Protecting PII in Mobile AppsArrka Consulting's Nadkarni on Ensuring Users' Privacy
Organizations need to take three important steps to protect the personally identifiable information that mobile apps collect, says Shivangi Nadkarni, CEO at Arrka Consulting.
Key steps include addressing privacy in the app development process, continuously testing the apps and tracking applicable regulations to ensure current privacy requirements are met.
"Mobile apps today require you to give them permission to access your microphone, camera, messages etc.," Nadkarni says in an interview with Information Security Media Group. "Therefore, these apps have the ability to record what is said and definitely it's a cause for concern. This is in addition to the technical or online data that anyway gets collected like the location data, IP address etc. The concern is when this information reaches a third party who has a malicious intent."
In this interview (see audio link below the image), Nadkarni discusses:
- Top concerns about the lack of privacy in apps;
- Complications when a third party runs or develops an app ecosystem;
- What organizations can do to help protect mobile app users' privacy.
Nadkarni has over 22 years of experience in the information risk, privacy, e-commerce and networks. Previously, she headed the global application security and identity management practice at Wipro, setting up India's first licensed Certifying Authority for digital.