Mobile security concerns
Added Tuesday 16 May 2017
A 2017 survey by the Ponemon Institute has revealed that the code running many apps on mobile and IoT devices has not been protected to prevent hackers breaking in and stealing data.
Although 60% of businesses said their organisation has already experienced a data breach caused by an insecure mobile app, with almost all of those affected saying they’re worried it will happen again, 44% are taking no steps to protect their apps against attacks.
The new General Data Protection Regulation (GDPR) that’s due to come into effect in 2018 will mean that this careless attitude toward the security of mobile and IoT data simply won’t cut it anymore, as the legislation demands that security is a key consideration throughout the design and development process.
Many of those surveyed revealed that their business simply doesn’t have the budget to address the growing threat landscape. However, with the cost of a data breach on the rise and the GDPR seeing financial penalties for non-compliance rising to €20 million or up to 4% of global turnover– whichever is greater – the risk in terms of brand damage, financial loss and cost of recovery may help to create a greater sense of urgency amongst business leaders.
At present though, more than 60% of respondents felt that end-user convenience is a bigger priority for the business than security, when building and deploying mobile and IoT apps in the workplace.
The research also revealed that businesses find IoT much harder to secure than mobile apps, with two thirds reporting that their business lacked the quality assurance and testing procedures for IoT apps.
IoT devices generate huge volumes of data that require privacy protection, which means that organisations need strong controls in place. When collecting data in compliance with the GDPR, you need to have a clear understanding of why it’s being collected and what the company plans to do with it. You also need to ensure that users of IoT apps have control over the data you are collecting, how it’s used and how it’s shared. Research by Forrester (The IoT attack surface transcends the digital-physical divide) found that 67% of security leaders are worried about privacy violations emerging from IoT-related initiatives.
How can you address IoT security risks and concerns?
The IoT Security Compliance Framework provides a clear, cross-organisational set of directions for what’s required when delivering secure IoT products. Watch this introductory video to gain an understanding of how adopting this framework can help you to overcome security risks and concerns.