Majority of mobile apps are insecure

SmartphonesA Gartner report claimed that 75 percent of mobile applications fail the most basic security tests.

That poses threats for corporations, it said.  Enterprise employees download apps and also use mobile apps to access business networks. Such apps can violate enterprise policies and expose enterprises to threats.

Dionisio Zumerle, a principal analyst at Gartner said: “Enterprises that embrace mobile computing and bring your own device (BYOD) strategies are vulnerable to security breaches unless they adopt methods and technologies for mobile application security testing and risk assurance  Most enterprises are inexperienced in mobile application security. Even when application security testing is undertaken, it is often done casually by developers who are mostly concerned with the functionality of applications, not their security.”

He claimed that vendors supplying static and dynamic application testing can prevent problems on the enterprise.  And a new test, called behavioural analysis, is emerging for mobile apps.

He added: “Today, more than 90 percent of enterprises use third-party commercial applications for their mobile BYOD strategies, and this is where current major application security testing efforts should be applied,” said Mr Zumerle. “App stores are filled with applications that mostly prove their advertised usefulness. Nevertheless, enterprises and individuals should not use them without paying attention to their security. They should download and use only those applications that have successfully passed security tests conducted by specialized application security testing vendors.”

Often the biggest problem is misconfiguring devices, so for example by misusing personal cloud service through apps on smartphones and tablets.