11:40 AM
Connect Directly

Gartner: 75% of Mobile Apps Will Fail Security Tests Through 2015

The rise of BYOD means enterprises must implement security testing and containment solutions, according to new Gartner research.

Mobile applications are a major security vulnerability for those enterprises that are implementing BYOD policies, according to new research released by Gartner. The analyst firm forecasts that 75% of mobile applications will fail basic security tests through 2015 and could offer an entry point for hackers looking to breach an enterprise’s network.

Gartner also forecasts that the focus of breaches will move from desktops and laptops to smartphones and tablets by 2017, as mobile devices continue to replace PCs. Current security features of mobile devices and applications will not be able to stop those breaches, and enterprises need to implement containment methods such as application wrapping or hardening to protect themselves, according to the report.

[For more on security, check out: Now Flatter, Cheaper Networks Can Be Secure, Too.]

The good news from the research is that providers of application security testing will modify their offerings to test mobile applications, Gartner predicts. Static and dynamic application security testing technologies are commonly used by enterprises, but mobile application testing is a new space for these technologies that will need to be adjusted to meet the security challenges around mobile apps, the report says.

Enterprises rarely perform security testing on mobile applications today, Dionisio Zumerle, principal research analyst at Gartner, said in a statement regarding the research: “Most enterprises are inexperienced in mobile application security. Even when application security testing is undertaken, it is often done casually by developers who are more concerned with the functionality of applications, not their security.”

Mobile applications also offer up a new method of application security testing -- behavioral testing. This emerging testing method monitors a running application for malicious behavior in the background. Enterprises should also apply security testing to the server layer of mobile applications and to help prevent the loss of data from their servers in the case of an attack, Gartner recommends.

“App stores are filled with applications that mostly prove their advertised usefulness,” says Zumerle. “Nevertheless, enterprises and individuals should not use them without paying attention to their security. They should download and use only those applications that have successfully passed security tests conducted by specialized application security testing vendors.”

[Learn more about the Internet of Things at Interop's Internet of Things Summit on Monday, September 29.]

Jonathan Camhi has been an associate editor with Bank Systems & Technology since 2012. He previously worked as a freelance journalist in New York City covering politics, health and immigration, and has a master's degree from the City University of New York's Graduate School ... View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Greg MacSweeney
Greg MacSweeney,
User Rank: Author
9/24/2014 | 9:53:44 AM
Are all platforms equally bad?
Did the report mention if apps on iOS are safer than apps on Andriod? Or is the 75% across all platforms?
User Rank: Author
9/19/2014 | 4:17:40 PM
Re: Probably merits a followup...
Very true Nate. The question will be whether the security providers and the app developers can make serious gains on this issue before hackers turn their attention to mobile devices as the main target of their attacks.
Nathan Golia
Nathan Golia,
User Rank: Author
9/18/2014 | 4:50:09 PM
Probably merits a followup...
as we've learned, additional vectors of attack are bad for data security. With more portals and devices granting access to financial services information, it's imperative that security improves.
Register for Bank Systems & Technology Newsletters
White Papers
Current Issue
Bank Systems & Technology
BS&T's 2014 Elite 8 executives are leading their banks to success, whether it involves leveraging the cloud, modernizing core systems, or transforming into digital enterprises.
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.