Ready to Start Your Career?
By: Olivia
November 29, 2016
Palm Reading: How Hackers Steal Data from the Palm of your Hand Via Mobile Applications
By: Olivia
November 29, 2016
Today, I’m a psychic.And my prediction for the upcoming year is this: Mobile applications will become hacker’s target of choice.According to Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute, a research think tank dedicated to advancing privacy and data protection practices, “The average organization tests fewer than half of the mobile applications it builds, and 33 percent of the surveyed companies never test their apps.”Not only is the lack of testing an issue, but the ease of performing a hack is a real problem. So much so that a novice could steal your information, right out of the palm of your hand. Literally.Probably not the type of palm reading you were hoping for.
Likewise, the 2016 Hewlett Packard Enterprise study found that a staggering 96 percent of 36,000 mobile applications failed at least 1 of 10 privacy tests.With all this insane data, why is the security of mobile apps being neglected?Maybe, organizations are unaware of the statistics. Or maybe, they don’t have the money or resources to get ahead of the problem. Perhaps, it’s not a lack of knowledge or resources, but the fact that they just haven’t found a fool-proof solution.Whatever the case is, it is a serious problem, and the laundry list of mobile application vulnerabilities continues to grow.That list includes, but is not limited to:
My figurative tarot cards are telling me that this is a multi-faceted issue, with responsibilities falling on both companies and application developers, as well as the end-user of said applications.The solution from an organizational/ developer perspective is to build better, more secure applications, and test them frequently, which may be easier said than done.And from a user perspective, the answer is to lock your apps, create better passwords, and educate yourself on which apps are accessing what data, and if they should be.I bet you didn’t know Snapchat can end up knowing pretty much everything about you — your name, your exact location right now, who your friends are, and when you message them. This 0P3n post “Social Media and Apps ‘Stealing’ Your Information – Mobile Security Test Tools” is a rude awakening to those, like myself, who are avid users of the not-so-friendly ghost.Regardless of how scary, I highly recommend using this article as a starting point in protecting your apps.And, for both mobile applications users and IT professionals alike, there is another common solution: Educating yourself using the newly unveiled skill certification tests from Cybrary. Two tests come to mind in regards to mobile application security, Protecting Data in Transit and Mobile Device Security Fundamentals.These skills certifications act as micro-credentials in their respective areas, teaching troubleshooting knowledge, as well as how to securely deliver updates and applications to mobile devices, to implementing secure transport protocols.Get certified and I see data security in your future.
Likewise, the 2016 Hewlett Packard Enterprise study found that a staggering 96 percent of 36,000 mobile applications failed at least 1 of 10 privacy tests.With all this insane data, why is the security of mobile apps being neglected?Maybe, organizations are unaware of the statistics. Or maybe, they don’t have the money or resources to get ahead of the problem. Perhaps, it’s not a lack of knowledge or resources, but the fact that they just haven’t found a fool-proof solution.Whatever the case is, it is a serious problem, and the laundry list of mobile application vulnerabilities continues to grow.That list includes, but is not limited to:- Login-related weaknesses
- Apps allowing weak passwords
- Malware
- Unintended data leakage, through syncing or other modes of data in transit
- Broken cryptography/ lack on encryption
- Unauthorized access
- Unsecured data storage
My figurative tarot cards are telling me that this is a multi-faceted issue, with responsibilities falling on both companies and application developers, as well as the end-user of said applications.The solution from an organizational/ developer perspective is to build better, more secure applications, and test them frequently, which may be easier said than done.And from a user perspective, the answer is to lock your apps, create better passwords, and educate yourself on which apps are accessing what data, and if they should be.I bet you didn’t know Snapchat can end up knowing pretty much everything about you — your name, your exact location right now, who your friends are, and when you message them. This 0P3n post “Social Media and Apps ‘Stealing’ Your Information – Mobile Security Test Tools” is a rude awakening to those, like myself, who are avid users of the not-so-friendly ghost.Regardless of how scary, I highly recommend using this article as a starting point in protecting your apps.And, for both mobile applications users and IT professionals alike, there is another common solution: Educating yourself using the newly unveiled skill certification tests from Cybrary. Two tests come to mind in regards to mobile application security, Protecting Data in Transit and Mobile Device Security Fundamentals.These skills certifications act as micro-credentials in their respective areas, teaching troubleshooting knowledge, as well as how to securely deliver updates and applications to mobile devices, to implementing secure transport protocols.Get certified and I see data security in your future.