Gartner: 75 percent of mobile apps will fail security tests through end of 2015
September 18, 2014
The bulk of mobile applications (75 percent) will fail basic security tests over the next 15 months or so – through the end of 2015 – leaving businesses vulnerable to attack and violations of their security policies, according to a report from Gartner.
Enterprises are increasingly embracing BYOD – with more than 90 percent of enterprises using third-party commercial apps – and mobile computing is becoming an integral part of the way companies do business, according to Gartner's findings. However, the apps that employees download from app stores as well as the mobile apps that can “access enterprise assets or perform business functions,” don't come with security assurances.
“As these apps grow in popularity and business-criticality, they become an increasing focus for the bad guys,” Sanjay Beri, founder and CEO at Netskope, told SCMagazine.com in an email correspondence Wednesday. “Many factors – unprecedented cloud app growth, increased mobile access of cloud apps and the ability to freely share data from cloud apps – create multipliers that increase the probability and expected economic impact of a data breach.”
He explained that “most security tools in the market are built to support web access from on-premises. In other words, they are built to solve yesterday's problem.”
Indeed, in a press release, Dionisio Zumerle, principal research analyst at Gartner, said that companies will remain “vulnerable to security breaches unless they adopt methods and technologies for mobile application security testing and risk assurance.” But most lack experience in application security. And, “even when application security testing is undertaken, it is often done casually by developers who are mostly concerned with the functionality of applications, not their security,” he said.