There’s an app for that... Make sure your app is safe, secure and compliant with help from the Neohapsis Mobile Device Security Center

The challenge is simple – customers, employees, and partners expect to do business wherever they are in the most convenient way possible. Today, the medium of choice is often smart phones and tablets whenever possible. Whether it is banking, making online purchases, or simply checking a flight schedule, people are using mobile technology in every conceivable way. Protecting those customers – regardless of device type – is imperative. To help companies manage the ever-changing security challenges associated with mobile devices, Neohapsis has assembled a team of mobile device security experts to form the Neohapsis Mobile Device Security Center.

The Neohapsis Mobile Device Security Center has two primary missions:

• Identify security vulnerabilities and flaws in mobile device applications
• Help companies develop and deploy a mobile device strategy that meets their risk management and compliance objectives

Mobile Device Application Assessment

Leveraging Neohapsis’ heritage of application security assessment leadership, Neohapsis combines black-box, code review, and penetration testing approaches to assess the security of mobile device applications. With deep experience with iOS, Android, RIM/BlackBerry, and Symbian, Neohapsis identifies programmatic and operational security exposures within mobile device applications and provides detailed findings and recommendations on any item discovered .

Mobile Device Deployment Strategy Development

In a vacuum, mobile computing is wonderful – efficient, convenient, and productive. Unfortunately, regulatory compliance for data protection and internal risk management objectives introduces a number of variables that need to be considered before unleashing the power of mobile devices. Neohapsis helps organizations develop mobile device deployment strategies that consider the following:

• Regulatory impacts on mobile data
• Protective controls that address encryption, access control, and other endpoint requirements
• Usage policies and standards that guide users to acceptable practices
• Data classification review to identify appropriate access
• Incident response approaches to lost devices and inadvertent disclosure of sensitive data
• Ongoing software support (e.g., patch management)