The first fact solution providers should appreciate about mobile applications is that from a security perspective not all of them are created equal. For example, there’s been no major compromise of the mobile applications that users download via the Apple App Store. Not only has Apple validated each of those applications, but they also run inside a container that makes them a major challenge to hack.
Nevertheless, there is an emerging opportunity to deliver managed security services for mobile applications. Many IT organizations are now building custom applications for their employees. While mobile applications aimed at consumers are usually validated by an app store (Apple’s or Google’s, for example), many custom mobile applications enterprises are developing are still subject to the same security issues that bedevil all applications.
In fact, a new survey of 1,950 enterprise developers conducted by Bock & Company on behalf of Alpha Software finds that 96 percent identify security as an essential requirement for mobile applications. Enterprise IT organizations often look to build applications that need to run on multiple platforms for employees, said Richard Rabins, CEO of Alpha Software, a provider of application development tools. For that reason, there’s a tremendous focus on protecting applications that need to run across multiple platforms at a time when app security in general is often deeply flawed.
“Security often comes down to a question of degree,” Rabins said. “There’s always a tradeoff between security and convenience.”
Most of those custom enterprise applications, however, are still in development. The Alpha Software survey finds that 63 percent of developers are expecting to create two to five applications this year. At that rate, it might take time before there is enough critical mass to support a managed service for securing mobile applications.
A survey of nearly 400 managed service providers conducted by Kaseya, a provider of an IT management platform for MSPs, finds that only 9 percent are focusing on both mobile device management and services, such as containerized apps for email, docs and browsers.
Managed Security Service Provider Market Potential
Make no mistake. In an age where worry over data breaches and bad actors is significant, security is paramount. Overall, the managed security service provider market is robust. Time will tell how significant the opportunities for securing mobile apps will be for managed security service providers.
The good news is that as the number of endpoints that IT service providers need to manage steadily increases, according to a survey of 1,100 IT service providers conducted by Autotask, a provider of professional services automation software. The study suggests that increased reliance on cloud services should, in general, make it easier to manage mobile computing.
With that goal in mind, Bluebox Security is trying to drive the adoption of self-defending mobile applications using containers and analytics in collaboration with traditional IT security vendors, such as F5 Networks and GlobalSign. Bluebox CEO Pam Kostka acknowledged that it’s still early days in terms of building out the company’s partner program. But over the coming year, a significant opportunity for securing mobile applications will emerge, she added.
“We don’t think customers will want to rely on the operating system for security,” Kostka said. “We’re trying to enable the application to protect itself.”