Black Hat 2015: 5 Takeaways on Mobile App Security

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8
Next Next

Taking a Stand Again Hackers

Thought-leaders are taking a stand against malicious hackers.

Android, along with its partners and thought-leaders in the community, continue to make significant strides to protect against malicious hackers. At Android's very transparent "State of the Union" Black Hat presentation, Google's Adrian Ludwig outlined a series of steps Android has taken over the past few years to build their layered security model and increase their overall security posture. This included some significant data analysis to identify where so many potentially harmful apps (PHA) exist globally, what devices they run on, and even what types of signatures they give off that may be reused by other malicious apps. This has resulted in, amongst other things, a rapid deployment and upgrade in the security of Android developer and user services such as Google Play, Verify Apps and SafetyNet.

Overall, by leveraging the developer community and the power of a billion or so devices deployed worldwide, with the capability to harvest certain performance and security data from those devices, Android can continue to mature their shared security model and increase the overall security posture of their eco-system.

There was a wide spectrum of experts – from hackers to security communities – at the annual Black Hat conference in Las Vegas, concluding last week. The conference always provides a great perspective on the state of security today through technical briefings and hacking workshops, led by the premier minds in the field.

While Apple and Android's models are working fairly well for the user communities they are targeting, it's clear that there continue to be significant vulnerabilities in enterprise mobile app development. Developing secure mobile apps that protect companies from external threats and ensure that data privacy, security and regulatory demands are met is not an easy task.

The plane of vulnerability across corporate data extends significantly as soon as you include mobile in your portfolio. One of the most critical threats to enterprises comes from within – the mishandling and misappropriation of sensitive corporate data by employees. While Apple and Android continue to provide valuable tools and processes to help with security, it is ultimately up to the designers and developers of the apps and supporting infrastructure to understand, appreciate and code to the security and compliance standards set forth by the community at large.

In this slideshow, Robert McCarthy, technical advisor at Mobiquity, outlines five takeaways from this year's Black Hat 2015, particularly focusing on the differences in Apple and Android's security models – and how you should address them.

 

Related Topics : In Their Own Words: The Four Dark Horses for the Third Major Mobile OS Speak, HTC, Mobile Search, 3G, Location-Based Services

 
More Slideshows

IT_Man85-290x195 Business in the Front, Balance All Around: Working with Gen Z

In order to attract Gen Z talent, employers will need to take into account that this group of the workforce may expect a different set of benefits. ...  More >>

mobile92-290x195.jpg Why and How to Build an Enterprise App Store

Enterprise app stores provide a single "shopping experience" for employees and support both a BYOD model and a self-service IT model. ...  More >>

ClickSoftwareEnterpriseAR0x 5 Ways Pokémon GO Is Driving Augmented Reality in the Enterprise

With the consumerization of AR, it appears the technology is finally within arm's reach for those savvy enterprises willing to reach out and grab it. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.