Page 28 - Cyber Warnings
P. 28
Consumers Generally Think Their Apps Are Secure
Users of mobile health apps and IT decision-makers with insight into
the security of mobile health apps feel their mobile apps are
adequately secure.
In fact, most believe app developers are doing everything they can to
protect their health-related apps.
Perception Is Not Reality
Most health care apps contain significant vulnerabilities. Vulnerability
assessments were conducted on 71 mobile health apps in the U.S.,
U.K., Germany and Japan at the end of 2015.
The vulnerability assessments were based on the Open Web
Application Security Project (OWASP) top 10 mobile risks. OWASP
identifies the most critical application security risks facing
organizations.
Included among the health apps tested were a sample of health apps
approved by the U.S. Food and Drug Administration (FDA).
Interestingly, 84 percent of the FDA-approved apps that were tested
didn’t adequately address at least two of the OWASP mobile top 10
risks, and 95 percent of those apps lacked binary protection.
These vulnerabilities can make applications susceptible to reverse
engineering and tampering in addition to increasing the risk of privacy
violations and identity theft.
Exposure Is No Surprise
Many companies are not investing in mobile app security. According
to the IBM Security and Ponemon Institute research paper “The State
of Mobile Application Insecurity,” 50 percent of organizations allocate
no budget for mobile security.
Perhaps this is why more than half of all respondents felt their apps
were likely to be hacked within the next six months.
28 Cyber Warnings E-Magazine – February 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
