Gartner Blog Network


Getting Started with Mobile Application Security

by Ramon Krikken  |  May 7, 2012  |  Comments Off on Getting Started with Mobile Application Security

We’ve just finished parsing 1.5K data points in a customer-facing research project on mobile applications. We spoke mostly with development team members, but also had a few architects and other functions represented (we even had a person from a marketing team in the mix). The data is very rich, and we’ve spent considerable time deriving our insights and conclusions.

It wasn’t on security in particular, but we did talk to pretty much every customer about that topic. In most cases it was actually the customer that raised the issue, which makes me happy because that means it’s certainly on people’s minds. But on the not-so-good side, many participants were still investigating how to best provide security on and for mobile applications. That should be no surprise, though: many moving parts, several different platforms, and a mix of application and data types does not make things easy.

I haven’t quite finalized the advice yet, but I think the combination of security for the development process, the application infrastructure, and the applications themselves will provide us with plenty to write about. But one thing that is apparent to me at this point (and perhaps this is no surprise either) is the following:

  • Pay attention to web services (particularly RESTful services), and how they can be secured!

Yes, the client side is extremely important (and I’ll definitely cover that in future posts). But especially with lots of customers looking at B2E, building and securing services the right way is going to be critical. Some existing technologies may be reusable. The foundations – especially standards – should be re-examined to make sure they’re sound. If you are a Gartner customer looking for advice on this I’d of course be happy to discuss this on a call even before our notes publish.

And for those interested in how we did the research, check out this recent blog post by my colleague Danny Brian. If you like user-centrism you’ll certainly appreciate our process.

Additional Resources

View Free, Relevant Gartner Research

Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.

Read Free Gartner Research

Category: applications  cloud  security  

Tags: mobile  mobile-applications  rest  security-2  services  soa  web-services  

Ramon Krikken
BG Analyst
2 years at Gartner
15 years IT industry

Ramon Krikken is a Research VP the Gartner for Technical Professionals Security and Risk Management Strategies team. He covers software/application security; service-oriented architecture (SOA) security; structured and unstructured data security management, including data masking, redaction and tokenization...Read Full Bio




Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.