Most mobile apps will fail basic security tests, new survey warns

Most mobile apps will fail basic security tests, new survey warns

The number of businesses adopting bring-your-own-device (BYOD) strategies has dramatically increased over the course of recent years, but firms could be leaving themselves exposed by making incorrect assumptions.

A new survey from Gartner has warned that as many as 75 per cent of new mobile apps will fail even the most basic security tests over the next 12 months.

One of the key principles of BYOD adoption is the idea that workers can access even the most sensitive pieces of company information wherever they happen to be, whether it be in the office or on the go.

Yet these new findings suggest that some workers may be inadvertently be putting the security of their company's data infrastructure needlessly at risk.

Dionisio Zumerle, a Gartner principal analyst, said that standards for static application security testing (SAST) and dynamic application security testing (DAST) were changing in response to the new security demands being placed on firms.

Those examinations had uncovered a number of new modalities. SAST technologies found vulnerabilities without actually executing an application, while DAST managed to find weaknesses relating to the running of  web applications.

However, new tests have managed to monitor a running application to detect malicious or risky behaviour from any background application.

Mr Zumerle added that many companies were still failing to ensure that apps used in BYOD strategies were secure.

He said: “Enterprises that embrace mobile computing and bring your own device (BYOD) strategies are vulnerable to security breaches unless they adopt methods and technologies for mobile application security testing and risk assurance.

“Most enterprises are inexperienced in mobile application security. Even when application security testing is undertaken, it is often done casually by developers who are mostly concerned with the functionality of applications, not their security.”

The need for securing mobile devices has become a far more pressing matter recently, with Gartner suggesting that 75 per cent of mobile breaches will be caused as a result of misconfiguring mobile applications.