In 2011 mobile applications went mainstream, captivating consumers with fun games, useful utilities, and plenty of branding thrown in there for good measure. As businesses continue to pump out new applications to engage with customers, it is likely that developers will be asked to shift gears to reprioritize mobile apps as a marketing vehicle into something that drives top-line revenue into company coffers.
However, that kind of shift will require companies to dive headfirst into mobile payments, a prospect both thrilling and terrifying at once to savvy CIOs. Because though there is tremendous opportunity to grow the business through innovation with mobile payment and ordering systems, that opportunity brings a lot of risk.
An enterprise approach should follow a comprehensive and compartmentalized architectural approach based on the business needs, the opportunity, any risks, or disruptive elements of technology adoption, said Michael Iseyemi, global chief security officer for Aditya Birla Minacs. Specifically to mobile payment, the most important considerations in addition to the aforementioned items are security of the stored data, the security of the data transmission while it is in transit, and who the data is being transmitted to.
Organizations are finding it difficult to keep these principles in mind during the headlong rush into mobile payment system development, said Randall Rivera, senior enterprise architect for Excellis Interactive. His firm is currently working with a lot of Fortune 500 companies to help them securely build a mobile component into their business strategies. One of the first thing he advises them to do is take stock of what their current e-commerce systems already look like and try to leverage what security measures they already have in place.
At the end of the day, mobile is just another outlet and it should work under the same umbrella as other systems, he said. If you architect it properly, all of the systems go under the same service. If you've got the infrastructure to leverage, don't build it from scratch.
How can companies find and fix vulnerabilities before they lead to a breach? Better yet, how can software developers identify flaws in their applications before the new software is ever deployed? In this report, Eliminating Vulnerabilities In Enterprise Software, Dark Reading offers a look at some tips and tricks for software development and vulnerability assessment. (Free registration required.)