Many government and civilian organizations develop and uses mobile applications recently. With current mobile network environment and wide spread of mobile devices such as tablet computers and smart phones, mobile app can provide clear, simple, easy to use, and real-time information for those whom uses it. However, the use of mobile application can potentially cause a serious security and privacy issues.
Pros of Mobile applications are many. Fist of all, mobile application gives a unique connectivity between people and organizations. (Quirolgio, Voas, Karygiannis, Michael, & Scarfone, 2015). For examples, EPA’s HiveScience Application can give civil awareness on bee and earth environment. In addition, by sharing the bee colony information, it contributes to discover the behavior and health concerns of honey bees. Like this, mobile applications can bond civilians and government on common concerns and increase the awareness of various problems that we are facing now.
Well-made application is easy to use and give real-time connectivity and mobility to user of the applications (Ouirogio at el. 2015). For example, CareerOneStop application by the Department of Labor can help you find a job, related training and provide real-time update and support. Be able to search for a job and career anytime and anywhere is possible because of mobile applications now. The mobility, it is the most beneficial trait of the mobile application.
However, using of the mobile application still have some security issues, and most of this security issues are related with using of mobile device itself. The first thing to consider is the data, which people are storing in their personal mobile device. We store many critical personal information in our mobile device, such as pictures, bank information (or application), GPS data, contact numbers of our friends and family, and sometimes we save notes and memo with critical information (like passwords). These are what hacker will go after. Let us keep this in mind and discuss the possibility of the mobile device’s security issues.
According to NIST, Security risks of mobile devices are as following (Souppaya & Scarfone, 2013):
Like this mobile using of mobile application can have the security issues because we have to use the mobile device to operate the mobile applications. Then, what would be the best practice the prevent these security problems?
First of practice would be well planned development and risk assessment of the application (Ouirogio at el., 2015, pp.5-8 ). During the vetting process, perform the risk assessment on application, test the application, and decide if the application will be fit to the purpose of the organization, review if it fits the security requirements (Ouirogio at el., 2015, pp.5-8 ). Providing VPN connection for external user, develop the mobile device and application management to manage using mobile devices and applications, and providing identity and access management control can be also helpful for mobile security (Federal CIO Council & Department of Homeland Security, 2013). In addition, when providing government application service, develop a data loss prevention plan and intruder detection system to prevent data loss and security threats (Federal CIO Council & Department of Homeland Security, 2013).
Mobile application and service can be great for connecting people, government, and organizations. It is handy, highly mobile, and easy to use. However, because the mobile applications use mobile device to operate, it has the security concerns for personal, government, and organization. To prevent those possible security threats, we must plan it right, have a risk assessment, and develop security control and data loss prevention programs.