Page 51 - index
P. 51
There’s an App for That, but what About Security?
By Mav Turner, Director of Business Strategy, Security, SolarWinds
It’s no secret that in today’s uber-connected digital world, a growing number of organizations are
experiencing the crippling impact of cyberattacks and data leaks. Following several recent and
high-profile incidents, everyone is a-buzz over the importance of securing infrastructure and
data to avoid a breach.
But these conversations neglect a vital component of true enterprise security—the applications
that run on these networks and devices, which have their own set of unique vulnerabilities that
can ultimately be the single domino that topples an entire enterprise security strategy.
Although the “there’s an app for that” mentality has spread to penetrate both our corporate and
consumer lives, the concept of native app security is still largely unexplored.
Apps often demand custom security measures, and in the absence of an easy to apply blanket
solution, many developers are prioritizing speed to market over finely tuned secure technology.
So what’s the solution? Think of it this way: app development should be approached with the
same considerations as a contractor building a house.
The very foundation of the app, security, is much more simply integrated if done at the get-go,
rather than as an afterthought—similar to a builder installing key utilities, like plumbing or
electricity, during the construction phase versus making those changes years later during a
costly renovation.
Moreover, when security measures are applied to agile methodology and innovation, developers
should establish checkpoints at each stage or iteration to ask themselves, “Could I break this?”
After all, like a builder, the farther you get into development, the more difficult—not to mention
expensive—it is to backtrack and fix something that was flawed from the start.
With this in mind, here are several key considerations and strategies that organizations can
leverage for safe and secure enterprise app development and deployment.
1. Take a lay of the land. Begin your process by dedicating time to understanding and
defining what app security will look like for your organization. Organizations building a
simple Web-based app will need significantly less security than a business aiming to run
an app designed to store confidential customer or personally identifiable data.
A useful exercise when building an app or even simply evaluating your organization’s
security needs as a whole is to imagine how detrimental a data breach through a
51 Cyber Warnings E-Magazine – June 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
