Mobile App Security Is A Huge Risk

How Timewatch solves mobile app security risks and secures corporate data.

Three-quarters of mobile apps have a security vulnerability that could put your corporate data at risk. It’s a major reason why Timewatch doesn’t develop mobile apps to download onto devices. Instead, our products are browser-based. The reason is simple: web-based apps are more secure.

According to a report by ZDNet, three-quarters of mobile applications have vulnerabilities relating to insecure data storage, leaving both Android and Apple iOS users open to cyberattacks that could allow hackers to steal sensitive information.

An alarming number of apps are critically insecure.

Mobile Apps can be a security risk to corporate data

What are mobile app vulnerabilities? The ZDnet story highlighted findings in a recent study by Positive Technologies titled Vulnerabilities and Threats in Mobile Applications 2019.

“Developers pay meticulous attention to software design to give us a smooth and convenient experience, and people gladly install mobile apps and provide personal information. However, an alarming number of apps are critically insecure, and far less developer attention is spent on solving that issue,” says Leigh-Anne Galloway, cybersecurity resilience lead at Positive Technologies.

Why, when smart business users are moving to browser-based apps, are people still using downloadable apps for phones and tablets when web apps provide more security? Arxan and estimate that 97 percent of paid apps have been hacked, and 80 percent of free apps have been hacked. That is a lot of hacks and a reminder that your security is often in the hands of many third-party developers.

What are the risks of applications?

Mobile apps can compromise your company’s security guidelines.

Mobile App Security Best Practices

In a corporate environment, this is a huge risk – an app that downloads data onto personal devices is outside of the reach of your company’s security guidelines. Individuals may have strong passwords on their phones. They also may not. Employees may lose devices and allow easy access to customer data – itself a breach of GDPR and other privacy rules.

“Additional vulnerabilities found in just under one in five of the tested applications include sensitive data being stored in the application source code and insufficient protection against cyber attacks using brute-force techniques,” said ZDNet.

Why web apps are better for your business security

Mobile App Security

In contrast, a web application loads nothing onto the device, and all data and communication are encrypted via SSL. There is no security risk if the phone is lost, stolen, or hacked.

Click here (it’s safe!) for more information on secure Timewatch professional services products for your business.