Search AFCEA Site

Enable breadcrumbs token at /includes/pageheader.html.twig

NIST Seeks Input on App Testing

Are your apps putting your personal data or networks at risk?
By Maryann Lawlor

The National Institute of Standards and Technology (NIST) is preparing recommendations to help organizations leverage the benefits of mobile apps while managing their risks. The publication’s authors are seeking public comments about the draft of "Technical Considerations for Vetting 3rd Party Mobile Applications." The deadline for comments is Sept. 18.

While apps can improve productivity, they also can introduce vulnerabilities that put sensitive data and network resources at risk. The draft publication describes tests that software security analysts can employ to find and understand these security gaps before the app is approved for use.

“Agencies and organizations need to know what a mobile app really does and to be aware of its potential privacy and security impact so they can mitigate any potential risks,” says Tom Karygiannis, NIST computer scientist. A photo shared through a mobile application, for example, could grant access to an employee’s contact list, or individuals might be tracked through a calendar app, social media app, Wi-Fi sensor or other utilities that access GPS.

SIGNAL Magazine’s September issue will explore the issues surrounding security and BYOD. Look for a video preview of the issue online soon.

Comments

The content of this field is kept private and will not be shown publicly.
About text formats

Plain text

  • No HTML tags allowed.
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.
Enjoying SIGNAL?
SIGNAL Magazine is available through subscription or as part of your membership in AFCEA.
SUBSCRIBE NOW
LEARN MORE
JOIN AFCEA