This talk shifts the focus from the sexiest new vulnerabilities in Google Android or Apple iOS apps to questions that help organizations understand the far-reaching implications of decisions about the who, what, where and how of the mobile software they develop. We tackle issues ranging from platform support to secure SDLCs and discuss how decisions today have tactical implications.