Mobility is wonderful thing, helping employees to remain connected while on-the-go. With just an Internet connection, global workforces are continuing to leverage mobility in order to access important business data from anywhere and at anytime.
According to a recent study, nearly 81 percent of enterprises will be utilizing fully personalized mobile apps in the not so distant future. However, a majority of these businesses realize that when allowing workers to access the company network from outside the confines of the physical office, various security-related issues tend to arise. So the question of how to leverage mobile apps while still remaining protected from cyber attacks remains at the forefront of all business decision makers’ minds.
I recently had the chance to speak with Jack Walsh, mobility program manager at ICSA Labs, all about the key elements of mobility app testing as well as the company’s newly unveiled program that is touted as being able to test mobile app security against both software code quality and functionality requirements.
Currently, organizations are taking proactive and innovative approaches to their mobile strategies. This is because “enterprises want to be competitive with other organizations in their respective spaces. A lot of companies are out there creating mobile apps and want to create a mobile presence for customers, partners and internally for all use cases. These firms are looking around saying ‘oh I need to play in this growing industry’ and so they are, but they need to worry about whether or not they are compliant with different types of regulatory requirements in addition to brand recognition and the potential damage that can be caused to their reputation that can be exposed by mobile,” Walsh said.
While the use of mobile apps is changing business operations for the better by enabling customers to have easy, constant access to the enterprise’s product no matter it happens to be, Walsh highlighted a recent example in the healthcare space of how mobility is revolutionizing our lives. “Doctors can now prescribe patients apps to use, say, for a diabetes problem. Instead of you having to constantly go for checkups, they tell you to leverage a certain app that can be hooked up to either your smartphone or tablet and is very convenient to use. Since the mobile gadget is like an extension of you already, the app sends your information to a server that the doctor can then check, which dramatically speeds things up while simultaneously making that crucial data much easier to access.”
With its newly debuted platform, ICSA Labs is catering to enterprises out there that want to enter the mobile space and release an app but aren’t sure if they should develop it in house or send it out to a third party. While sending it out to a third party provider typically ramps up time to market, these organizations are usually not huge providers and may or may not have fully formed procedures in place. Sometimes they expedite things by taking apps and recycling ones they have already used, which in turn can cause your newly created app to either be over or under commissioned or even have dead code encompassed within it. Therefore, it is key to test the application for vulnerabilities and maliciousness because users need to ensure they are safe and protecting the privacy and information of their customers at all times.
The robust solution completes tests in four distinct categories including: maliciousness, vulnerability, privacy and reliability. While the reliability phase determines whether or not the phone or tablet is stable when it is touched in strange places where it’s not supposed to have input, it also is vital to zero in on power consumption. If the app eats a lot of power, customers may not want to use it. Privacy is an important testing element as well because you must be concerned with all sensitive data such as credit card numbers, anything about the user or unique device characteristics that are being stored or transferred. While this information should be encrypted, how the encryption is done can be the difference between unveiling a secure application and one that isn’t. Further, maliciousness testing is looking to see primarily if the app itself is malicious and you want to double check this and complete due diligence.
When asked about where he sees the future of mobility headed, Walsh concluded, “I think it’s headed toward an ever present connection. People are becoming more and more connected to their devices and they are now like an extension of them like their brain—you wouldn’t want to leave home without it.”
Edited by Rich Steeves