![11 April 2011 fiercemobileit.com April 2011 12 A new report from IBM, the “IBM X-Force 2010 Trend and Risk Report,” advises IT staff to pay extra attention to the use of mobile devices and cloud infrastructure because both technologies are still immature. Individual phones may now hold enough valuable information to warrant a targeted attack. “Malicious software on the devices can be used to spy on users, access sensitive information on the phones, and reach back into corporate networks. Therefore, enterprises should take the risk of targeted malware on phones seriously,” the report said. The IBM report recommends a bare minimum of security measures including a firewall, anti-malware, strong passwords, lock-out and data removal after multiple failed logins, use of gateways between devices and the enterprise network, and configuring Bluetooth so devices link only to other safe devices. In addition, enterprises should consider encryption of sensitive data as it sits on mobile devices. Not all data need be encrypted, but valuable corporate data should, the report said. It’s no secret that smartphones and their accompanying mobile app stores have experienced dramatic growth. The tremendous growth trends parallel an increase in the amount of time consumers are spending on mobile devices, presenting an opportunity for enterprises to get closer with their customers. According to a recent Yankee Group survey, 34 percent of all U.S. mobile phone users own smartphones today. The firm estimates that this base will grow to nearly 50 percent of all mobile users by year-end 2011 and to more than 70 percent by year-end 2014. Eightyfive percent of those smartphone users already access the mobile Internet, and that growing installed base of smartphones further increases the significance of this usage trend. “Different Internet usage patterns on smartphones compared with PCs will mean changes in advertising, digital content access, and sales of tangible goods and services,” noted Yankee Group analyst Tole Hart in a recent report. “In addition, new or existing competitors will gain a greater foothold in their respective markets if they are able harness the mobile Internet. As a result, we see this shift in eyeballs from PCs to smartphones.” As such, a significant number of enterprises are going to find themselves competing with smaller and more nimble competitors willing to embrace mobile technology, said Jeff Hamilton, vice president of marketing with Red Foundry, which provides a low-cost self-service portal for enterprises to create customized smartphone applications. “The current approach to brand building and brand reinforcement is through various media, but there are a number of large enterprises that are going to find themselves under assault from smaller and newer entrant enterprises that will leverage mobile services such as geolocation services to switch the business toward them,” he said. B2C apps are in their infancy at this point as the majority of mobile application development for the enterprise sector has been focused on creating apps for mobile workers or enabling sales and delivery transactions between different businesses. However, analysts believe the next generation of mobile apps will be focused on the consumer and on creating loyalty. “Mobility gives you a much more imminent and interactive engagement point with a customer, and you can provide specific information to them very quickly and be a resource to them,” said George Adams, CEO of MobiFlex, which also offers a self-service apps creation portal at lower cost. MobiFlex has a number of customer- facing apps deployments, including an app created by a UK accounting firm that helped UK shoppers understand the price of goods after the country changed the value added tax (VAT) on Jan. 1. Users could punch in the price of a particular product into the app which would then calculate the correct price using the new VAT rate. In another example, a bike shop has created an app to allow people to reserve bikes and access trail maps, coupons and other promotions. Enterprises can also build short-term apps to raise brand awareness. A trade-show app, for instance, can give venue-specific information such as details about local restaurants while also bolstering an enterprise’s brand, Adams said. LivePerson, a provider of online engagement solutions, is aiming to take proven online chat solutions to the mobile phone. “We are aiming to build our solutions into mobile applications,” said Ethan Alexander, CEO of LivePerson. “Enterprises will be able to understand what a customer is doing on their phone before a chat is initiated. That means the communication is quicker and much more targeted.” Geolocation is quickly becoming a critical element in customer-facing apps as enterprises battle for customers. A restaurant, for instance, can send out mobile coupons when a prospective diner is in proximity. As such, mobility may dramatically change the way products and services are sold. “We see geolocation as a transformation for the way marketing analysis is done,” Hamilton said. “Being able to understand where people are when transaction business is crucial…Larger enterprises will have to take a crucial look at customer retention strategies.” Moreover, mobile apps offer enterprises more in-depth analytics than simply a web presence, Adams said. “You know when someone is using a particular application and what information they requested,” he said. Hamilton said the industry is still in its infancy when it comes to utilizing mobile analytics to measure consumer behavior but there is no doubt that it will become a vital marketing and customer retention piece for all enterprises down the line. “You have this mobile platform that becomes a recorder for people’s buying behavior,” Hamilton said. “Are they buying more of a certain product in the morning, or afternoon? There is so much information pouring out with respect to buying behaviors. But we are nowhere near having all of the tools to analyze and make decisions.” l Ed Adams, CEO of software security firm Security Innovations, advises enterprises to ensure that any type of validation or authorization of information is not only done at the mobile-device level but also at the enterprise-server level. Attackers can typically gain access to running mobile applications on jailbroken devices and applications’ binaries, and they can use this access to identify network services in use by those applications. Then they can bypass the use of the application and attack the network services directly. If network services are deployed in support of mobile applications without server-side protections such as authentication and authorization they can be attractive targets for malicious attackers. “Any device running on open wireless systems should have end-to-end encryption,” Adams said. “The proliferation of mobile devices and applications multiplies the attacks process on any centralized server. Thousands of additional entry points can be spoofed.” Another key element: Organizations must write secure mobile applications from the get go, Adams said. l Customer- Facing Apps Have Power to Transform Enterprise Loyalty By Lynnette Luna Yankee Group estimates that [smartphone users] will grow to nearly 50 percent of all mobile users by year-end 2011 and to more than 70 percent by year-end 2014. continued from page 10 | Mobile Apps in the enterprise: Potentials and Pitfalls Page 6 | Apperian](https://apperian.cloud-papers.com/sites/default/files/whitepapers/15/1/MobileAppsEnterprise.pdf_06.png "11 April 2011 fiercemobileit.com April 2011 12 A new report from IBM, the “IBM X-Force 2010 Trend and Risk Report,” advises IT staff to pay extra attention to | Mobile Apps in the enterprise: Potentials and Pitfalls Page 6 | Apperian")
11 April 2011 fiercemobileit.com April 2011 12 A new report from IBM, the “IBM X-Force 2010 Trend and Risk Report,” advises IT staff to pay extra attention to the use of mobile devices and cloud infrastructure because both technologies are still immature. Individual phones may now hold enough valuable information to warrant a targeted attack. “Malicious software on the devices can be used to spy on users, access sensitive information on the phones, and reach back into corporate networks. Therefore, enterprises should take the risk of targeted malware on phones seriously,” the report said. The IBM report recommends a bare minimum of security measures including a firewall, anti-malware, strong passwords, lock-out and data removal after multiple failed logins, use of gateways between devices and the enterprise network, and configuring Bluetooth so devices link only to other safe devices. In addition, enterprises should consider encryption of sensitive data as it sits on mobile devices. Not all data need be encrypted, but valuable corporate data should, the report said. It’s no secret that smartphones and their accompanying mobile app stores have experienced dramatic growth. The tremendous growth trends parallel an increase in the amount of time consumers are spending on mobile devices, presenting an opportunity for enterprises to get closer with their customers. According to a recent Yankee Group survey, 34 percent of all U.S. mobile phone users own smartphones today. The firm estimates that this base will grow to nearly 50 percent of all mobile users by year-end 2011 and to more than 70 percent by year-end 2014. Eightyfive percent of those smartphone users already access the mobile Internet, and that growing installed base of smartphones further increases the significance of this usage trend. “Different Internet usage patterns on smartphones compared with PCs will mean changes in advertising, digital content access, and sales of tangible goods and services,” noted Yankee Group analyst Tole Hart in a recent report. “In addition, new or existing competitors will gain a greater foothold in their respective markets if they are able harness the mobile Internet. As a result, we see this shift in eyeballs from PCs to smartphones.” As such, a significant number of enterprises are going to find themselves competing with smaller and more nimble competitors willing to embrace mobile technology, said Jeff Hamilton, vice president of marketing with Red Foundry, which provides a low-cost self-service portal for enterprises to create customized smartphone applications. “The current approach to brand building and brand reinforcement is through various media, but there are a number of large enterprises that are going to find themselves under assault from smaller and newer entrant enterprises that will leverage mobile services such as geolocation services to switch the business toward them,” he said. B2C apps are in their infancy at this point as the majority of mobile application development for the enterprise sector has been focused on creating apps for mobile workers or enabling sales and delivery transactions between different businesses. However, analysts believe the next generation of mobile apps will be focused on the consumer and on creating loyalty. “Mobility gives you a much more imminent and interactive engagement point with a customer, and you can provide specific information to them very quickly and be a resource to them,” said George Adams, CEO of MobiFlex, which also offers a self-service apps creation portal at lower cost. MobiFlex has a number of customer- facing apps deployments, including an app created by a UK accounting firm that helped UK shoppers understand the price of goods after the country changed the value added tax (VAT) on Jan. 1. Users could punch in the price of a particular product into the app which would then calculate the correct price using the new VAT rate. In another example, a bike shop has created an app to allow people to reserve bikes and access trail maps, coupons and other promotions. Enterprises can also build short-term apps to raise brand awareness. A trade-show app, for instance, can give venue-specific information such as details about local restaurants while also bolstering an enterprise’s brand, Adams said. LivePerson, a provider of online engagement solutions, is aiming to take proven online chat solutions to the mobile phone. “We are aiming to build our solutions into mobile applications,” said Ethan Alexander, CEO of LivePerson. “Enterprises will be able to understand what a customer is doing on their phone before a chat is initiated. That means the communication is quicker and much more targeted.” Geolocation is quickly becoming a critical element in customer-facing apps as enterprises battle for customers. A restaurant, for instance, can send out mobile coupons when a prospective diner is in proximity. As such, mobility may dramatically change the way products and services are sold. “We see geolocation as a transformation for the way marketing analysis is done,” Hamilton said. “Being able to understand where people are when transaction business is crucial…Larger enterprises will have to take a crucial look at customer retention strategies.” Moreover, mobile apps offer enterprises more in-depth analytics than simply a web presence, Adams said. “You know when someone is using a particular application and what information they requested,” he said. Hamilton said the industry is still in its infancy when it comes to utilizing mobile analytics to measure consumer behavior but there is no doubt that it will become a vital marketing and customer retention piece for all enterprises down the line. “You have this mobile platform that becomes a recorder for people’s buying behavior,” Hamilton said. “Are they buying more of a certain product in the morning, or afternoon? There is so much information pouring out with respect to buying behaviors. But we are nowhere near having all of the tools to analyze and make decisions.” l Ed Adams, CEO of software security firm Security Innovations, advises enterprises to ensure that any type of validation or authorization of information is not only done at the mobile-device level but also at the enterprise-server level. Attackers can typically gain access to running mobile applications on jailbroken devices and applications’ binaries, and they can use this access to identify network services in use by those applications. Then they can bypass the use of the application and attack the network services directly. If network services are deployed in support of mobile applications without server-side protections such as authentication and authorization they can be attractive targets for malicious attackers. “Any device running on open wireless systems should have end-to-end encryption,” Adams said. “The proliferation of mobile devices and applications multiplies the attacks process on any centralized server. Thousands of additional entry points can be spoofed.” Another key element: Organizations must write secure mobile applications from the get go, Adams said. l Customer- Facing Apps Have Power to Transform Enterprise Loyalty By Lynnette Luna Yankee Group estimates that [smartphone users] will grow to nearly 50 percent of all mobile users by year-end 2011 and to more than 70 percent by year-end 2014. continued from page 10
