86 Percent of Mobile Apps Lack Adequate Security


A recent study of 2,107 mobile applications published by 601 companies on the Forbes Global 2000 found that 86 percent of those applications don't have adequate security measures in place to protect them from the most common exploits, and 97 percent access at least one private data source within a device.

The study, conducted by HP Security Research, also found that 75 percent of applications don't use proper encryption techniques when storing data on mobile devices, and 18 percent send user names and passwords via HTTP. Of the 82 percent that do use SSL/HTTPS, 18 percent have implemented it incorrectly.

"While mobile devices are becoming more and more critical to conducting business, they are also becoming prime targets for attack, with vulnerable applications providing access to sensitive data," Mike Armistead, vice president and general manager, Enterprise Security Products, Fortify, HP, said in a statement. "Mobile applications now are the first line of defense against the adversary and organizations must be equipped to assess, assure and protect these applications to prevent damage from exploits."