CA blog: Making your mobile apps more secure

Businesses are getting more innovative about how they deploy their mobile apps. They are using them to reach a wider customer base or building exciting new internal apps that couldn’t be delivered to desktops. As an example, PKO, Poland’s largest bank, wanted to roll out a new epayment app for its smartphone users last year. Their challenge was to ensure that the banking data transmitted to those phones was kept secure.

Certainly, there is increasingly more malware that is targeted at mobile phones. Here are a few tips to help make your users’ mobile experience more secure.

  1. Train your users to steer clear of malware-infected websites. While it is hard to always resist the temptation to just type in some random URL, part of good security practice is not opening your phone up to downloadable exploits from sites that specialize in this sort of thing. There are various hacking contests, such as this one, where just visiting the site easily downloads exploits. And while you can’t always tell in advance, you should spend some time training your users and your customers to be more vigilant about where they navigate with their mobile browsers.
  2. Make sure your users are always downloading genuine apps. Trend Micro has a report about how the number of bad apps for Android now tops a million and is still rising. That is somewhat depressing to be sure. Even more depressing is that this is more than double the number that existed at the beginning of 2013. One way to avoid this situation is to provide a corporate app store with links to the genuine apps. Or you can lock down your corporate-owned phones to prevent random app downloads.
  3. Make sure your users connect securely or not at all. They should avoid open Wifi networks like the plague, because chances are they will catch something from these open networks. Spend some effort educating them about phony Wifi networks that are just virus swamps, and have them understand the consequences of connecting insecurely.
  1. Understand digital Trojans and how they work. They have been around for many years, with the first mobile trojans infecting the Symbian OS back in 2004. Other trojans can even hold your phone hostage and demand payment before they will release their grip. Make sure your IT staff understand how these exploits work and have them set up periodic scans of all of your corporate-owned phones to check for them.

Making your mobiles more secure can make it a center of enterprise IT innovation. If you tighten up your phones, you can have a more solid foundation to develop your own apps on them and provide more innovative ways to reach your customers, react to changing market conditions, or do more business.

Leave a Reply

Your email address will not be published. Required fields are marked *