Access your Pro+ Content below.
Mobile application security best practices in a BYOD world
This article is part of the September 2012 issue of Information Security magazine
With the explosive use of smartphones and other mobile devices, it's no wonder mobile platforms are getting so much attention from security researchers and opportunistic criminals. Mobile device topics were all the rage at this summer's 2012 Black Hat Briefings and DEF CON 20, and we've seen interesting developments in the mobile malware arena in recent months. Consider Charlie Miller’s near-field communication (NFC) hack or DKFBootKit, the first known Android bootkit that loads itself during the device’s boot sequence. For enterprises, the new exploits and threats against mobile platforms mean a lost mobile device is far from the only risk they face with the rise of the bring-your-own-device (BYOD) trend. Users are downloading mobile applications from a variety of app stores - some legitimate, some not – and rogue applications could carry malware or have other negative consequences for a business. Internally developed applications, if not coded securely, can also pose a risk. Let's take a look at the mobile application threat ...
Features in this issue
Understand how cross-site scripting attacks work and how to prevent them.
Malware analysis is falling short but some security researchers are working to reverse the trend.
Know the pros and cons to cloud-based security services before making the leap.
Mobile applications are proliferating in the enterprise, posing new risks to enterprises and requiring mitigation.
Columns in this issue
Security expert Marcus Ranum goes one-on-one with Alex Hutton about the problems with security metric efforts.
Veteran security journalist reminisces about covering the industry and says farewell to TechTarget.
Security pros need to understand the total costs and potential ROI of BYOD policies.