Mobile security: IBM/Ponemon study finds enterprise app security weaknesses

Nearly 40 percent of large companies – including a significant number in the Fortune 500 – are not taking necessary precautions to secure the apps that they’re providing their customers, according to an IBM/Ponemon report.

According to Network World, The State of Mobile Application Insecurity report is compiled by analyzing over 400 large companies, and its conclusions on the state of mobile security are eye-opening. According to the data, not only are 40 percent of large companies not scanning their apps for vulnerabilities, but a company will on average test less than half of their apps for security flaws.

Why the lax mobile security? Well, its often down to putting user experience ahead of safety, concerningly, with 65 percent of respondents stating that customer demand or need beats security as a priority.

Even more common is the need to rush a release to meet a deadline due to internal pressures, with 77 percent of those surveyed highlighting this demand as a reason why mobile apps could contain vulnerable code.

It’s not that the budgets for mobile development are small – in fact, the organizations on average spent around $34 million on mobile app development. Of that budget, just 5.5 percent is finding its way to enhancing mobile security.

Larry Ponemon, chairman and the founder of The Ponemon Institute told SC Magazine, “It’s just an indicator that we have a problem, a risk issue that isn’t necessarily being met, at least not with respect to training and awareness.”

“Train developers so they understand what secure coding really means, so they understand their ethical responsibilities to create codes that are safe. Create awareness because this could be a big problem.”

Author , ESET

Follow us

Copyright © 2017 ESET, All Rights Reserved.