Securing mobile apps should be a top priority

Securing mobile applications should be a top priority for businesses, as digital interaction with consumers increasingly runs via mobile devices.

This is the view of Phillippe Vallee, chief executive of Gemalto, who was a panellist at yesterday’s plenary session on ‘Technological and value-chain usage transformation: what are the risks?’

Speaking to StrategicRISK ahead of yesterday’s session, Vallee said digital interaction between customers and suppliers is increasing and often take place via mobile devices. “The mobile environment will become an important target for cyber attacks, so mobile apps needs to be more and more secure. Companies need to ensure they have the proper expertise whenever they develop a mobile app, to make sure that the application is securely run within the mobile device.”

To minimise the risk of a cyber attack, it is important for companies to properly check new customers to verify their identity. Once this step has been completed, customers need to be authenticated on a regular basis to ensure that the person the company is dealing with is indeed the person on the other side of the network.

“We all think cyber security is very technical and sophisticated, but even the basics are not being done properly today,” Vallee said. “You need to regularly authenticate your customers and employees. You need to know or have a good probability to know who is going to come on your network. It is also very important to authenticate the equipment.”

He added that a further vital step is encryption. “Companies need to ensure both company data and customer data are encrypted during their full life cycle. One of our recent surveys found that only 30% of costumers believe that the companies they are dealing with are taking their personal data protection seriously. Another key finding is that 58% of consumers fear they will be the victims of an online data breach. So it is very important that the encryption is done properly.”

Lastly, Vallee recommends to nominate an employee, a so-called Mr or Mrs Security within the organisation, who can manage all the procedures, the keys and the processes, train the workforce, and make sure that cyber security becomes good practice across the company.