The National Institute of Standards and Technology has issued a draft “vetting guide” to aid in testing mobile applications to find security vulnerabilities in them, and is accepting industry comment on the guide through Sept. 18, 2014.

The draft guide walks through tests to discover and understand vulnerabilities before an organization approves use of an app. “For example, when an employee shares a photograph through a mobile application, the mobile app may be granted access to the employee’s contact list that may hold personally identifiable information that should remain private,” according to a NIST explanation. “Or, individuals may be tracked without their knowledge by way of a calendar app, social media app, Wi-Fi sensor, or other utilities that access a global positioning system.”

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access