Barney's Blog

Blog archive

Can't Rush Good Security

I hope you're sitting down for this breaking news: It actually takes some time (and patience) to develop secure mobile applications.

This radical train of thought, which came out at last week's CompTIA's Tech Summit on Cybersecurity in Washington, goes against the traditional way of thinking that if you close your eyes and hit a bunch of buttons, applications will secure themselves.

While the suggested notion that dedicated time for correct testing and auditing of mobile apps will lead to less security holes seems like a no-brainer to me, only 17 percent of available apps are actually following correct practices for mobile security.

So what is the other 83 percent's excuse? Apparently it's a lack of secure development lifecycle tools. With the market evolving rapidly, and with multiple platforms (old and new) to consider, it may not be in the cards to purchase all the necessary tools to satisfy every mobile OS. And even if you do have the correct tools, who has the time to develop it properly for multiple platforms?

So what does this mean? Should mobile developers limit their reach, specializing in only the one or two platforms that it has the correct tools for? And while this study focuses on mobile development, its common sense message can be applied to all facets of development and IT.

Do you feel you have the adequate amount of time and funding to implement secure practices? Let Doug know at dbarney@redmondmag.com.
-By Chris Paoli

Posted by Chris Paoli on 08/10/2011 at 1:18 PM


Featured

  • Microsoft Releases Windows 10 Version 1909

    Microsoft on Tuesday announced the release of Windows 10 version 1909, a new operating system product that's also known as the "Windows 10 November 2019 Update."

  • November Microsoft Security Bundle Addresses 75 Vulnerabilities

    Of that number, 13 vulnerabilities are rated "Critical" to patch, while 62 vulnerabilities are deemed "Important."

  • The Future of Office 365 Pricing

    With a raft of new Office 365 features in the pipeline, Microsoft also seems ready to change the way it bills its subscribers. Will it replicate Azure's pay-per-use model, or will it look like something else entirely?

  • Microsoft Offers 1 Year of Free Windows 7 Extended Security Updates to E5 Licensees

    Microsoft is offering one year of free support under its Extended Security Updates program to Windows 7 users if their organizations have E5 licensing.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.