Six Security Properties Every Mobile App Developer Should Know By Heart

Think you developed a secure mobile app? Think again. Many mobile app developers have a naive notion of app security that leads them into believing their apps are secure when they are not. Some developers authenticate users and encrypt passwords and think that they’re all set, but there could still be security holes so wide you could sail a ship through them. The results of releasing an insecure app can include financial loss, reputation tarnish, lawsuits, and Twitter shame.

When designing your mobile apps and mobile backend services, be sure to consider the six security properties of confidentiality, integrity, availability, authentication, authorization, and nonrepudiation (see Figure below). Simply considering how each security property applies to your app won't make it more secure. You will need to perform threat modeling on your design and find solutions to secure your app based on your specific technology and use cases. Don't forget that the mobile backend services must be secure too.

Memorize These Six Security Properties 

Mike Gualtieri, Principal Analyst, Forrester Research











Let Big Data Predictive Analytics Rock Your World

I love predictive analytics. I mean, who wouldn't want to develop an application that could help you make smart business decisions, sell more stuff, make customers happy, and avert disasters. Predictive analytics can do all that, but it is not easy. In fact, it can range from being impossible to hard depending on:

  • Causative data. The lifeblood of predictive analytics is data. Data can come from internal systems such as customer transactions or manufacturing defect data. It is often appropriate to include data from external sources such as industry market data, social networks, or statistics. Contrary to popular technology beliefs, it does not always need to be big data. It is far more important that the data contain variables that can be used to predict an effect. Having said that, the more data you have, the better chance you have of finding cause and effect. Big data no guarantee of success.
Read more

Hey Developers, Make Your Mobile Apps Blazing Fast

It’s genetic. Humans want it faster. Evidence abounds: The Speedy Weeny microwave hot dog vending machine, Chuck Yeager’s sound barrier record, techno dance, and don’t forget the T-Mobile girl’s alter ego as a provocative motorcycle speed freak. Zoooom.

Read more

Big Data Tragedy

What's Your Big Data Score?

If you think the term "Big Data" is wishy washy waste, then you are not alone. Many struggle to find a definition of Big Data that is anything more than awe-inspiring hugeness. But Big Data is real if you have an actionable definition that you can use to answer the question: "Does my organization have Big Data?" Proposed is a definition that takes into account both the measure of data and the activities performed with the data. Be sure to scroll down to calculate your Big Data Score.

Big Data Can Be Measured

Big Data exhibits extremity across one or many of these three alliterate measures:

Read more

Five Axioms For Application Development In 2012

Software Is Not Code; It Creates Experiences

Ultimately, customers don't judge you based on how well you gather business requirements, choose development technologies, manage projects, or march through the development process — they judge you based on how they feel before, during, and after they use your software. This is the digital experience. If you get the customer experience wrong, then nothing else matters. And expectation inflation is sky-high thanks to the Apple-led smartphone revolution. To succeed in the new age of digital experience, application development professionals must collaborate with their business partners and customers to create experiences that customers love. You need a new approach represented by these five axioms:

  1. Software is not code; it creates experience.
  2. Development teams are not coders; they are experience creators.
  3. Technical talent is table stakes; great developers must be design and domain experts.
  4. Process is bankrupt without design; you get what you design, so you had better get the design right.
  5. Software is a creative endeavor, not an industrial process like building automobiles. Structure your methodology to empower your creative talent.

Doable? Definitely. Forrester clients can read the full report to learn how: Digital Experience Strategy: Follow These Three Mega Rules To Beat The Competition In 2012.

Mobile Proliferation Killed Linux Hopes For World Domination

Poor Linux. It struggled so hard to dominate the world. It was the little open source engine that could, but it didn’t. It never even came close to Microsoft Windows on the desktop, with less than 2% share of desktops. The bright spot for Linux is that 60%+ of servers on the Internet run LinuxRead more

Agile Software Is A Cop-Out; Here’s What’s Next

Never has a new trend annoyed me as much as Agile. Right from the get-go, the Agile Manifesto revealed the weaknesses and immaturity of the founding principles. The two most disturbing: “Working software is the primary measure of progress” and “Business people and developers must work together daily throughout the project.” These are

Read more

Steve Jobs Is In All Of Us

Steve Jobs brought us the future. He did not cajole us with clever arguments or dangle shallow technology candy in front of us. He delivered the future quite literally to our fingertips. Millions reached out to touch that future. Millions more will.

Steve did not separate imagination from success.

More than anything else, Steve is a human being just like all of us. Our DNA is the same. If only a small percentage of the 6 billion people can find the Steve within themselves, a magical future awaits us.

Steve Jobs is an inspiration. He will be missed.

Plea For Sanity. Ban The *-As-A-Service Moniker

Guilty! You will find SaaS, IaaS, and PaaS terms in my past research documents and blogs posts. But I have decided to stop using the *-as-a-service moniker because it is a redundant pleonasm like horseless carriage, wireless phone, and absolutely necessary - meaningless because it is excruciatingly redundant.

 Does “as-a-service” merely mean that “it”:

  • Resides in the cloud?
  • Is pay-per-use?

Stop the insanity.

Join me in pledging to eliminate-as-a-service (EaaS) the *-as-a-service term. Darn. There I go again.