gartner:75% app can't pass next year's standard security test

Beijing time September 16 Morning News, market research firm Gartner predicts that 75% mobile apps will not pass the most basic security tests next year. Gartner reported in Sunday that most mobile applications in Android, iOS and Windows Phone ecosystems in 2015 will not have basic security protocols that can be accepted by businesses. In the increasingly common environment of BYOD (with equipment to work), enterprises will face serious problems. The report points out that some mobile applications are good for enterprise employees, but lack basic security standards, so not only will enterprise security policies be at risk, but enterprise data and networks will also become vulnerable. Dionisio Zumerle, Gartner's chief research analyst, said: "For companies close to mobile computing and BYOD strategies, they face security vulnerabilities unless they adopt mobile application security testing and risk-guarantee methods and technologies." Most enterprises have no experience in mobile application security, even if the implementation of security testing is often the most concerned about the application function rather than security developers. The existing static application security test (SAST) and the Dynamic Application Security test (DAST) service providers need to modify and adjust their tests to meet mobile technology requirements, he said. These two tests have been in use for ten years, but mobile applications will pose new challenges because of their diversity and reliance on evolving mobile operating systems. In addition, mobile device security testing based on behavioral analysis is emerging to test the graphical user interface and run background applications to detect malicious or risky behavior. But these measures are not enough, and enterprise users should also ensure that servers are constantly tested and protected. Zumerle said: More than 90% companies are using Third-party business applications to implement mobile BYOD strategy, the current major application of security testing services should be used in this field. A lot of apps in the App Store are really useful, but businesses and individuals should be aware of their security when they use it, only to download and use it successfully through the application of professional security tests. Gartner predicts that by 2017 the endpoint (endpoint) vulnerability will focus primarily on tablets and smartphones, by which point the security features currently provided by mobile devices are not sufficient to minimize vulnerabilities. The company also predicts that the 75% mobile security vulnerabilities of 2017 will be the result of a mobile application misconfigured. (Tangfeng)