It's high time developers and IT paid attention to mobile browser security and platform support when deploying mobile web apps.
The new app era
Web apps are evolving into new hybrid apps that allow users to access them from a link without having to download anything from an app store, but that run on devices like native apps. Sometimes called progressive web apps, these apps can pre-render content in the browser, which speeds up page loading.
In addition, major browser providers -- including Google, Microsoft and Mozilla -- continue to offer new APIs such as service worker and web push. These APIs allow web apps across multiple browsers to receive messages from a server, whether or not the web app is even currently loaded in the browser. This capability also lets developers push updates to users, resulting in better engagement with timely new content.
Unfortunately, some browsers still suffer from uneven support for audio file formats. Others require user interaction to be able to play sounds. The fact remains that device inconsistency -- primarily due to the variance in hardware builds -- means that developers have to spend more time testing web apps for compatibility.
Mobile browser security falls to IT
For IT, web-based apps bring issues around mobile browser security and user privacy. To make sure that application access is secure while employees still have a good user experience, IT must ensure the following:
- Security mechanisms such as single sign-on do not impair the user experience.
- App response times are immediate.
- Policy controls are in place so IT can effectively manage mobile web apps -- particularly in BYOD scenarios.
- Security and privacy controls are engrained in app development tools and processes.
- Web application firewalls (WAF) are part of their deployments. WAF tools are very effective in monitoring web requests and user input in real time and can detect malicious activity or abnormal traffic on the application servers and databases
The annual increase in data usage on mobile devices for the last three years is 50%.
Source: VDC Research
There are many browsers to choose from on every major mobile operating system, and each uses a different rendering engine, such as Blink, EdgeHTML, Gecko or WebKit. That diversity requires developers to ensure that an app looks and acts properly across multiple browsers and on both desktop and mobile devices. Mobile browser security should also be top of mind.
This article originally appeared in the November/December issue of the Modern Mobility e-zine.
Google has battled with Android browser security issues
How are browser cookies a threat to mobile users?
Top tips for securing Android devices and apps
- Discover the Risks and Rewards Behind a Mobile Workforce –SearchSecurity.com
- Top 5 Enterprise Mobile Security Issues –SearchSecurity.com
- Essential Enterprise Mobile Security Controls –SearchSecurity.com
- SearchSecurity Survey Reveals Top 5 Enterprise Mobile Security Issues –SearchSecurity.com