Mobile is hot. Mobile apps are burning hot. However, as always, there’s a downside: mobile app developers don’t always take the proper security measures. As BT’s Konstantinos Karagiannis said, mobile developers are making security mistakes that we have seen before.
While the mobile user can do a lot to protect his devices, including measures such as only downloading apps from reputable sites and looking at the app permission requests, developers play an unmistakable role in making the ‘mobile app ecosystem’ a safer one.
Forrester’s Mike Gualtieri just wrote a blog post stating that “many mobile app developers have a naive notion of app security that leads them into believing their apps are secure when they are not.”
Authenticating users and encrypting passwords is not enough. The mobile backend services must be secure and performing threat modelling is a must, Mike says.
He provides “six security properties,” mobile app developers should take into account. Watch the chart below and read Mike’s post. Let us know how your organisation deals with the security issues regarding mobile apps in our LinkedIn Group.
Discover our BT Assure resources and tools to rethink the risk to see security differently.