Archive - Mobile RSS Feed

Massive iCloud Hack Shows Criticality of Strong Authentication

icloud-hack-big

Apple has a reputation for building secure systems. The Mac is still far more hack proof than PCs, and the iPhone being a closed system has not been hit with a plethora of malware.

The iCloud had much the same reputation – until this week.

Hackers reportedly successfully compromised millions of iCloud logins. The hackers, dubbed the Turkish Crime Family (but ironically based in London), then demanded Apple given them $100,000 in iTunes cards. This is a takeoff on ransomware. Instead of locking up data and demanding money, the bad guys steal data and want cash for its return. The group has been trying to extort money in return for the log ins from other companies as well. Continue Reading…

Why Mobility Management Matters to MSPs’ Customers

As an MSP, does the following scenario sound familiar to you?

A customer (say a small financial institution) calls you to report that one their employees lost a tablet that was used to access sensitive customer information. They are unsure if that information is protected and are now worried about the repercussions if that information is compromised. HELP!

This is a fairly common scenario owing to the proliferation of mobile devices at workplaces. These are powerful computing devices that need management. In this post, let’s discuss the mobility trend and why mobility management is important for Small and Medium-sized Businesses (SMBs)–the typical customers of an MSP.

Continue Reading…

Simple Can be Harder than Complex

“Simple can be harder than complex: You have to work hard to get your thinking clean to make it simple. But it’s worth it in the end because once you get there, you can move mountains” ~ Steve Jobs.

In this blog article, Don LeClair, Kaseya’s EVP for Product Management, expounded on the Product Design principles we follow here at Kaseya. In today’s post, I am going to discuss a specific design principle – Simplify Everything. I will explain how we used this guiding principle to design Kaseya’s Enterprise Mobility Management (EMM) solution with the sole focus of driving ease-of-use and thus greater value to our customers.

Continue Reading…

Augmenting Active Directory to Manage Mobile Devices

Active Directory Blog Graphic

For more than two decades, IT admins have relied on Active Directory (AD) or LDAP to broker network access to users, to control user access privileges for various sensitive company assets, and to apply security policies across the organization. But with cloud-based business applications now an integral part of the enterprise IT application landscape, Active Directory (AD) integration becomes a stumbling block for many. But make no mistake, AD/LDAP is still widely regarded as the central source of enforcing security policies on users and entities within an organization. AD is not getting displaced to accommodate cloud applications, but there is a need to have better and transparent integration between them. This is achieved by single sign-on (SSO) through an Identity and Access Management (IAM) solution such as Kaseya AuthAnvil. However, IT applications are just one piece in the IT security puzzle.

Continue Reading…

Multi-Factor Authentication on Mobile Devices

Multi-Factor Authentication

My friend Tony loves electronics and gadgets and probably owns every type of man toy – iPads, home theatre system, Xbox, GoPro, Quadcopter with Wifi camera, etc. He travels a lot for work and is always connected to the internet via his phone and wireless HotSpots. He is a technophile, which makes work and life convenient for everyone associated with him. Or does it?

In my opinion, Tony is a perfect embodiment of the statement, “Employees are the biggest vulnerabilities for a company’s information security.”Tony’s work emails have been setup on every tablet he has owned. He never cared about removing email settings and data from the old devices when he bought a new one (Who does that anyways?). His kids have access to his old mobile devices and most of them do not have passcode locks because, for end users, ease of use often trumps security concerns. This gives Tony little to no control over who else can use those old devices for casual browsing. And he not only compromises his personal data, but his work data as well. While he is no Jennifer Lawrence(trust me, his personal photos are not in demand!), he still makes his personal information vulnerable and exposes his work email to casual browsing by others, inadvertently compromising his company’s information security. And he is not an exception. There are lots of folks like Tony. Not too long ago we had this news:

Iowa State DHS Data Breach – Two workers used personal email accounts, personal online storage and personal electronic devices for work purposes

Furthermore, what happens when Tony quits his job? All that data on his mobile devices is the company data/IP walking out of the door unchecked.

Continue Reading…

Does the Math for BYOD Add Up?

BYOD and ROI Graphic

The Bring-Your-Own-Device (BYOD) program has several benefits from an IT administration and general business perspective, such as improving employee job satisfaction and productivity, costs savings on company owned devices, and increasing employee availability across the company

But CompTIA’s recent survey suggests that 51 percent of large enterprise firms have not jumped on to the BYOD bandwagon – only three percent of medium and large firms and nine percent of small firms have adopted a full BYOD policy. According to the survey respondents, in addition to security concerns, the math for BYOD investment apparently fails due to hidden indirect costs such as the complexity of supporting a wide array of devices, investments in building the mobility management skills of IT staff and the overhead of balancing the needs of end users and IT. Make no mistake, all these enterprises have also acknowledged the growing importance of mobility management and are making investments in that direction. They seem to be more comfortable with the idea of having complete control of the devices – just like they do on employees’ laptops and PCs. The natural tendency to extend this deep entrenched IT management philosophy to mobile devices and that is precisely the reason why many BYOD initiatives fail.

The math for BYOD adds up if you adopt a simple philosophy in your BYOD mobile strategy: Manage Data Not the Device. With this philosophy you can realize the value of BYOD program that enables your employees to use their personal devices securely for work.

Continue Reading…

Manage Data, Not Devices

security incidents

I recently read Verizon’s 2014 Data Breach Investigations Report which investigated 63,437 confirmed security incidents including 1,367 confirmed data breaches across 50 organizations in 95 countries. The public sector had the highest number of security incidents, whereas the finance industry had the highest number of confirmed data breach incidents (no surprise there!). These security incidents were mostly one of the following:

  • POS Intrusions
  • Web App Attacks
  • Physical Theft/Loss
  • Miscellaneous Errors
  • Crimeware
  • Card Skimmers
  • Cyber Espionage
  • DoS Attacks

Given your industry and the size of your company, some of these may not matter to you (until they happen to you). But there are three types of security incidents that are universally applicable, especially in this age of exploding adoption of mobile devices. They are Insider Misuse, Physical Theft/Loss and Miscellaneous Errors. It just takes a single lapse in security measures for an organization, whether public, private or government, to end up in a story like this:

Iowa State DHS Data Breach – Two workers used personal email accounts, personal online storage and personal electronic devices for work purposes

Further elaborating on the “Insider Misuse” threat, the Verizon report adds that over 70 percent of IP theft cases occur within a month of an employee announcing their resignation. Such departing employees mostly steal customer data and internal financial information. This has been made easier for these employees by permitting them to use their personal devices, which walk out with them when they leave.

Continue Reading…

Mobile App Management for Ultimate Control of Mobile Devices

Mobile Device Managment

If you ever want to see top notch diligence, watch a first time mom pack her toddler’s lunch box – at least in my house. She packs every snack and meal in separate pouches and in measured quantities. She keeps all the unhealthy high-sugar stuff out and includes all my son’s favorite foods so that he eats well even when she is not around. The only other time I witnessed such meticulous control on what goes, what doesn’t, and how much, was by the IT staff at my previous company that had 100,000+ employees globally.

IT administrators, as caretakers of enterprise IT infrastructure, have always wanted a close, tight and centralized control of every piece of IT asset to ensure business continuity, optimal performance, high productivity and bullet-proof security. As the size and complexity of infrastructure increases, the IT management challenges rise exponentially. Companies today extend mobile access to corporate data, along with company-owned mobile devices in many cases. About a decade ago companies trusted BlackBerrys for their secured encrypted access. There weren’t any third party phone apps that users could find and install by themselves on these devices. It was a thick-walled garden back then. But with the advent of Android, iOS and Windows mobile platforms the walls have come down and it has now become a fenceless park within a gated community.

Continue Reading…

Users Are Going Mobile And So Should Your IT Management

mobile device

Circa 2003: I needed to print sensitive corporate data for a client meeting the next morning. Those files were stored on a remote corporate server. I logged on to a company desktop, connected to the corporate LAN and printed the files. The next morning, I realized I got the wrong versions. I hurried back to the office, logged on to the desktop and printed the correct files. I barely made it in time for the client meeting and forgot my glasses in the cab as I reviewed the content on the way. Around this time, BlackBerry launched their first smartphones capable of email and web surfing. By the end of 2003, mobile Internet users were virtually nonexistent.

Circa June 2007: Enter Steve Jobs with the iPhone, which completely redefined smartphones as pocket-sized mini-computers. By the end of 2007, there were 400 million mobile internet users globally.

Today (2014): Got a smartphone…check. Got a tablet…check. Got iOS and Android devices…check and check. Setup office applications on them…done. Need to look up corporate files? Wait a minute…and done! Today, there are more than 1.5 billion mobile internet users in the world and very soon they will surpass the internet users on desktops.

Since 2007: the adoption of internet-capable smartphones has been stupendous. Almost every corporate employee today owns a smartphone for personal and/or office use. Mobile access to corporate information boosts business productivity (except when you are busy checking Facebook). This in turn helps increase job satisfaction of employees and keeps the company agile and responsive to business needs on the go. This is the essence of workforce mobility. But, in order to be future-proof, let’s not misunderstand mobility as the mere use of mobile phones to access data. The definition of “mobile” in this context should entail any computing device, capable of wireless data communication, that moves around with you (i.e. smartphone, tablet, smart watch, or google glass — if that ever takes off). And, who knows we may have the “smart paper” coming up soon.

This proliferation of mobile devices, in volume and in platform diversity, increases the challenges for IT management. The higher the number of endpoints that access enterprise data, the greater is the exposure to security risks.

The rapid adoption of mobile devices drives two important trends for the IT management staff, namely:

Continue Reading…

-->