News

Report: 40 Percent of Mobile App Dev Projects Will Use Cloud Back Ends by 2016

The growing use of cloud back-end services for mobile apps is creating a new security risk in the mobile development space, according to Gartner Inc. In a new report, the research firm predicted that 40 percent of mobile app dev projects would use some cloud-hosted back-end services by 2016. The report warned companies against diving headfirst into heavier reliance on cloud back ends without having established appropriate security policies and guidelines.

"An organization may begin using [cloud mobile back-end services] without first developing the requisite understanding of the issues and risks associated with employing cloud services for application infrastructure," said report author Gordon Van Huizen, research director at Gartner. "What's needed, then, is something of a crash course in the fundamental concerns of deploying application functionality in the cloud."

The report described the growth of the "Mobile Back End as a Service" trend, which is an offshoot of the Platform as a Service (PaaS) concept. In Mobile Back End as a Service, according to a Gartner press release, cloud services "provide the back-end capabilities commonly required by mobile applications, such as user management, data storage, push notifications and social network integration. In addition, some cloud mobile back-end services allow developers to deploy server-side code."

Because of this wide-ranging functionality, "cloud mobile back-end services stand to become a key component of the application development ecosystem," Van Huizen noted.

The risks of this cloud services model increase as it becomes more widely used, the press release stated. When more application back ends are hosted on the cloud, more potentially sensitive customer information is exposed on the cloud, as well. "Governing interactions between mobile applications, enterprise systems and the cloud may require additional security and governance capabilities beyond those found in a particular mobile application development platform," the press release warned.

Van Huizen's report also covered a second security risk associated with mobile application development: the growing popularity of mobile app dev tools aimed at non-IT developers.

"The advent of more sophisticated rapid mobile application development environments, the availability of cloud services and increased access to enterprise systems will expand the potential for non-IT developers to build applications that commingle sensitive corporate data with cloud-based services and storage," Van Huizen said. "It is therefore necessary to extend awareness of the issues to the broader organization, as well as the organization's policies for cloud services, so that mobile applications built outside IT are subject to the same oversight and governance as those built within IT."

Van Huizen's recommendation for companies moving into the Mobile Back End as a Service space? "Clear policies must be established and communicated to developers prior to the use of cloud mobile back-end services by applications that may access corporate or customer data."

About the Author

Katrina Carrasco is the associate group managing editor for the 1105 Enterprise Computing Group. She can be reached at [email protected].

comments powered by Disqus

Featured

  • Get Good at DevOps: Feature Flag Deployments with ASP.NET WebAPI

    They provide developers with the ability to toggle features on and off without having to redeploy code, making it easier to manage risk, test features in production, and facilitate smoother releases.

  • Implementing k-NN Classification Using C#

    Dr. James McCaffrey of Microsoft Research presents a full demo of k-nearest neighbors classification on mixed numeric and categorical data. Compared to other classification techniques, k-NN is easy to implement, supports numeric and categorical predictor variables, and is highly interpretable.

  • Building Secure and Scalable APIs in .NET 8

    Tony Champion: "From giving you access to the entire lifecycle of a request, the ability to configure and extend authentication and authorization, .NET 8 gives you the power to create APIs to meet even the most demanding needs."

  • What's New for Java Tooling in VS Code, Azure Cloud

    Java on Visual Studio Code gets a new tool to its extension pack, while Java on Azure upgraded the Azure Toolkit for IntelliJ and more in new regular updates for both properties.

Subscribe on YouTube