Tag Archive for Microsoft

| January 29, 2015
Comments Off on Are Firms Ignorant About BYOD Issues?

Are Firms Ignorant About BYOD Issues?

Are Firms Ignorant About BYOD Issues?Enterprises are being ignorant towards the issues BYOD is causing to their business says backup vendor Acronis. James Rawbone, Senior Partner Account Manager EMEA, Enterprise Mobility Solutions at Acronis, shared his opinions with Desire Athow at ITProPortal on why and how enterprises are being ignorant towards BYOD issues.

Acronis logoThe Acronis 2013 Global Data Protection Trend Report developed by the Ponemon Institute identified five surprising BYOD trends:

1. There are big gaps in secure BYOD policies across organizations. The Acronis survey found that 60% of businesses have no personal device policy in place, and those with policies 24% make exceptions for executives, who are most likely handling the most sensitive corporate data. As a result, these organizations are increasingly vulnerable to data loss and serious compliance issues.

2.Simple security precautions are not being adopted. The survey found only 31% of companies mandate a device password or key lock on personal devices, and only 21% do remote device wipes when employees leave the company, drastically increasing the risk for data leakage.

3.Businesses underestimate the dangers of public clouds. The researchers report that corporate files are commonly shared through third-party cloud storage solutions such as DropBox, but 67% of organizations don’t have a policy in place around public clouds and 80% haven’t trained employees in the correct use of these platforms.

compatibility and interoperability are still big obstacles4.The growth of Apple (AAPL) devices is complicating BYOD security for administrators. 65% of organizations will support Macs in the next year, and 57% feel compatibility and interoperability are still big obstacles to getting Macs compliant with their IT infrastructure. This puts data stored and shared across the corporate network and on Apple devices at risk.

5.Some organizations are ignoring the benefits of mobile collaboration altogether. More than 30% surveyed actually forbid personal devices from accessing the network.

 tight budgetsMr. Rawbone sees two reasons organizations are not educating or training their employees on the risks of BYOD. First is time and money. Most companies have tight budgets across the board and in particular within their IT department, as well as their overall staffing. The second excuse for not training their staff is that they are unaware that their staff is using these solutions, or they are turning a blind eye to the issues effect their corporate data and overall IT infrastructure.

The Acronis Senior Partner told ITProPortal there are legal and compliance issues associated with BYOD; but generally BYOD can be adapted to each compliance regulation and rule. The main concern of BYOD is data protection and ensuring that as employees bring devices to-and-from the workplace, confidential corporate data is adequately protected while remaining easily accessible. An important part of data protection, often not addressed by BYOD strategies, includes ensuring that information and records comply with privacy laws like the Health Insurance Portability and Accountability Act (HIPAA) and Sarbanes-Oxley (SOX), as well as specific industry and regional privacy regulations.

data protection Mr. Rawbone concludes by reminding the author that the important thing every business needs to remember is that mobile devices can be replaced for a small cost in comparison to having your confidential data stolen and used incorrectly.

Companies need to embrace technological evolution and look at the business benefits of BYOD. Otherwise, he claims they will be facing some serious network and data issues and worst of all potentially facing some legal problems in the coming future.

mobile device security policyCreating a mobile device security policy doesn’t have to be complicated, but it needs to encompass devices, data, and files. The article lists a number of simple things organizations should do, like require users to key-lock their devices with password protection. 68% of those surveyed use VPN or secure gateway connections across networks and systems, and 52% use Microsoft (MSFT) Active Directory and/or LDAP. The simplest place to start is to use device key-lock and password protection.

 

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , ,
| January 13, 2015
Comments Off on 2014’s Major Web Vulnerabilities

2014’s Major Web Vulnerabilities

2014's Major Web Vulnerabilities2014 was the year of cyber-security mega-vulnerabilities. What makes mega vulnerabilities unique are they strike at the core of the Internet infrastructure and can impact nearly every connected device and every Internet user on the globe. 2014 saw the emergence of three mega-vulnerabilities Hearbleed, Shellshock, and POODLE.

Heartbleed, Shellshock, and POODLE were the top three major web vulnerabilities uncovered in 2014 according to Fred Donovan at FierceITSecurity. In case you have not heard of this trio of troublemakers, Web security firm Incapsula produced the following infographic.

The Incapsula infographic looks at each of these vulnerabilities and layout when they were discovered, what type of vulnerability they are, what systems and the number that are affected, the risks posed by the vulnerabilities, their severity, how easy they are to exploit, and the difficulty of fixing. Tim Matthews, vice president of marketing for Incapsula wrote in their blog:

What makes these mega vulnerabilities special is that unlike most vulnerabilities that are specific to a particular OS, browser or software application, these three relate to the core Internet infrastructure (e.g., SSL and Linux devices) and, in essence, affect just about every connected device owner and every Internet user on the globe.

Incapsula 2014 Mega Vulnetabilities

rb-

In their blog, Incapsula warns this is the tip of the iceberg of mega-vuln‘s that exploit other structural core functions of the Intertubes. Wired reports that after 8 months, 300,000 machines remain unpatched against Heartbleed.

Related articles
  • Web Freedom Is Seen as a Growing Global Issue (cacm.acm.org)

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , ,
| December 16, 2014
Comments Off on Tablets Still Don’t Rule the World

Tablets Still Don’t Rule the World

Tablets Still Don't Rule the WorldThe rise of tablets like Apple’s (AAPL) iPadSamsung‘s (005930) Galaxy Tab, and the Google (GOOG) Nexus have grabbed PC buyers’ attention and dollars for several years at the expense of the PC market. Lately, however, it seems that the carnage in the PC market has stabilized. And the growth of the mighty Apple iPad has plateaued.

iPhone, iPad, and iPod sales

iPhone, iPad, and iPod sales from Q1 06 to Q3 14 (in million units) | Statista

Cloud computingCould this be because there is no real business case for the tablets? After being on the market for several years, they have not replaced the PC at work. Don Reisinger at eWeek, recently put out 10 reasons why tablets still cannot replace PCs where he argues that the Post-PC Era is yet not a done deal. He argues despite their popularity, tablets still aren’t powerful or capable enough to replace PCs. He states in the article tablets cannot–and will not–replace PCs. Let’s look at his reasons why.

1. Component power

Over the last few years, mobile components running in tablets have gained in power. However, processors such as NVidia’s (NVDA) Tegra 3 or Apple’s A6X still pale in comparison to the power delivered in PC chips from Intel (INTC) or AMD (AMD). Until that changes, tablets can never replace PCs for the power-hungry users among us the author says.

Apple vs. Microsoft2. App availability

Apple’s App Store now offers over 800,000 applications. And although many of them are worthwhile downloads, few actually deliver the complexity and sophistication customers would find in Microsoft (MSFT) Windows or OS X. Nowhere is that more clear than in the comparison of Office on mobile and PCs. Eweek says until apps gain in sophistication, mobile can never keep up.

3. Virtual keyboards aren’t loved

The problem with all tablets is that they come with virtual keyboards. And although more people are warming to virtual keys, there are still many folks around the globe that like having the standard physical keyboard found in PCs. The blog asks why not? Typing on traditional keyboards with two hands is far more accurate and efficient.

virtual keyboard as a reason he does not use a tabletPaul Mah at FierceCIO echoed the authors, citing the virtual keyboard as a reason he does not use a tablet as his primary work device. I have struggled with iPad virtual keyboards, and yes I did try Bluetooth keyboard cases and found them disagreeable.

4. Windows is the enterprise’s favorite

The article notes that Microsoft holds a dominant position in the enterprise. Tablets are just one front on that battlefield. The enterprise is adopting tablets at a rapid rate. But that doesn’t mean that the corporate world is ready to drop Windows for iOS or Android. In fact, Windows is still the most important software solution for enterprise users. Granted, Microsoft is bringing Windows to tablets, but for now, those products aren’t proving popular. Until they do catch on, PCs will win out.

5. Think about enterprise productivity

Productivity in the enterpriseProductivity in the enterprise is extremely important. And on that front, Mr. Reisinger says PCs are still winning out, Forbes recently estimated that MSFT Office market share will drop from its current 95% to 90% by 2016. Notebooks deliver the same level of mobility as tablets, and desktops deliver the power that designers and other employees might need. Simply put, PCs are still the ideal productivity-maximizing solutions for enterprise users.

6. Tablet prices are still too high

Tablets are expensive. The latest iPad launch can set customers back $929 for 128GB of storage and 4G LTE support. A more powerful notebook can be purchased for several hundred dollars less. The author believes that given the state of the economy and the fact that many tech buyers are looking to save cash wherever possible, PCs can’t be considered obsolete in their battle with tablets.

7. Notebooks are turning into tablets

mobile malware eWeek points out that PC vendors have made the smart decision to cut off the rise of tablets by delivering touch functionality in their products. Lenovo’s Yoga, for example, has a screen that can swivel around and sit atop the keyboard to act as a tablet. As more notebooks take on tablet functionality, devices like Apple’s iPad might look like an awfully poor value for the price.

8. More options across the PC market

The sheer number of options available to customers in the PC market is something that can’t be overlooked. From notebooks to laptops to desktops to ultrabooks, there’s something for everyone. Best of all, the components in those products can be customized to match the respective customer’s needs. The blog concludes that choice, outside of storage space, is something sorely lacking in the tablet market. And customers know it.

9. The security advantage is going away

 

Tablet malwareWhen tablets started to make inroads into the PC market, many speculated that it was because of the comparative safety that went along with using such products over notebooks. Now, the author says things have changed. Android is the top target for malicious hackers now, according to several security reports, and has become the next frontier in malware. That could prove extremely troublesome for tablet adoption if things continue to get worse.

10. Tablet OSs need to grow up

Android and iOS, the two most popular tablet operating systems, are nice and effective in the mobile world. But they haven’t grown up yet. Mr. Reisinger says Apple’s iOS, lacks a file system. Android comes in too many flavors for customers to get comfortable with its functionality. Mobile operating systems have to grow up. If they don’t, tablets will never match PCs.

rb-

Huge phoneI just got back from the annual run to the big-box store for Christmas shopping and saw another reason the tablet still does not rule the world. Pfablets.  Some of these things are just as big as an iPad Mini. Now it’s time for a good Gin and Tonic after facing the holi-dazed shopping hordes.

Dell and Intel released a report [pdf] that says the desktop is still the workhorse of the average office. They found that 77% of office tasks are completed with a traditional PC.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , ,
| November 2, 2014
Comments Off on Tech Giant Lobbying

Tech Giant Lobbying

Tech Giant LobbyingIn honor of election day, here is some unsettling info from IDG. The research firm reports that 2013 was a record year for computer and internet company spending on lobbying in the U.S., and 2014 is looking set to continue that trend. They presented an infographic that tracks information technology firms’ money spent buying, corrupting, lobbying politicians.

record year for computer and internet company spending on lobbying in the U.S.The article says that advertising, privacy, cybersecurity, patents & IP, tax, immigration, energy, drones, and mobile payments are all issues the tech industry wants to control, dominate influence on Capitol Hill. IDG’s research says that Google was the biggest spender; the search giant spent $3.94M in Q3, an increase from this time last year.

IDG reports that many well-known tech firms have increased their political spending when compared to last year. They report that social networking giant Facebook (FB) has already surpassed its lobbying spend compared to all of last year. Other tech mega-firms that have increased their attempts to buy political power lobbying include:

tech mega-firms have increased their lobbyingMicrosoft (MSFT), historically one of the biggest spenders in this area, was one of the few companies to actually decrease its spending from this time last year, down by a quarter to $1.66M according to the report. It seems a lot of the other legacy enterprise companies are also cutting back. Other companies reducing lobbying spend compared to this time last year are:

Don’t worry about the fat-cats, IDG says there are plenty of other companies also lining politicians pockets spending +/- $1M each on lobbying including the likes of:

2014 Tecch Lobby Spending - IDG

rb-

No wonder Washington is broken, how much of this money goes into the stupid TV ads you can’t escape. Maybe if these firms paid their proper taxes they would not have so much cash to spend buying congress. Oh right – IBM is a person who has rights.

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , ,
| October 14, 2014
Comments Off on 25 Years of the Firewall

25 Years of the Firewall

25 Years of the FirewallThe firewall has turned 25 years old this year. In commemoration, McAfee created a timeline of the events that shaped the development of the device most of us rely on the protect ourselves from each other. The infographic shows how the firewall’s evolution coincided with high-profile security events:

These security breaches triggered security developers to react with more advanced firewall technology:

  • 1998: Evasions researched
  • 2009: Native clustering for high availability and performance introduced
  • 2012: Software enabled security introduced, making blade technology obsolete.

The first generation firewalls were called Packet Filters. Packet Filter firewalls look at network addresses and ports of the packet and determine if that packet should be allowed or blocked based on rules programmed by humans. If a packet does not match the packet filter’s ruleset, the packet filter will drop or reject the packet, breaking the connection.

The second generation firewalls do stateful packet inspection. According to Wikipedia, second generation firewalls record all connections passing through it and determines whether a packet is the start of a new connection, a part of an existing connection, or not part of any connection. Though static rules are still used, these rules can now contain a connection state as one of their test criteria.

Third-generation firewalls use application layer filtering which can “understand” certain applications and protocols (such as File Transfer Protocol (FTP), Domain Name System (DNS), or Hypertext Transfer Protocol (HTTP)). This is useful as it is able to detect if an unwanted protocol is attempting to bypass the firewall on an allowed port or detect if a protocol is being abused in any harmful way.

Next Generation FirewallPat Calhoun, SVP at McAfee, explained in a Help Net Info article that it was not until 2009 when the fourth generation firewall we know and love began to evolve. In 2009 Gartner published its definition and a paper on “Defining the Next-Generation Firewall. (PDF)” According to its definition, NGFWs are:

…deep-packet inspection firewalls that move beyond port/protocol inspection and blocking to add application-level inspection, intrusion prevention, and bringing intelligence from outside the firewall.

In its paper, the Gartner authors explain that “Firewalls need to evolve to be more proactive in blocking new threats, such as botnets and targeted attacks.” Mcafee’s Calhoun points out that NGFW discussions started in 2003 but the technology really didn’t get on the right track until Gartner defined it in 2009.

 

Intel 25th Anniversary of the Firewall infographic

rb-

Future NGFW development efforts need to integrate application control, IPS, and evasion prevention into a single, purpose-built box with enterprise-scale availability and manageability solution.

Back in the day, 2000, I managed a Checkpoint firewall IPSO ver 3.0 on a Nokia appliance (IP300?). The thing was the network had been up and running for 3 years and included over 3,000 devices before the Checkpoint was put in. Can’t get away with that now,  a naked PC on the Innertubes will be compromised within minutes to hours, according to those who know that kind of stuff. 

The most vivid recollection of setting the thing up was just randomly mashing on the keys to create the first key. Other network guys were amazed because apparently, this was the first firewall many had seen with a GUI to configure the rules.

I also remember learning the hard way that Deny All goes at the bottom of the list, not the top. 

Related articles
  • Enterprise Firewall Market: Global Forecast to 2019 by Professional Services (mynewsdesk.com)

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , ,
« Older Entries   Recent Entries »