Mobile Application Security Challenges

Staying connected has become a necessity for most people. From the teens who want all-day access to social media networks, to business people that need corporate email. We’ve passed far beyond the point where an email or application can wait until you reach your desk. We crossed that bridged a few years ago.

That’s one of the main reasons the mobile devices industry has seen a tremendous growth and shows no sign of stopping.
Some enthusiasts even consider that we are living in a “post-PC” era, where all that matters are mobile devices.

By providing access to mobile users, companies create new ways of communicating and interacting with their current systems. This includes opening ports in the corporate firewall to develop and deploy new applications that handheld devices can use more efficiently.

The more services you offer, the more exposed you are; that is a fact. Almost every week we hear a new story on a leak or attack that compromised customer’s information and the company itself, like the Epsilon or Sony’s Playstation system stories.

Organizations need to realize that in almost every case, it is not a matter of if, but how to mobile-enable the access to their data and corporate systems. Not doing it will hamper their ability to compete; doing it carelessly may damage its reputation, with possible legal consequences.

Every company faces different security challenges when delivering content to mobile users, and every initiative should answer the following questions:

• Which platform should we use? Should we make a web app that’s optimized for mobile viewing? Or should we create a mobile app?
• How are we going to guarantee Confidentiality, Integrity and Availability (CIA)?
• Which security guidelines do our developers need to adhere to?
• How can we implement a security testing framework that guarantees success?