Security – not a main priority for mobile app developers

According to data from IBM and the Ponemon Institute, almost 40 percent of large companies are not taking precautions to secure the mobile apps they build for customers. Findings show that the average company tests less than half of the mobile apps developed. Also, 33 percent of companies never test their apps. Furthermore, 50 percent of these organizations have no budget allocated for mobile security.

The same source mentions that organizations are poorly protecting their corporate and BYOD mobile devices against cyber-attacks, creating a way for hackers to easily access user, corporate and customer data. Therefore, the number of mobile cyber-security attacks is continuing to grow. Research unveils that at any given time, malicious code is infecting more than 11.6 million mobile devices.

The survey has also revealed major security flaws in the ways most organizations build and deploy mobile apps for their customers. The organizations studied operate in industries that work with highly sensitive data, including financial services, health and pharmaceuticals, the public sector, entertainment and retail. Among the organizations, each spent an average of USD 34 million annually on mobile app development. Despite this large budget, only 5.5 percent of the total is currently being allocated to ensuring that mobile apps are secure against cyber-attacks before they are made available to users.

According to IBM and the Ponemon Institute, most organizations tend to prioritize speed-to-market and user experience over security. IBM X-Force research indicates that, in 2014 alone, more than 1 billion pieces of personally identifiable information (PII) were compromised as a result of cyber-attacks.

Of the companies that actually do scan for vulnerabilities before deploying apps to the market, only 15 percent of them test their apps as frequently as needed to be effective. Meanwhile, with the increasing popularity of BYOD policies in enterprises, many companies are continually changing their strategies when it comes to mobility. For instance, 55 percent of the individuals surveyed said their organizations do not have a policy that defines the acceptable use of mobile apps in the workplace, and a large majority (67 percent) of companies allow employees to download non-vetted apps to their work devices. Additionally, 55 percent of organizations say employees are permitted to use and download business apps on their personal devices.