Enterprise mobility is becoming a standard business practice. According to a TechRepublic survey, 62% of companies will allow BYOD (bring your own device) by year's end. Gartner predicts that by 2017, half of employers will require employees to supply their own devices for work purposes. This means that enterprises will be taking on new risks both as consumers of mobile applications and as producers of mobile applications. Veracode offers two unique services related to mobile security:
Veracode Mobile Application Reputation Service (MARS)
Enterprise employees are consuming mobile apps via millions of downloads. Enterprises will inherit the risks posed by those downloaded mobile applications through their BYOD programs. While many popular public mobile applications are benign, some contain custom malware and some exhibit suspicious behaviors that put your employees’ privacy and your business data at risk.
Without the ability to detect and quantify risk from popular mobile applications, BYOD programs quickly become BYOA (Bring Your Own Application) problems. As employees bring their own devices and apps to work, enterprise IT teams are setting up mobile security policies to protect enterprise data.
Veracode’s Mobile Application Reputation Service (MARS) equips organizations with comprehensive intelligence needed to design smart mobile security policies to mitigate the new mobile application security risks.
Veracode Mobile SDLC
Enterprises are rapidly shifting internal development to mobile applications. According to a SANS survey, 68% of companies are creating mobile version of web applications and another 32% are developing internal mobile applications for business units. Software vulnerabilities in enterprise mobile apps that access sensitive data and transact business critical operations are a significant concern.
As reported in Veracode State of Software Security Volume 5, software vulnerabilities such as information leakage and cryptographic issues affect a sizeable portion of Android and iOS applications. Both vulnerabilities increase the attack surface for enterprise developed mobile applications, and are two of Cloud Security Alliance’s top five mobile security threats in enterprise environments.
Veracode Mobile SDLC makes it simple and cost-effective for enterprises to accurately identify and manage security risks and potential privacy violations of internally developed and third-party mobile applications.