2016 saw a growth in hacking of mHealth apps and illustrated the problems of minimal regulation for mobile app security and IoT security in healthcare. The number of hacks is expecting to keep growing in 2017. Though healthcare companies are conscious of the problem, there’s still no actions to prepare for this.
Research from Arxan’s 2017 Mobile and IoT Application Security Report directed independently carried out by the Ponemon Institute states that 84 percent of respondents had concerns about their mobile apps being vulnerable to malware, with 66 percent concerned about problems in IoT, more so after the Mirai botnet.
A lot of these companies are failing to secure IoT apps and devices, with 58 percent of IT leaders viewing IoT as much higher risk compared to mHealth apps and mobile devices. In spite of these companies being conscious of these threats, there is little action to prepare or mitigate according to Mandeep Khera, the Chief Marketing Officer of Arxan. Khera also said that these companies view the absence of regulation and private nature of the hacks as the reason why there is nothing being done to secure mHealth apps and IoT devices.
According to Khera, the IT leaders at these companies will consider spending more on security after a hack makes the headlines. Their reasoning is at fault, since even a single hack will cost a company millions of dollars. Having a proactive approach may save them from potential financial and reputational loss.
In the healthcare industry, there are two major consideration. When patients use mMealth apps there is requirement to be compliant with HIPAA. Moreover, there is the potential loss of life from IoT medical devices being hacked. However, Khera explained that proactive measures are being taken to protect such devices.
The year 2017 is expected to have more regulations especially for the Internet of Things. Medical devices and mHealth apps will be scrutinised more, especially after recent FDA guidelines update. This year will also introduce some major risk regulations.
Codified Security is here to help make your mHealth apps secure and keep you compliant with HIPAA. For mobile app security testing try out Codified Security.