Mobile app developers, don't forget about privacy and security
User experience is important when developing any mobile app but in an enterprise context, what about security? For example, if you are developing an app that stores personal information there are regulations that ask where this information resides. Depending on the industry, mobile app developers may be completely accountable if any security issues happen on an app that they develop.
To ensure that you are in full compliance to any privacy, security or regulatory questions, it is recommended that apps be developed in-house or through a partner. So do mobile app developers need to consider regulatory, security or privacy concerns in advance of mobile app development projects?
"Yes, I think that developers of mobile and Internet-connected applications need to be positively thinking about privacy and security issues, which will likely help them address any regulatory compliance issues. And this should be true whether or not the apps are intended for enterprise use", Andrew Baker, director of Service Operations with SWN Communications, says.
He adds that security is something that has to be planned and developed in advance, so that it functions effectively and costs less than a bolted-on solution.
"Whether or not an app is intended for an enterprise audience, there's a good chance it will be used by enterprise employees, or connect to enterprise infrastructure", Baker emphasizes. "The safer our applications are the better. Security needs to be built-in, rather than layered on afterwards".
Jon Stroz, an Interactive and Traditional Marketing Specialist with Accella, a mobile app development firm, agrees that, as with any software development, mobile app developers do need to worry about security and privacy concerns, especially when handling sensitive data.
"While many mobile applications and games do not handle private information, others do,especially with the proliferation of mobile payment being adopted by users and merchants", Stroz says, adding:
Sharing [information] via a mobile app requires security. A developer’s main concern with security should really surround the transmission of data, sending it from a mobile device to a secured server. This is especially important with financial transactions and other sensitive data. While it is the consumer's responsibility to make sure that - should their device be lost or stolen, no sensitive data will be uncovered, it is the developer's job to make sure that data is safe when being transmitted or stored in their app.
However, despite the fact that security and compliance in mobile apps should be important in the development phase, the reality is, it is not.
"From a development point of view, [security] is boring and gets in the way of getting to the cool stuff that being the features and functionality [of an app]", Randy Hearn, Info-Tech Research Group senior research analyst, says.
He warns that security is often lacking in the design specs of a mobile application project. "The problem is that a lot of developers don’t understand the nuances around developing for a mobile environment yet".
But Hearn says that one way to make developers start thinking about adding security and privacy in their development cycle is pressure from the regulatory bodies and compliance police.
Also, developers need to start thinking about whether or not they would use the app that they are developing and ask themselves do they trust the app.
"If more developers start looking at it like that then they are more likely to focus on the security side of things", Hearn says. [But] right now it is about getting that app out there and we need to turn that page and get to apoint where now that we got the mobile applications out there, we need to focus on the quality, the security, the compliance and all of those issues".
Hearn believes that mobile app development projects will start to take security and privacy into the design process within the next two years because a lot of countries around the world are focusing on the privacy issues and starting to pass more legislation that make the penalties a lot stricter and harsher for business that don’t do it.
"If I wanted to open an e-commerce web store then I have to jump through a certain number of hoops before I get the ability to take that credit card information", he says. "The same thing is going to happen with mobile apps especially if there is financial data included with it".
Vanessa Ho is an online community manager with Partnerpedia, a provider of mobile app management and marketplace solutions.