Mobile applications are the new technology trend. As with any technology trend, there are exciting new business opportunities that emerge. But first, a bit about what exactly is a mobile application? Mobile applications are generally classified as one of three types:
Native Applications
Built using a device-specific software development kit (SDK) to exploit the capabilities of the device
Web-Browser Applications
Built using the fifth revision of Hypertext Markup Language (HTML5) enhancements for web applications
Hybrid Applications
Built using a library (often client-side JavaScript) to allow coding for a “generic” mobile function (that accesses device-specific capability) without the need to make different calls for each platform (such as native) and sometimes provide a runtime container
With these classifications in mind, here are the five major security issues to consider for the new Mobile Age.
1. Prepare Yourself For Success
Every environment now has a backup-and-restore plan in case of emergencies. But what most companies do not have is a success plan. SO it’s important to consider: What do you do if you do succeed? Some mobile apps go “viral” and a sudden wave of transactions may cause your network to become overloaded. But with broad technology offerings from IBM, including DataPower appliances and cloud services, you can build a plan for failover or fail-up.
2. Bring Your Own Device
Many employees already use personal phones for calls at night or for email while traveling. Why not extend this ability to other mobile applications and data? The security of mobile devices is a priority for business and IT leaders. Two challenges stand out: (1) The ability to terminate access to the server-side of the mobile app, and (2) The loss of information that may remain on the device when it “goes rogue.”
As an organization, if you don’t own the device that’s running the application, you may not be able to stop an application request from being generated on the mobile phone. That means you may receive a lot of traffic from clients that is no longer valid. If you have the technology to identify and correlate incoming requests from legitimate people, devices and applications, your strategy’s sound. However, the case is often different and you may need an application-level appliance at the application endpoint that’s capable correlating granular service-level agreements.
3. Adapt And Survive
Web-application-savvy business leaders are already prepared to filter web requests to provide differentiated quality of service. Gating traffic, however, may become more visible to your mobile users because mobile users are more aware of response time. Delays may lose the attention of the audience you’re looking to keep.
In application design, there must be the awareness of how to reduce the amount of “bad load” or “bad users” on your application, and at the same time respond quickly to validated traffic that’s driven to your businesses. This is where the defense and strategic use of DataPower appliances and IBM products can provide application efficiencies. Thea ability to differentiate, balance and distribute requests can truly yield operational advantages.
4. Mobile-First And Good Service Design
Mobile applications can help organizations enter new markets, retain and extend participation from current users of services and attract new users to services. If the goal of going mobile is to reach a larger audience and access new markets, user-interface design may be the most important aspect to consider. If you’re not trying to win over the eyes of the new market, but instead trying to get a core piece of information across to your mobile audience, then service design and the ability to deliver information quickly and securely may be the most important aspect for your company. Good service design includes understanding your own application-integration infrastructure and being able to leverage this infrastructure from a mobile device.
5. Location, Location, Location
Mobile access and mobile applications challenge the notion that there’s a boundary between the outside and the inside. Mobile employees need “unplugged” access as they travel. More customers need access to more information and they want this information faster than ever before. Mobile devices are great for providing information “on the go,” but because of their smaller screen size they’re limited in their abilities. Technology is evolving though, and there are now such things as “notifications” that can indicate when a message is incoming or that an application update is available.
The reality of life on the internet is that there are endless “moving parts.” The mobile user has a short attention span that demands an almost immediate response. It’s the job of the mobile-application developers and designers to catch and keep the attention of the customer. Applications must be more intelligent and must work with traditional IT security systems so that your operational staff can shut down access or rate-limit access
The world’s getting smarter: Join the world and learn more about WebSphere DataPower appliances and IBM Worklight. Contact TxMQ vice president Miles Roty at (716) 636-0070 x 228 or [email protected].