Has the development approach for mobile applications changed, given the inherent weakness of the mobile environment? What coding standards do you have for mobile code? How are these standards enforced? Are they checked frequently? Are they only checked for only certain high profile releases? Cutting-edge mobile development projects must be brought in-line with organizational standards for developing secure software and these standards must be augmented to reflect more complicated threat models associated with mobile applications.
Savvy security managers are well served to ask these questions earlier than later in the process of building mobile applications. Mobile applications are here to stay, and organizations that quickly define mobile security strategies enable business units to capitalize on the opportunity that mobile software represents.