Recently the news came out that, in the past year, Apple has reduced the average app review time to under two days. In fact, the mean approval time has fallen from 8.8 days a year ago to 1.95 days, according to AppReviewTimes.com. It’s a competitive world, and faster is better:
The change brings Apple more in line with competitor Alphabet Inc.’s Google. Apple checks apps for security and content before letting them in the app store, while submissions to Google Play are often examined after they’ve been made available to download from the store.1
But is faster better in this case? As we noted in our recent Enterprise Mobile Threat Report, in the past few months the App Store has allowed 6 different malware exploits. Is it a coincidence that this started happening while the approval time was reduced by 78%? Maybe, but just making approvals faster doesn’t mean the approval process has improved from a security stance.
Apple does a great job meeting the security requirements of the consumer market. But the bar is significantly higher for enterprises. And, like it or not, enterprise ecosystems are filled with consumer apps. For enterprises, the days of outsourcing mobile app security to Apple and Google are over. Don’t assume that if it’s in the app store, it’s safe. Consider adding mobile app risk management to your security stack to meet enterprise security requirements in the era of Mobile First.