App Development and Data Privacy

As almost every type of business is rushing to develop one or more apps for use on mobile devices by their employees, business partners, and/or customers, issues relating to data security are frequently overlooked or given short shrift.  

While obvious issues are addressed (e.g., where is the primary location for data storage), other issues remain.  For example, most apps involve the integration of components from a variety of third party developers.  Those third parties may require access to user data as part of their license agreements.  A bar code or QR code scanning module may permit the licensor access to all sorts of user information regarding location, time, and use of the module.  Such uses may have to be disclosed to users and, potentially, violate applicable law.

Many third party licenses have broad audit rights, permitting the licensor access to the licensee’s facilities, systems, and data.  I have written about such audit rights in past posts.

The point of the foregoing is to emphasize the need in app development to trace every possible means of access to user data and ensure appropriate protections are in place.  Without that effort, businesses may be unpleasantly surprised to find their data is being placed at risk by unexpected sources.


Copyright © 2012 IDG Communications, Inc.

7 hot cybersecurity trends (and 2 going cold)