How to Win in the Enterprise Mobility Market
Last year we exhibited SeaCat at the Web Summit in Dublin. On the second day I explored the venue visiting different exhibition booths in the Mobile Enterprise area and talking to the people there. Many of which have already developed mobile applications and other mobile solutions for enterprises and big companies. While these conversations were interesting, one thing in particular stood out. Regardless of the size, industry, or platform of the prospective client, they all had one thing in common — security, or lack thereof.
Surprisingly, the summit attendees had varying backgrounds ranging from developers, startups, and corporations yet they all responded similarly when I asked about the underlying security of their mobile apps and the back-ends. Their position is that they “are as secure as the infrastructure at our customers,” an alarming approach when discussing mobile applications that are more sensitive to security breaches than desktop applications.
CRM or BI data is traditionally accessed from office desktops. In this traditional environment the data remains within the internal network and is safe from threats. However, once CRM or BI data is accessed from mobile devices, it is beyond the protection of the enterprise network because the data is exposed to the outside internet.
Therefore, if you are an enterprise mobility vendor, your customers probably have not solved this particular security issue and rely on you as the developer to anticipate and respond to these threats. There is a potential risk of losing the client deal if you cannot show that have you aware of these threats. Even if you do get the deal, sooner or later you will be requested to fix the security part. That is not an ideal position to be in especially if you do not know to even solve the problem.
All hope is not lost. The solution lies in becoming educating on new security issues and establishing a protocol for addressing the same. Here are a few features you can employ to cover most basic security concerns as it relates to mobile applications and back-ends:
- Backend isolation
- Access control
- Automated client certificate request/renewal
- Protection of private key on mobile device
- Mutual SSL authentication
The above-referenced summit scenario is common given the rapid growth of mobile adoption. At the beginning of the mobile era, user experience and (visible) functionality were the only things that mattered. Today, security is becoming more crucial as more data breaches occur in organizations big and small. Naturally, enterprises try to avoid this kind of publicity so they are seeking developers who are knowledgeable about current security trends and requirements.
If you are in the mobile enterprise market, take security seriously. Do not rely solely on the skills and knowledge of mobile app developers because their underlying focus is on building a beautiful, functional application. Instead, use the best practices available and offer your customers not just functionality but also security.
Send us an email at email@example.com to get a free consulting session on your mobile solution and learn if there will be any potential risk to your data.
Photo credit Web Summit
Most Recent Articles
- EV Charging Station security demonstrator
- Five Ways AI And Machine Learning Can Enhance Cybersecurity Strategy
- C-ITS ITS-S Security microservice
- C-ITS PKI as a Service
- Creative Dock, TeskaLabs, Indermedica, Czech Ministry of Industry and Trade and Line 1212 launch the indicative test for new COVID-19 coronavirus
You Might Be Interested in Reading These Articles
We are a security Cat, specializing in mobile application security. You know that. In the last couple of months, we happened to stumble onto another tech domain: Business Intelligence (BI).
Published on December 26, 2014
TalkTalk, one of the largest providers of broadband and phone service in the UK, has recently admitted to being the victim of a large cyberattack. For those in the United States or in another country where TalkTalk’s influence isn’t as widespread, it could be considered on the same level as a Verizon or an AT&T data breach.
Published on November 10, 2015
When it comes to hacking, there are many technical aspects that can be difficult to grasp without an extensive background in the field. One of the most common sources of confusion is the comparison between black box penetration testing and white box penetration testing.
Published on January 15, 2019