Enterprise security in mobile applications development
Data and enterprise security in mobile applications development are key concerns for any organisation. With high profile cyber attacks appearing more often in the news, companies need to ensure that they have the correct procedures in place to keep company data safe.
Unfortunately, while companies are taking the leap into enterprise mobility and by proxy, mobile app development, many companies are still falling short on their commitment to mobile app security. According to a report from IBM and surveying 400 companies $35 million is spent on average on mobile app development per year, with just 5.5% allocated to security.
Due to the widespread adoption of mobile devices and the advances in mobile technology, IT security needs to widen their security approach to include mobile devices. A number of investments and considerations need to be made in IT to ensure that sensitive information is not being put at risk in the process.
- When a company relies on data being retained within a given infrastructure, the data must be stored and accessed in a secure manner. In an enterprise application, sensitive information is often accessed or sent through mobile devices whilst employees are outside the workplace. As a leading enterprise app developer and from a HIPAA compliant company last 14 years, we always encrypt any data and only recommend sending it via SSL for maximum security. This helps to minimise the risk of data being intercepted or being misused.
Password Requirements and BYOD
With the rise of personal devices being used in the workplace, there is clearly a higher risk of sensitive company information being accessed and potentially stored on said devices. The fear here for many companies is the increased risk of breaches of confidential data.
*When personal devices are used in the workplace, the responsibility for the data held on the device falls on the individual. One of the ways in which companies can ensure further peace of mind is to enforce passwords on any company made apps that have access to sensitive information. With many devices now featuring fingerprint authentication, IT is able to better secure corporate data without compromising the user experience.
*As a further step, companies should be looking at mobile app management (MAM) when implementing a BYOD policy. MAM allows the company to have total control over the app and its data, without affecting the user’s interactions with their device. However with MAM, this only allows for the control of your company apps and not third party apps.
*Where appropriate, we advocate building bespoke apps specifically for the business. Having a mobile tool that fits perfectly into business operations allows it to work much more efficiently and cater to the specific operations of the business. From a security point of view, having a company app means that a MAM approach can be taken, allowing the company to have full control of the app.