4 Reasons Why Enterprises Fail at Mobile Security
Security architect Aaron Bryson shares with us four reasons he believes enterprises fail at properly implementing mobile security in their apps. Read on for details.
Join the DZone community and get the full member experience.Join For Free
If you turn on your TV or even login to Facebook, odds are you’ve seen numerous stories about internet security. From WannaCry to hacking allegations against the Russian government to almost 700,000 DaFont usernames and passwords being hacked, security is a big deal.
Unfortunately, even though enterprise leaders and app developers are fully aware of the rise of malware and hacking, mobile app security is often given short shrift. The reasons why aren’t nefarious—but they are serious.
Take a look:
1. Mobile Developers Are Overburdened
Everyone wants—or needs—a mobile app these days, but there isn’t enough talent to fulfill the demand. Thus, developers are overworked and under pressure—a sure recipe for a security disaster.
2. Enterprises Don’t Know What They Don’t Know
It sounds simple because it is simple—if you don’t have knowledge on a particular subject you can’t be expected to be a subject matter expert. A developer or enterprise who’s well-versed in web security isn’t necessarily well-versed in mobile security. On the surface, it might seem like what would apply to one should apply to the other. That simply isn’t the case.
3. Developers Are Using the Wrong Tools
Even if a developer is armed with massive amounts of mobile awareness, that’ll do her no good if she doesn’t have the right tools. Think of it this way—the best baker in the world can’t properly bake a cake in an oven that distributes heat unevenly. Yes, you can make something passable, but it won’t be the best that it could be.
4. Businesses Are Falling Behind While Standing Still
Even if you release the best, most secure mobile app imaginable today, that doesn’t mean it will stay that way. Apple, Google, and other mobile companies constantly update their operating systems and devices, meaning there’s also continuous innovation regarding vulnerabilities. If enterprises don’t update their apps in conjunction with OS updates, they’re opening themselves up to security vulnerabilities simply by doing nothing.
When it comes to mobile app security, the device itself is just the tip of the iceberg.
Published at DZone with permission of Aaron Bryson, DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.