Some time back, there was an article talking about how the recent trend of mobile apps are revealing a potential security threat as it exposes the application server that is handling the logic and sometimes data store.
Personally though, this should not be an issue if the developer is trained in IT. Trained as in a degree / diploma. The reason is simple. Try asking some so-called "IT people" what is MVC, 3 tier architecture, OO, SQL Injection and they will give you a blank look. The matter of fact is that sometimes, there are people who self-taught themselves programming languages but do not have the basic foundation.
Going back to mobile apps, if you design your mobile app as a 3 tier architecture and using software as a service, your security impact will be minimal. If there is really an issue of the data being access/transmitted through the Internet, use VPN.
The above is of course simplifying the process as it's not as simple as it seems but there are ways to secure such apps and most who have experience in building enterprise applications will know how to design such a mobile app.
For those who don't, then that's another matter altogether.
On a related note, I had another issue with the ChannelNewsAsia iPhone App again. A case of someone not doing enough unit testing. Sigh... Now I have to use some other app.
No comments:
Post a Comment