Security must be considered at the initial app development stage, because as the market matures any flaws will become clear and users will be intolerant to these weaknesses, according to enterprise mobility specialist Dogfi.sh Mobile.
However, this can be difficult because app development is a high-pressure process, with developers often challenged to produce or update apps to very tight timescales, the company noted.
CEO Ross Tuffee explained that if developers neglect to enforce strict security measures, hackers will have an easy entry point that they can abuse.
Cyber attacks on apps include malware that allows attackers to gain control of a device for the sole purpose of displaying ads on a phone and make revenue, as well as man-in-the-app attacks capable of intercepting email communications from an external server.
The report suggests encouraging responsbile user behaviour, introducing security into the software’s design, and carrying out penetration testing (to find vulnerabilities) to catch any problems before they hit the public domain.
According to Tuffee,“it’s crucial that developers dedicate enough time towards implementing an industry standard, tried and tested security solution. But the buck cannot fall on just them; IT leaders, along with the wider organisation, must all work together and extend their security remit to ensure that the apps and data held on a device are just as safe from malware and other threats as the data hosted on their servers”.