Mobile is mainstream – and under attack.
There has been an alarming rise in high profile data breaches in recent years by hackers seeking credit card numbers, passwords, bank account information, social security numbers, internal documents and emails across a number of industries. Millions of consumers are victims of stolen records. And organizations often face repercussions such as lawsuits, decrease in stock prices and management or operational restructuring.
While the bulk of major security breaches were through sophisticated hacking of websites or databases, hackers are now shifting their energy toward hacking mobile applications as they become an ever more prevalent channel for accessing and sharing information.
We are already seeing the effects of hackers “exploiting security gaps in mobile applications.” I remember when I first heard about the Snapchat security breach in 2014 – it affected 4.6 million users, exposing consumer usernames and phone numbers. Mobile apps often contain valuable personal identity information. For example, there are some money transferring apps between users that link directly to the user’s checking account. A security analysis conducted by IBM last year found more than 60 percent of leading mobile apps for dating are potentially vulnerable to a variety of cyber-attacks that put personal user information and corporate data at risk.
Yet building security into mobile apps is still a big challenge for most companies. According to Gartner, “through 2015, more than 75 percent of mobile applications would not be able to pass even basic security tests.” That is concerning. Now combine that with the current trend in the mobile market where “companies are going through a tough phase in pacing up with the increasing demand for mobile apps.” In fact, a study by IBM Security and the Ponemon Institute found that 65 percent of participants strongly agree that the security of mobile apps is sometimes put at risk because of expanding customer demand and the average company tests less than half of the mobile apps they build. That is even more concerning. Companies and app developers must ensure a secure mobile application on the front and back end while maintaining a friendly user experience. That is a lot to accomplish – especially given the competitive nature of mobile applications and the rapid pace of development it engenders.
The IBM Center for Applied Insights (@IBMCAI) recently conducted a worldwide survey of mobile developers and development managers that revealed only one-third of mobile development projects are successful, meeting their budget, schedule and objectives. The study revealed an interesting point about mobile app development and security —successful project teams are 27 percent less likely to report ‘security and privacy’ as an issue. And this may be partially due to how much they involve security and privacy experts throughout the development process – 51 percent of successful project teams say they do.
Mobile is mainstream, mobile apps are in high demand, and organizations and developers are unable to keep up with the rapid pace of mobile app development. On top of that, nailing down security is the bigger challenge. Through security gaps, hackers can tamper with mobile applications, putting organizations at great risk.
We discovered that successful projects had four key attributes that helped set them apart. As you develop your mobile-security dev strategy, you might want to consider what it takes to execute a successful mobile project. Find out here.