, by proactively embracing greater mobile security standards sooner rather than later, developers can position themselves as the most suitable option for businesses as they make thetransition toward a more security-conscious selection process.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to top