Report: 40 Percent of Mobile App Dev Projects Will Use Cloud Back Ends by 2016
The growing use of cloud back-end services for mobile apps is creating a new security risk in the mobile development space, according to Gartner Inc. In a new report, the research firm predicted that 40 percent of mobile app dev projects would use some cloud-hosted back-end services by 2016. The report warned companies against diving headfirst into heavier reliance on cloud back ends without having established appropriate security policies and guidelines.
"An organization may begin using [cloud mobile back-end services] without first developing the requisite understanding of the issues and risks associated with employing cloud services for application infrastructure," said report author Gordon Van Huizen, research director at Gartner. "What's needed, then, is something of a crash course in the fundamental concerns of deploying application functionality in the cloud."
The report described the growth of the "Mobile Back End as a Service" trend, which is an offshoot of the Platform as a Service (PaaS) concept. In Mobile Back End as a Service, according to a Gartner press release, cloud services "provide the back-end capabilities commonly required by mobile applications, such as user management, data storage, push notifications and social network integration. In addition, some cloud mobile back-end services allow developers to deploy server-side code."
Because of this wide-ranging functionality, "cloud mobile back-end services stand to become a key component of the application development ecosystem," Van Huizen noted.
The risks of this cloud services model increase as it becomes more widely used, the press release stated. When more application back ends are hosted on the cloud, more potentially sensitive customer information is exposed on the cloud, as well. "Governing interactions between mobile applications, enterprise systems and the cloud may require additional security and governance capabilities beyond those found in a particular mobile application development platform," the press release warned.
Van Huizen's report also covered a second security risk associated with mobile application development: the growing popularity of mobile app dev tools aimed at non-IT developers.
"The advent of more sophisticated rapid mobile application development environments, the availability of cloud services and increased access to enterprise systems will expand the potential for non-IT developers to build applications that commingle sensitive corporate data with cloud-based services and storage," Van Huizen said. "It is therefore necessary to extend awareness of the issues to the broader organization, as well as the organization's policies for cloud services, so that mobile applications built outside IT are subject to the same oversight and governance as those built within IT."
Van Huizen's recommendation for companies moving into the Mobile Back End as a Service space? "Clear policies must be established and communicated to developers prior to the use of cloud mobile back-end services by applications that may access corporate or customer data."
Katrina Carrasco is the associate group managing editor for the 1105 Enterprise Computing Group. She can be reached at [email protected]