IBM announced new software to help clients build security into the initial design of their mobile applications so that vulnerabilities will be detected early in the development process. The announcement further expands IBM's strategy to provide clients with a mobile platform that spans application development, integration, security, and management.

With more than 5 billion mobile devices in the world—and only 2 billion computers—the shift to mobile devices as the primary form of connecting to corporate networks is increasing rapidly. Securing those devices is becoming a top priority for security executives and CIOs. As companies embrace the growing "bring your own device" trend, the need to secure the applications that run on these devices is becoming more critical.

According to IBM’s recent trend and risk report, mobile exploits--that is, the use of personal mobile devices in the work place--increased by 19% in 2011. In addition, according to the recently released data from the IBM Center for Applied Insights study, 55% of respondents cited mobile security as a primary technology concern over the next two years.

The rapid consumerization of mobile endpoints, applications, and services has created the urgent need to secure corporate applications on employees' devices. With the latest release of the IBM Security AppScan portfolio, IBM now offers a robust application development security solution, allowing clients to integrate mobile application security testing throughout the application lifecycle.

Mobile applications represent a new threat target, since they carry a higher risk of attack compared to web application vulnerabilities. Attackers are increasingly focusing on mobile applications because many organizations are not aware of the security risks introduced by the most basic mobile applications. Beyond the traditional threats, for example, a hacker could perform a SQL injection or scripting attack on the applications. Mobile applications also come under attack from malware and phishing, or scanning QR codes with malicious scripts. Additionally, mobile applications have vulnerabilities specific to mobile devices because they often store sensitive data that can be leaked to malicious applications. This data, once stored locally, typically is outside the protection of the corporate security programs. The new AppScan analysis capabilities will find these vulnerabilities to help developers build more secure mobile applications.

IBM Security AppScan will be generally available this quarter.

For more information on IBM security, visit: www.ibm.com/security.

[This article was posted on June 18, 2012, on the website of ABA Banking Journal, www.ababj.com.]         

TrackBack URI for this entry