ENISA Smartphone Secure Development Guidelines

Wednesday, December 07, 2011

This document was produced jointly with the OWASP mobile security project. It is also published as an ENISA deliverable in accordance with our work programme 2011.

It is written for developers of smartphone apps as a guide to developing secure apps. It may however also be of interest to project managers of smartphone development projects.

In writing the top 10 controls, we considered the top 10 most important risks for mobile users as described in (1) and (2). As a follow-up we are working on platform-specific guidance and code samples. We hope that these controls provide some simple rules to eliminate the most common vulnerabilities from your code.

The implementation of these controls and the amount of effort put into securing your code should always be matched to the risks you face. For example, if you are quite certain that your app is not handling any kind of personal or sensitive data (this is not always obvious), you may not need to worry about a maximum retention period for data...

Publication date: Nov 25, 2011

Source:  http://www.enisa.europa.eu/act/application-security/smartphone-security-1/smartphone-secure-development-guidelines

Download the full guidelines here (pdf):

PDAs/Smart Phones
Software Application Security Development Smart Phone Secure Coding Controls ENISA Guidelines Information Security
Post Rating I Like this!