61 percent of organizations believe the real risk to mobile apps is data leakage

Posted on June 1, 2015 by Nevlynn Janssen


According to a recent IBM/Ponemon Institute study, the presence of malware-infected mobile apps/devices will increase over the next 12 months (61 percent) and a similar percentage believes the real risk to mobile apps is data leakage. Because of these concerns, 60 percent say their organization considers mobile app security a high priority. Further, 58 percent say their organizations consider it very important to make applications tamper resistant.


The State of Mobile Application Insecurity

Infected-Mobile-Device-OneginiThe study 'The State of Mobile Application Insecurity' also shows that although security of apps is a high priority (60 percent) the rush to release and lack of training are two of the main reasons why apps are still deployed with vulnerable code.

Another staggering percentage of respondents rate the level of difficulty in securing mobile apps and concern about the threat of malware to mobile apps as very difficult (77 percent and 75 percent, respectively).

Read the full report


Here is the conclusion of the report to save you some time:

For a variety of reasons, companies find it difficult to improve the security of their mobile applications. This study reveals the vulnerabilities and areas of greatest risk. Following are some recommendations to improve your organization’s state of mobile application insecurity.

    • Testing of mobile apps should be conducted frequently. The findings reveal many organizations are not testing apps. They are rarely tested in production. 

    • Ensure the “rush to release” does not impact coding practices. 

    • Conduct internal training and education programs for development teams to follow application 
security policies and best practices. 

    • Increase the budget for mobile application security. The average budget is insufficient to have the technologies and expertise necessary to secure mobile apps. 

    • Create policies and procedures to control employees’ risky behaviors. Most employees in the companies represented in this study are “heavy users of apps” but very often there are no policies that define the acceptable use of mobile apps in the workplace. 

This conclusion has valid points on how to address these issues but this asks a lot from an organization.

What if I tell you we at Onegini have a solution. Would you be interested?

If so then hang on.

The Perfect Trifecta

Our solution, the Onegini Mobile Security Platform is bank grade security for your apps at zero effort. Let's you focus on delivering value to your customers and your app builder on functionality and Onegini on security.


Onegini Mobile Security Platform

The Onegini Mobile Security Platform consists of a token server, mobile SDK and mobile Authentication. 

Onegini Token Server6d7c882412a98d04533d8679908205e2

The Onegini Token Server is a complete solution for managing delegated access. It provides a comprehensive security token server that integrates with existing IAM solutions. It’s based on the latest Web and API security standards such as OAuth 2.0. Companies and users can interact by securely sharing data between different applications, and allowing users to authorize applications to act on their behalf without sharing passwords.


Onegini Mobile SDKafd57d68ef6abb1b713d0d6d703f9774

The mobile SDK includes all security features to your mobile App developers so you have the freedom to select the mobile front-end developer of your choice. The Mobile SDK will handle secure token storage, PIN validation, certificate management, push authentication. The Onegini Mobile SDK is available for iOS, Android and Windows Phone.


Onegini Mobile Authentication25a129ec7dfb9711dee574df8c753b95

Unique to Onegini Mobile Authentication is that your own mobile App is also used as second factor authentication for the web environment. This is irrespective of the login method used by the customer, whether user-name / password, social login or any external identity provider. Thus not only do you offer a customer-friendly solution but you also promote the use of your App without spending money on SMS.


In short

Onegini provides you with all the security elements needed for creating mobile Enterprise Apps such as device registration, mobile login, API security and push authentication. Onegini bridges the security gap between companies and mobile.

We have done this for several great companies like AEGON, Nationale Nederlanden, MEEÙS, IAK, Van Lanschot and more.

Interested? Contact us.


Enabling Secure Mobility to gain a competitive edge white paper offer



Topics: Security

White paper: Digital Transformation Insurance Companies