Posted on June 1, 2015 by Nevlynn Janssen
The State of Mobile Application Insecurity
The study 'The State of Mobile Application Insecurity' also shows that although security of apps is a high priority (60 percent) the rush to release and lack of training are two of the main reasons why apps are still deployed with vulnerable code.
Another staggering percentage of respondents rate the level of difficulty in securing mobile apps and concern about the threat of malware to mobile apps as very difficult (77 percent and 75 percent, respectively).
Here is the conclusion of the report to save you some time:
For a variety of reasons, companies find it difficult to improve the security of their mobile applications. This study reveals the vulnerabilities and areas of greatest risk. Following are some recommendations to improve your organization’s state of mobile application insecurity.
- Testing of mobile apps should be conducted frequently. The findings reveal many organizations are not testing apps. They are rarely tested in production.
- Ensure the “rush to release” does not impact coding practices.
- Conduct internal training and education programs for development teams to follow application security policies and best practices.
- Increase the budget for mobile application security. The average budget is insufficient to have the technologies and expertise necessary to secure mobile apps.
- Create policies and procedures to control employees’ risky behaviors. Most employees in the companies represented in this study are “heavy users of apps” but very often there are no policies that define the acceptable use of mobile apps in the workplace.
This conclusion has valid points on how to address these issues but this asks a lot from an organization.
What if I tell you we at Onegini have a solution. Would you be interested?
If so then hang on.
The Perfect Trifecta
Our solution, the Onegini Mobile Security Platform is bank grade security for your apps at zero effort. Let's you focus on delivering value to your customers and your app builder on functionality and Onegini on security.
Onegini Mobile Security Platform
The Onegini Mobile Security Platform consists of a token server, mobile SDK and mobile Authentication.
Onegini Token Server
The Onegini Token Server is a complete solution for managing delegated access. It provides a comprehensive security token server that integrates with existing IAM solutions. It’s based on the latest Web and API security standards such as OAuth 2.0. Companies and users can interact by securely sharing data between different applications, and allowing users to authorize applications to act on their behalf without sharing passwords.
Onegini Mobile SDK
The mobile SDK includes all security features to your mobile App developers so you have the freedom to select the mobile front-end developer of your choice. The Mobile SDK will handle secure token storage, PIN validation, certificate management, push authentication. The Onegini Mobile SDK is available for iOS, Android and Windows Phone.
Onegini Mobile Authentication
Unique to Onegini Mobile Authentication is that your own mobile App is also used as second factor authentication for the web environment. This is irrespective of the login method used by the customer, whether user-name / password, social login or any external identity provider. Thus not only do you offer a customer-friendly solution but you also promote the use of your App without spending money on SMS.
Onegini provides you with all the security elements needed for creating mobile Enterprise Apps such as device registration, mobile login, API security and push authentication. Onegini bridges the security gap between companies and mobile.
We have done this for several great companies like AEGON, Nationale Nederlanden, MEEÙS, IAK, Van Lanschot and more.
Interested? Contact us.