Nearly 40 per cent of large companies, including many in the Fortune 500, aren’t taking the right precautions to secure the mobile apps they build for customers.
Research by IBM Security and the Ponemon Institute today found that organisations are poorly protecting their corporate and BYOD mobile devices against cyber attacks – opening the door for hackers to easily access user, corporate and customer data.
The study, which researched security practices in over 400 large organisations, found that the average company tests less than half of the mobile apps they build. Also, 33 per cent of companies never test their apps – creating a plethora of entry points to tap into business data via unsecured devices. While these numbers may seem shocking, they aren’t surprising when considering that a full 50 per cent of these organisations were found to devote zero budget whatsoever towards mobile security.
“Building security into mobile apps is not top of mind for companies, giving hackers the opportunity to easily reverse engineer apps, jailbreak mobile devices and tap into confidential data,” said Caleb Barlow, vice president of mobile management and security at IBM.
The study found that many of these organisations scan their mobile apps for security vulnerabilities infrequently and much too late – if at all – leaving entry points which hackers are increasingly exploiting. Of the companies that actually do scan for vulnerabilities before deploying apps to the market, only 15 per cent of them test their apps as frequently as needed to be effective.