Healthcare / Mobile Medical Apps
Privately / Publicly Owned
Public
Employees
11-50
Challenges
Solutions
Guardsquare provides the sophisticated security solution necessary to meet evolving regulatory requirements for medical devices.
For over 10 years, the company has focused on improving their product delivery success by applying modern software development best practices in developing their mobile medical apps. In order to release their products to market quickly and safely, their SaMD and connected medical device apps need to meet the constraints of medical device application regulations. From working with Fortune 500 companies like Google and Eli Lilly to supporting start-up device manufacturers, the firm is committed to staying at the forefront of digital health.
“Thanks to Guardsquare, we can apply the highest level of protection to our apps with ease. We’re able to avoid some of the traditional roadblocks in the software creation process that can slow time to market and instead lets us focus on what matters most for our business.”
– Principal Technical Architect, Leading SaMD Provider
The company is facing expanding and increasingly strict regulatory requirements. Medical device compliance is constantly evolving. As mobile medical apps usage grows, many apps available in the market have come under increased scrutiny for their poor security posture.
In 2021, researchers analyzed 20,000 mobile health and medical apps in the Google Play Store. They found 45% of the apps used unencrypted communication, 23% sent personal data on unsecured traffic, and 18% contained suspicious code. Despite common misconceptions, iOS health and medical apps have been found to be equally vulnerable to security infringement. These findings indicate severe security deficiencies in mobile medical apps. Recognizing this complexity, the FDA continues to take a range of steps to provide clarity to manufacturers about their cybersecurity expectations for medical devices. For example, the FDA recently updated their mobile medical apps guidance and amended its FD&C Act by adding Section 524B to help mHealth app developers ensure adequate cybersecurity for their mobile medical apps.
“In the SaMD industry, mobile application security is not an option, but a requirement. One vulnerability could mean harm to the patients’ health, or even death. So we needed to make sure that our iOS and Android apps are well protected against cyberthreats like tampering and bot attacks.”
— Chief Solutions Officer, Leading SaMD Provider
As a product development and consulting firm working in the highly regulated medical field, the company’s mobile medical apps have to meet these federal regulatory standards or risk penalties and delays in market approval. More importantly, poor mHealth app security can negatively impact the privacy and wellbeing of countless patients — even jeopardizing their lives. Consequently, the company needed to ensure that the valuable, critical components inside their apps are well protected against reverse engineering and tampering. They had to make sure attackers would not be able to manipulate their apps’ pre-programmed functionality or steal sensitive data like patients' information and embedded intellectual property (IP).
To achieve this, the company’s engineering team researched mobile app and SDK security solutions, performing a market scan to find a set of tools that could help them achieve compliance. The tools had to offer robust security while being easy to implement. More importantly, they needed a partner who could grow with their business and provide professional after-sales support and a flexible pricing structure.
After comparing the best solutions in the market, the company chose Guardsquare for its comprehensive Android and iOS app security offerings. They were impressed by Guardsquare’s advanced code obfuscation, offered via DexGuard and iXGuard, which would be very useful in safeguarding the sensitive data and assets inside their apps against tampering and reverse engineering.
“We were looking for a mobile app protection partner who could provide the highest level of protection for our iOS and Android apps. Guardsquare does this exceptionally well and helps us to ensure the compliance, safety, and efficacy of our software.”
- Chief Solutions Officer, Leading SaMD Provider
The company utilized DexGuard and iXGuard's runtime application self-protection (RASP) feature to detect and prevent attacks on their apps when they are running. This mechanism makes applications resilient against dynamic analysis by preventing attackers from using debuggers, code tracing tools, or hooking frameworks.
After implementing DexGuard and iXGuard in their mobile medical apps and SDKs, the company and their clients were able to meet regulatory compliance mandates, such as the FDA’s, with ease. Their developers were impressed with the breadth and depth of code protection features offered in Guardsquare products. The advanced obfuscation and code hardening features enabled them to stay ahead of attackers, safeguard the critical functionalities and sensitive data, and protect the IP inside their app.
With Guardsquare, the SaMD company was able to streamline the tools they use to protect their mobile apps and SDKs. They were able to eliminate redundant security tools and offer their clients a more holistic and comprehensive mobile application security package. The company liked Guardsquare’s licensing model which scales with the growth of their business. The company found Guardsquare’s support enabled their development teams to smoothly integrate the products into their development process with minimal effort.
“Guardsquare’s advanced code obfuscation and hardening techniques help us to ensure consistent and reliable operations."
- Chief Solutions Officer, Leading SaMD Provider
"Now, we’re able to stay on top of cornerstone regulatory mandates from the FDA such as 13485, 62304 and HIPAA (as well as emerging guidance) and, European Union such as GDPR and EU-MDR, without compromising performance." continued the Chief Solutions Officer, Leading SaMD Provider.
Find out how Guardsquare can help secure your mobile medical app and achieve regulatory compliance!
Developer friendly mobile app sec tools that:
Guardsquare offers the most complete approach to mobile application security on the market. Built on the open source ProGuard® technology, Guardsquare’s software integrates seamlessly across the development cycle. From app security testing to code hardening to real-time visibility into the threat landscape, Guardsquare solutions provide enhanced mobile application security from early in the development process through publication.
More than 900 customers worldwide across all major industries rely on Guardsquare to help them identify security risks and protect their mobile applications against reverse engineering and tampering.
The creators of ProGuard® www.guardsquare.com