NIST Offers Mobile App Guidance

Tuesday, January 27, 2015 @ 04:01 PM gHale


A new publication provides guidance for organizations to improve security as employees move to mobile devices such as phones and tablets for their work and their applications.

Smart phone and tablet users have access to a great number of installable programs (“mobile apps”) designed to make their lives easier, but an employee who downloads an unsafe app may unwittingly expose the organization’s computer network to security and privacy risks, said researchers at the National Institute of Standards and Technology (NIST).

RELATED STORIES
NIST, OSHA Small Biz Safety Initiative
DoE Releases Framework Guidance
Smart Grid Framework Updated
Security a Top Concern at Utilities

NIST’s new guide, “Vetting the Security of Mobile Applications,” provides organizations the information they need to assess the security and privacy risks associated with mobile apps, whether developed in-house or downloaded from mobile app marketplaces. The publication is also a guide for developers seeking to understand the types of vulnerabilities that can end up introduced during an app’s software development cycle.

The guide offers plans for implementing the vetting process and considerations for developing app security requirements, and describes the types of app vulnerabilities and the testing methods to use to detect them. The document also provides guidance for determining if an app is acceptable for an organization to use.

Vetting the Security of Mobile Applications (NIST Special Publication 800-163) is the final version of Technical Considerations of Vetting 3rd Party Mobile Applications published for comments in August, 2014.

Click here to download the guide.



Leave a Reply

You must be logged in to post a comment.