IBM: Mobile app security is virtually non-existant

Apps are so shiny we can’t see the problems they (and we) face. I wrote before about the reliability of location based technology and the issues apps have in accurately locating users. This is an issue for advertisers who rely on location targeting. For consumers these poorly performing apps can be frustrating.

But if the report by IBM and Ponemon on app security is an indication, users have a great deal more to be concerned about than being misplaced by apps.

Apps can hold or be a pathway to sensitive data. The study estimates that 11.6 million phones were infected at any given time by malware last year, putting 1 billion personal data records at risk.

The primary cause of the breach, little or literally no mobile app security screening by the app developers. This includes fortune 500 companies. Its is not just the independent developer out there, it is the large companies whom we tend to trust (naive though its proven to be).

Some interesting facts as seen in IBM’s info-graphics (available here on flickr). Note how 40% have no budget allocated to app security. Many of these companies are providing the apps to their customers. This lack of attention to app security speaks volumes about the companies concern for their own customers.


IBM – 40% don’t scan code


33% never test apps for security.
50% have no budget for testing security of apps
1 billion personal data records compromised




Leave a comment

Your email address will not be published. Required fields are marked *