The Year of the App: Assuring and Managing Mobile Applications Across Government and Industry Enterprises
In 2015, we have approximately 3 million apps that we can download to our wireless devices (iOS and Android), topping out with more than 100 billion apps to be downloaded across all devices. As a result, the hunt is on for assured privacy and security.
Several years back, my tech savvy college student son, Michael, was helping me to set up my new (at that time) iPhone 4. When he was done, he had downloaded several applications (apps) that he thought I would want to have such as BBC News, his Radford University app, Pandora, etc. But instead of being an appreciative mother, the paranoid career intelligence professional screamed inside: What did he put on my phone (that I use for work and my entire personal life)? I have no clue what these apps could do to the privacy and security of my data and all my communications. And how do I find out if they are secure to use, protecting my data and the privacy of my transactions? My “brilliant” and archaic approach was to delete them—not really a practical solution or an enabling mindset. Luckily, we have come a long way in just a few years … or have we?
In 2015, we have approximately 3 million apps that we can download to our wireless devices (iOS and Android), topping out with more than 100 billion apps to be downloaded across all devices. As a result, the hunt for assured privacy and security is on—with Gartner putting together a Quandrant Report to triage your apps, estimating that 75 percent of all apps have a minimum of one security violation. In addition, HP, IBM, Barracuda and others have developed approaches for “securing apps.” So here we go, walking the line between cutting edge functionality and convenience vs. personal, business and mission, privacy and security. Frankly, we need to demand and work it all.
It is time for industry and government to be proactive vs. the reactive (anti-virus world); to identify the risk and avoid the threat. I have started to see innovative and practical approaches that continuously define, track and determine the risk posture and daily management of apps in an automated way. We are at a point where the U.S. national security arena can start to fully leverage selected mobile apps in their work environments, transitioning at speed into the “App Age” with impunity, effectiveness and assurance.
Two state-of-the-art approaches are commercial company providers MetaIntelli and Aternity. A cloud-based AppInterrogator that proactively assesses your mobile apps, continuously assessing both the privacy and security risks, MetaIntelli’s approach looks at the app and everything around it and what it connects to/what connects to it.
In a complimentary fashion, Aternity enables an enterprise-wide instrumentation of your applications, a user’s experience of all applications on all devices, enabling the enterprise to measure, manage and improve work force productivity. By leveraging such cutting-edge, commercially based technologies, government and industry can create an environment where all apps can be tested, vetted and measured using a cloud-based (SaaS) app analysis solution–continuously upgrading your enterprise mission and business functionality. Vice a manually vetted approach that is extremely expensive, tedious, time consuming and can not scale to keep up with new app demands.
Below are the links to both companies, and I would love to hear about your government or industry innovative approaches to tough national security arena challenges like: online identity and authentication for unclassified trusted transactions (financial, data, filings); real time cyber intelligence analytics; and testing, tailoring and transitioning of current commercial technologies to government with assurance.
Identify Risks - Avoid Threats
Powerful Work Force Application Performance Management
