Use Trusted Native Apps
When selecting a means for executives to communicate while on the go, web-based apps have long provided a great convenience. However, as mobile technology evolves and cyber threats continue to grow, communicating via native app has become increasingly important. Native apps, which are developed specifically for mobile devices, are much harder to tamper with, while web apps are susceptible to many hacking threats. SQL injection (SQLi) attacks, in particular, have been used to steal the personal details of World Health Organization employees, take data from the Wall Street Journal and infiltrate the systems of the British telecom company TalkTalk. In these instances, an attacker can execute malicious SQL statements that control a web application's database service. Since an SQLi vulnerability could affect any website or web application that makes use of an SQL-based database, the vulnerability is one of the oldest, most prevalent and most dangerous that applies to Web applications.
In general, a trusted native app will provide its own strong encryption and strong password that are separate from the user's own device encryption and password, which are simply not enough in this age of BYOD (bring your own device). Additionally, look for native apps that allow you to lock down access of a particular user to a pre-identified device or set of devices. This device authorization can provide an additional critical security control; in the instance that an executive's app credentials were stolen, those credentials would only work on pre-identified and approved devices.