Tag Archive for Mobile device

| May 26, 2015
Comments Off on Mobile Malware FUD?

Mobile Malware FUD?

Mobile Malware FUD?Just last week, I wondered out loud from my Bach Seat if all the hype around mobile malware was real or just more FUD. Looks like I am not alone, TechCo recently asked a similar question, “Are We Overstating the Threats from Mobile Devices?

mobile threatsThe author cites several recent reports that back up the claim that the actual mobile threats that mobile devices introduce into the enterprise are overstated. The data indicates that the mobile malware threat is statistically small and has even decreased since 2012.

• A McAfee report shows out of all the malware now out there, only 1.9% of it is mobile malware. The author equates the mobile threat to 4 million / 195 million McAfee knows about.
• Another report (PDF) from Verizon (VZ) shows even lower numbers, with only 0.03 percent of smartphones being infected with what is called “higher grade malicious code.”
hit by lighting• But some numbers go even lower than that. Damballa, a mobile security vendor that monitors roughly half of mobile data traffic, recently released a report that claims you have a better chance of getting hit by lightning than by mobile malware. Dramballa found only 9,688 smartphones out of more than 150 million showed signs of malware infection. If you do the math, that comes out to an infection rate of 0.0064 percent.

Even more interesting is that despite the increase in mobile devices, Damballa found the infection rate had declined by half compared to 2012.

Walled gardenThese reports may show mobile threats aren’t as big of a problem as previously thought, but the author asks, why the numbers are so low at all. After all, cybercriminals like to target new platforms and exploit security weaknesses. Why do they seem to be avoiding mobile devices?

The truth of the matter is that mobile users tend to get their apps from high-quality app stores. The stores from Google (GOOG) and Apple (AAPL) work to filter out suspicious apps. If malware is found in apps after they’ve already been on the market for a while, app stores can also execute a kill switch, which takes the app off the store and the devices where they were downloaded. This limits malware’s ability to spread.

remotely wipe devicesThe article concludes that companies that adopt BYOD should just ignore BYOD security; they just don’t have to go all-out as many businesses have done. Most mobile security experts say a mobile device management system remains a good investment to make sure mobile devices are handled appropriately. MDM systems also allow an organization to remotely wipe devices, thus keeping sensitive data safe in the event a device is lost or stolen. But malware really isn’t a factor in those cases, so the overall message from these recent reports is that getting worked up over mobile threats is not necessary. A company can still gain all the benefits of BYOD without having to worry incessantly over what they’re doing to protect every device that connects to their network.

rb-

What do you think?

Is mobile malware over-hyped FUD?

View Results

Loading ... Loading ...

 

Related articles
  • Your BYOD implementation checklist (powermore.dell.com)

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , , , , , , , ,
| May 15, 2014
Comments Off on Is The Perimeter Dead?

Is The Perimeter Dead?

Is The Perimeter Dead?Even while mobile, cloud, and software services are blurring the lines of corporate IT boundaries through deperimeterization, DarkReading recently asked out loud, if the perimeter is dead.

it's very hard to define the perimeter of any organizationThere are those who believe enterprises are wasting their security budget on perimeter protection. In fact, FierceTelecom reports that 57% of enterprises responding to a survey said they plan to spend $500,000 or more in 2014 to upgrade their firewalls to high-speed network interfaces. Security is the chief reason cited.

The perimeter is dead

It is no surprise that the answers varied according to the author. Hardliners have been hammering on the death of the perimeter for a long time now. “Perimeter security is no longer relevant to enterprises. With the mobilization of the workforce, it’s very hard to define the perimeter of any organization because mobile-enabled employees are connecting to the network from all over the world on devices of their choosing,” Thevi Sundaralingam, vice president of product management at Accellion told DarkReading. “Next-gen security needs to focus keeping content safe, not on defining a network perimeter.”

People are giving up on the perimeter

Then there are the cynical abandoners. “In my opinion, perimeter security is not dead — it just has been handled incorrectly for so long people are giving up,” Alex Chaveriat, a consultant at SystemExpert told the blog.

Network perimeterBut others believe perimeter protection still has plenty of relevance for enterprise IT, even if it means rethinking the role of the perimeter and how these defenses are deployed. Corey Nachreiner, director of security strategy for WatchGuard (a firm that sells firewalls) believes the perimeter is different but still relevant.

The perimeter will never die, it will just get more focused … Sure, our workforce is getter (sic) more mobile, which means we need to incorporate new security solutions. But let’s not fool ourselves. The perimeter will never go away.

The perimeter is different

WatchGuard’s Nachreiner believes that the new perimeter needs to focus on server infrastructure and data centers, and not endpoint users. He believes firms will have to work in a hybrid environment that bolsters the perimeter not replacing it. “Just because people are using mobile devices and cloud services doesn’t mean they won’t still have local servers and assets behind a relatively static perimeter.

Another argument for perimeter defenses, according to the author is network egress monitoring. Michael Patterson, CEO of Plixer International told the author that egress visibility is crucial to pinpoint large-scale breaches.

Ultimately, the bad guys need to pass through the perimeter in order to complete the exfiltration of the data they are trying to steal … Monitoring behaviors is playing a significant role in this area as is the reputation of the site being connected to. 

The perimeter is growing

exfiltration of dataCEO Patterson also explains that perimeter defense doesn’t necessarily have to be placed at the edge. He told DarkReading it may have more relevance inside the network to watch and block threats within the organization. It’s for this reason that Mike Lloyd, CTO of RedSeal Networks, says that rather than dying, the perimeter has actually grown in recent years. In the article he says;

Companies have more and more perimeters that are getting smaller and smaller … Regulation drives it: PCI demands internal “zones” of segregation. BYOD drives it: Once you let zany uncontrolled endpoint devices onto your network, you have to build zones to keep them away from internal assets. Security drives it: We’ve talked about defense in-depth for years, but people are finally doing it.

As a result, RedSeal’s Lloyd says, security practitioners, have more opportunities for controls. This, though, can be a blessing and a curse. The downside is complexity, more controls in more places … The aspirin for that headache is automation. Make sure that all the enclaves you designed are actually set up and maintained properly as change happens.

rb-
The last time I re-designed a network, we put a Checkpoint (CHKP) firewall in front the of server segment. We dropped it in, in transparent mode to collect the who, what, when, and why of people accessing data you should have heard the howls of protest.

Despite naysayers, many security experts believe perimeter defenses have relevance when deployed as a part of defense-in-depth.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , ,
| January 14, 2014
Comments Off on BYOD Obsoletes PBX

BYOD Obsoletes PBX

BYOD Obsoletes PBXFierceMobileIT noted a new study from RingCentral, a provider of cloud business communications systems, which claims BYOD is now threatening the traditional business phone systems. The survey of 309 professionals within organizations who make purchasing decisions on phone systems found that personal mobile devices are so prevalent in the workplace that they are rendering traditional business phone systems obsolete.

cloud business communications systemsAccording to FierceMobileIT, the survey’s key findings:

  • Half of the respondents use mobile phones even while sitting at their desk, with a traditional desk phone in front of them
  • 88 percent of employees use their mobile phones for work purposes while on personal time, including evenings, breaks, weekends, and vacations
  • 70 percent of respondents believe office phones will eventually be replaced by mobile phones – Millennial workers are especially likely to believe this is true

RingCentral President David Berman told the author he believes that the new wave of employee-owned mobile devices is better than a premise-based phone system.

Mobile devices are turning into true business tools and are transforming the workplace as a whole, from shifting traditional business hours to changing how employees interact via voice, video, text and other business applications. We believe that all these changes are making legacy on-premise phone systems obsolete as they do not meet modern business needs

Praful Shah, RingCentral’s VP of strategy, told FierceMobileIT that his firm has seen a “tremendous behavior change going on with BYOD.” Asked what stood out in the research to him, he says it was the degree to which employees are using their personal devices to do work. He assumed the practice to be popular, but not to the degree the survey revealed. VP Shah noted;

Eighty-eight percent of employees are using mobile phones in their personal time for work. That is a phenomenally high percentage

The result is a shift in what physical telephones organizations will need to purchase. But it will also impact the need to provide applications that enable the employee to use multiple email and telephone accounts on the device, to keep private life and professional life separate when necessary.

rb-

This study is from a firm that sells a competitive product to on-premise PBX, so they are spreading FUD for their benefit. Firms considering cloud-based services should do due diligence and question how these cloud-based service providers are going to protect their data from government spying or it disappearing with little or no notice.

Additionally firm needs to protect its own data. They need a way to protect their data on an employee’s phone. That could include the ability to completely wipe the firms and the user’s data from the phone.  I wrote about how BYOD can land an employee in jail here.

 

Workforce Mobility infographic RingCentral

 

Related articles
  • The Top 5 Business PBX Providers for Q4 2013, as Ranked by Voip-Info.org (virtual-strategy.com)

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , ,
| July 25, 2013
Comments Off on The Wireless Car Frontier

The Wireless Car Frontier

The Wireless Car FrontierNow that the mobile floodgates are open, developers, manufacturers, and platform operators are trying to design wireless cars. These devices will channel the next wave of mobile usage and innovation. Some are looking at wearable tech, such as Google‘s (GOOGGlass and the Pebbles Watch and as the natural progression of mobile technology. But computing platforms, including mobile operating systems, are also becoming ubiquitous in consumer electronics and appliances. The Business Insider writes that the greatest potential for mobile platforms and services could be cars.

mesh nicely with popular activities on mobileThe article states the obvious, cars are inherently mobile. Additionally, many of the activities people do in their cars, listen to music, look up directions, mesh nicely with popular activities on mobile. The author claims that Americans spend an average of 1.2 hours a day traveling between locations and American commuters spend an average of 38 hours a year stuck in traffic. If mobile apps and Internet-based services can shoehorn their way into the in-car environment, that means a great opportunity to expand their ability to engage consumers, absorb their attention, and gather data.

The BI explains that there is already a sizable and growing mobile market in the car. Five years from now, there will be over 60 million connected cars on the road globally, according to estimates from the GSMA and others. Car-focused telecom, hardware, and software services will drive some $51 billion in annual revenue by 2018. Pandora, for example, is now being used in 2.5 million cars and 100 car models through one of its 23 partnerships with auto brands and eight partnerships with stereo manufacturers. BI identified three ways in which mobile products and services can be integrated into cars.

Wireless car integration

handset connects with vehicle-based hardwareThe owner’s Internet-connected handset connects with vehicle-based hardware and computing systems. However, the mobile device drives all key facets of the app, including Internet access, and the car simply provides some tools to facilitate it (i.e., dashboard user interface, voice controls, speakers, jacks, and/or steering wheel-based controls). Currently, many in-dash automobile app suites in cars are nothing more than an interface that provides control over a Bluetooth or audio jack-connected smartphone.

Tethering

The connection is provided through external means, but the computing and delivery of the services happen in the car. For example, a Bluetooth or USB connection might link a car’s navigation system to your phone-stored contact list, and from that moment forward a simple press of a button in the car would guide you to a friend’s house from any location. In this scenario, the car depends on the external device to gather Internet-based data.

Embedding

Connection and intelligence are baked into the car

Connection and intelligence are baked into the car. The car houses the operating system, apps, and other services that will deliver Internet-based mobile services to the user. A mobile device might sync with whatever is in the car, but external mobile gadgets aren’t essential to running car-based apps. GM is moving in this direction with its new fleet of 4G cars. (rb- I covered the evolution of 4G here) Means of integration can be blended, and often are. (rb- I wrote about Microsoft’s move into cars back in 2011, here.)

iOS in the Car

Emily Price at Mashable reports that Apple (AAPL) jumped into the mobile products and services integration game. Ms. Price reports that the folks from Cupertino have received a USPTO patent for a touchscreen car dashboard. If Apple carries through with their patent, it would replace most of your car’s existing instrumentation. The new dashboard would make your vehicle’s controls digital, letting you control everything from the temperature in your car to the radio station using a touchscreen.

OS in the CarThe article claims “iOS in the Car” should be released in 2014. Cars that support the service will allow your iPhone 5 to connect to your car’s in-dash system make phone calls, send and receive messages access your music, and get directions. Siri support will also let you do all of those things hands and eyes-free.

The blog reports that “Siri Eyes Free” is available in General Motors‘s (GMChevy Spark and Sonic via the Chevrolet MyLink system. According to reports sometime in 2014 Apple iOS will be available in 15 more car brands including:

Acura
Audi
BMW
Chrysler
Ferrari
Honda
Infinity
Jaguar
Kia
Land Rover
Mercedes-Benz
Nissan
Opal
Toyota
Volvo

rb-

Detroit moile cityI covered Ford (F) Executive Chairman Bill Ford Jr. plan to re-position Detroit as the “Silicon Valley of Mobility.” Hopefully, AAPL has figured out how to multi-thread iOS. I gave up my iPhone because it could not mult-thread. Every time I went to answer a call, I got 5 or 10 email pop’s that I had to deal with before I could answer the call. This kind of behavior could be catastrophic in a car.

What if you need to do two things at the same time, like shift from forward to reverse and turn on the air conditioning.

Then there is the privacy issue. Will AAPL give all the data they collect to the NSA or your insurance company?  

 

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , ,
| December 13, 2012
Comments Off on Top Five IT Trends for 2013

Top Five IT Trends for 2013

Top five IT trends for 2013Ian Kilpatrick, who has the longest job title I have ever seen, chairman of international value added distributor, specialists in market development for secure IP infrastructure solutions and convergence at Wick Hill Group shares his vision of the top five IT trends for 2013. In the article, Top five IT trends for 2013 at ITnewslink he shares his predictions.

BYOD Man1. BYOD – He says the first IT Trend for 2013 is BYOD. BYOD is now an unstoppable, user-driven wave that will continue to make a major impact on the IT world in 2013 and beyond.  2013 will see companies trying to integrate BYOD into their networks.

He also speculates that we can expect to see the growth of Microsoft (MSFT) Windows to Go secure USB sticks based on Windows 8, which provide remote users with the supported version of the corporate desktop. These are available from a limited number of suppliers authorized by Microsoft and include Imation’s IronKey Workspace for Windows to Go.

Mobile Device Management2. Mobile Device Management – The next IT trend for 2013 is that Mobile Device Management solutions growth will accelerate in 2013. The growth is due to the rapid growth of mobile devices such as smartphones, tablets, and laptops, but particularly smartphones.

Growth will be strongest for MDM solutions that offer features such as ensuring mobile device usage complies with company security policies, allocating access rights, managing configuration, updating policies, dealing with data leakage issues, and dealing with lost or stolen devices.

A crucial component for the continued growth of MDM solutions will be the clear separation between the management of business and personal data on devices. There are over 100 suppliers in mobile device management many of them are good but niche solutions. The Gartner (IT) Magic Quadrant identifies the strategic leaders, which includes Zenprise.

High density wireless3. High density wireless – Wireless requirements have been significantly incrementing over the last year making it the third IT trend for 2013. The firm says BYOD has changed both the data transfer and performance expectations of users. However, these expectations have not been met, with many networks still inadequate in their coverage and performance.

The new 802.11ac standard, with 1 gigabit per second throughput rates, will be a key driver in organizations moving to high-density wireless in 2013. High density wireless will provide companies with high coverage and high performance, supporting business-critical applications and delivering complete site coverage There will continue to be a shift from niche solutions towards more strategic solutions. The Gartner Magic Quadrant identifies Xirrus, which will continue to experience stratospheric growth.

Data back-up and recovery4. Data back-up and recovery – 2013’s fourth IT trend for 2013 deals with data back-up and recovery. Organizations have been under immense pressure from ever-increasing data volumes, archiving, and compliance requirements.

At the top end, new data replication technologies will have a major impact on data centers in 2013. For smaller organizations, the shift from tape will continue apace. For conservative organizations, the move to disc (and, in particular, RDX technologies that combine the best of tape and disk) will accelerate. Hybrid back-up to RDX and then the cloud will increase. In volume terms, the lowest move (but in market-hype the biggest) will be significant growth in direct back-up to the cloud. RDX, hybrid, and cloud data backup solutions are available from vendors such as Imation and Barracuda Networks.

Data leakage protection5. Data leakage protection – The last Wick Hill Group IT trend for 2013 says that with the growing volumes of data and regulatory bodies’ willingness to levy fines for non-compliance, data leakage protection will continue to be a major cause for concern during 2013. Companies will be looking closely at how to secure and manage their data as their network boundaries spread even wider, with increased use of social networking and BYOD, increased remote access, the rapid growth of wireless, increased virtualization, and the move towards convergence.

Increasingly, organizations will couple DLP products with SIEM (Security Information and Event Management) solutions. DLP concerns will also continue the growth curve for authentication (much of it hosted in the cloud) and encryption, to protect data, both in motion and at rest. Some companies will look to hosted security services and the cloud to cope with an increasingly complex security situation. SIEM and authentication solutions are available from companies such as LogLogic, Check Point VASCO, and SafeNet.

rb-

So these are not really earth-shattering predictions for 2013, BYOD, MDM, and Wi-Fi are already part of my world. We are doubling our backup capabilities and will be updating from our current McAfee to some sort of DLP

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , ,
« Older Entries   Recent Entries »