What's more there is little in the way of standards governing how mobile apps authenticate their users. A lack of input from security professionals into the design of smartphone apps is also part of the issue. Often, app designers appear to put convenience ahead of security or, for whatever reason, assume that customers will accept a lower level of security than they do on the web, simply because they are using an app.
Similar concerns surround apps that store data possibly including passwords locally, or even those that grant users automatic log-ins to services, as long as they have logged into the device itself.
Think that is far fetched? That is exactly how the official BlackBerry Facebook app works, and the BlackBerry remains the most secure of all the mobile platforms.
Banning all apps is unlikely to be popular, or even practical. So IT professionals need to act to educate their colleagues, and explain that even a good app can misbehave if you let it.
Stephen Pritchard is a contributing editor at IT PRO.
Comments? Questions? You can email him here
