US Govt issues app development guidelines

Powered by SC Magazine
 

Raises privacy, security risks of mobile apps.

The US Federal Trade Commission has issued a new set of guidelines outlining a number of risk vectors around enterprise mobile application development.

The consumer protection agency asked organisations to consider privacy from the start; be transparent about data practices; and provide users with choices to control their information, such as opt-out settings and collect information only after gaining consent.

It also urged businesses to live up to their privacy promises, or they may face FTC charges, which could result in fines.

"What if you decide down the road to change your privacy practices?" the document said. "You'll need to get users' affirmative permission for material changes.

"Just editing the language in your privacy policy isn't enough in those circumstances. And while you're taking another look at your privacy promises, read them with users in mind.

"Is the language clear? Is it easy to read on a small screen? Are you using design elements -- color, fonts, and the like -- to call attention to important information?"

The FTC urged developers to focus on security by ensuring applications only collect pertinent information, are protected against obvious risks and properly dispose of unnecessary information.

The advice comes as enterprises gear up for significant application investments in smartphones and tablets in an effort to increase employee productivity and respond to customer demands.

A recent report from analyst firm Gartner predicted that application development (AD) projects for mobile devices would outnumber traditional app projects by a four-to-one ratio in three years.

"Emerging mobile applications, systems and devices are transforming the AD space rapidly, and are one of the top three CIO priorities at the enterprise level," the firm said.

"Gartner research found that CIOs expect more than 20 percent of their employees to use tablets instead of laptops by 2013, hastening the process of change as AD tools and applications evolve to address the requirements of these new devices."

This article originally appeared at scmagazineus.com

Copyright © SC Magazine, US edition


US Govt issues app development guidelines
 
 
 
Top Stories
How hard do you hack back?
[Blog post] Taking the offensive could have unintended consequences.
 
Five zero-cost ways to improve MySQL performance
How to easily boost MySQL throughput by up to 5x.
 
The big winners from Defence’s back-office IT refresh
Updated: The full list of subcontractors.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  68%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  12%
TOTAL VOTES: 1009

Vote