The government is moving forward to streamline easy access to their abundance of data in form of digital government services to individuals and companies. This easy access comes in a method of software, downloadable to different device operating systems called application (app) in app stores. Mobile devices have already surpassed personal computers (PC) as the primary method to access internet in recent years (Kovach, 2015). This trend continues in other countries as well as third of adults’ reach for their smart phones at beginning of their day and two-thirds are inseparable from them (Hern, 2015). With this type of data, the government is smart to pursue mobile applications for digital government services to increase innovations and jobs.
The draw back with mobile applications has been the growing threat of vulnerabilities associated with apps and mobile devices. The risk comes with sensitive information falling into wrong hands or the applications not being built strong enough to deter threats. Currently 75 percent of mobile applications are susceptive to breaches as many are poorly configured with this number to only rise in coming years (Shetty, 2014). Even if the app is configured correctly to protect security holes, losing or having the device stolen opens up the exposure to private information as the device can now be accessed at any time (“Architecture and design,” 2012). Other weaknesses in mobile applications include unencrypted storage on device, none or poor authentication between server and device, unsuitable sessions when connection are present, weak cryptography and poor design of application (“Architecture and design,” 2012). These weaknesses are harder to implement due to devices ability to continuously shift between networks causing a complex model to attend to (“Architecture and design,” 2012). Other malicious software may already be installed on devices and they can cause mischievous malware or codes to run on these devices, compromising a secure session between users and governments digital services (Carroll, Rose, &Sritapan, 2013).
Government definitely has the publics best interest when it comes to providing their digital services via mobile applications. The problem that arises is, presently these apps are either built with misconfigurations or sessions are vulnerable to attacks. Currently 5 million mobile devices are either lost or stolen causing another security issues needing to be addressed (Deitrick, 2015). Even though advancement in better security and protecting them is here or coming via updates, users are still considered one of the biggest issues when it comes to security in applications if those features are never utilized. The benefits may be there but if data is mishandled after an attack, it can cause more damage than the good it was intended for. At this point the benefits of government applications is not there, until more improvements are made to cover all of susceptible security holes that are currently present.
Carroll, D., Rose, M., &Sritapan, V. (2013). Mobile security reference architecture. Retrieved from https://cio.gov/wp-content/uploads/downloads/2013/05/Mobile-Security-Reference-Architecture.pdf
Deitrick, C. (2015). Smartphone thefts drop as kill switch usage grows but android users are still waiting for the technology. Retrieved from http://www.consumerreports.org/cro/news/2015/06/smartphone-thefts-on-the-decline/index.htm
Hern, A. (2015). Smartphone now most popular way to browse internet – Ofcom report. Retrieved from https://www.theguardian.com/technology/2015/aug/06/smartphones-most-popular-way-to-browse-internet-ofcom
Kovach, S. (2015). More people are using just their phones to access the internet than desktops. Retrieved from http://www.businessinsider.com/mobile-internet-users-pass-desktop-users-2015-4
Shetty, S. (2014). Gartner says more than 75 percent of mobile applications will fail basic security tests through 2015. Retrieved from http://www.gartner.com/newsroom/id/2846017
Architecture and design considerations for secure software. (2012). In Software Assurance Pocket Guide Series, 5(2). Retrieved from https://buildsecurityin.us-cert.gov/sites/default/files/ArchitectureAndDesign_PocketGuide_v2%200_05182012_PostOnline.pdf