Most security researchers now acknowledge that it is only a matter of time before a business suffers some form of compromise as the bad guys follow the money and conventional security tools struggle to keep pace. A recent report from Gartner (opens in new tab) stresses the need for apps to become self protecting rather than rely on security tools.
But how easy is it to produce a self-protecting app and how effective are they against malware? We spoke to Gordon Young, UK Sales Director of security specialist Promon (opens in new tab) to find out more.
How vulnerable are apps in general to the threat of being compromised?
GY: When talking about mobile bank apps, payment apps, authentication apps etc. we can say that all are vulnerable to compromise by malware or hackers. For an attacker, being inside the app allows them trusted access to all the app's internal interfaces - screen, keyboard and file system.
Does this mean that the traditional security approach of protecting the device is broken?
GY: Indeed they are, traditional security solutions are based on first identifying, and then neutralising threats. With this approach the attackers are almost always in the front seat. Alternatively, Promon's technology works from inside the app by closely monitoring the app's runtime process and taking action against any unknown code that tries to enter the app.
Tell us a bit about how Promon Shield can supplement existing security measures?
GY: An application protected by Promon Shield runs securely even if the device itself is infected, jail-broken or rooted with no noticeable overhead and is totally transparent for end users. Being able to proactively block known and unknown threats, Promon's in-app security technology is unique in being able to co-exist with any existing security approaches.
Will this work across all platforms and all kinds of app?
GY: Yes it will. We have deployments on WinPC, MacOS, iOS and Android protecting banking apps, authentication apps etc. Promon has desktop deployments, mobile deployments and deployments where Promon protects employee remote access in a virtual desktop environment using Citrix, for example.
Does it require any action on the part if the end user?
GY: The end user has no visibility or knowledge of Promon security, and the user process is not changed or impacted in any way.
Will an app secured with Promon Shield be effective even if the device is already infected with, say, a keylogger or if it's been jailbroken?
GY: That is correct, Promon Shield protects the App even if the device is already compromised, thus a bank can allow the user transaction to safely execute even when Promon has flagged that the device is compromised.
Are we about to see a major shift in the way banks and other companies address security concerns?
GY: We are seeing a gradual recognition that existing security mechanisms based upon simple detection of malware is not an effective security mechanism whereas the Promon approach of creating the "Self-Defending" app is a fundamentally superior approach that is better suited to the current and future threat environment.