October is Cyber Security Month. Whether it’s the Department of Homeland Security with its Stop, Think, Connect posters, Wombat Security’s Anti-Phishing Phil training in how URL’s are constructed, or the National Cyber Security Alliance’s Stay Safe Online campaign to teach kids about cyber security, there have been dozens of public and private initiatives this month to raise awareness of online security and safety. Most businesses have a keen awareness of the threats they face, and are taking active measures to combat them.Read More
This Halloween, the cautionary warning for businesses of all size is: Beware of the cyber ogre!Read More
Frequently, when a prospective buyer contacts Breezy about adding a secure mobile printing solution to their BYOD or EMM solution, we ask them to describe the primary problem that they need to solve. Over time, three primary reasons have emerged.Read More
Now that mobile devices are rapidly becoming the primary end-user computing platform in many workplaces, the world of information security is undergoing a profound shift. That’s because securing corporate data and minimizing risk requires a different approach in a mobile first world than in a PC-centric computing environment. That’s the key message in a new white paper from Breezy partner MobileIron, which is available for free download at this link.
The 12-page white paper explains that there are two key reasons why IT needs to adopt new strategies for securing corporate data on mobile devices, as compared to PCs. First, IT has reduced control over mobile devices. The Mobile First era is all about the end user. They get to pick a mobile platform that best meets their personal preferences, with the expectation that the device should also work in a business context for the full range of apps and content needed to stay productive.
This is in stark contrast from the PC era where IT offered end-users an approved PC with a set of pre-selected apps. End-users had very limited say on what the PC was able to access and IT had the ability to control every aspect of the corporate-owned device from physical ports, to software and application versions. For mobile, end-users make the decision for many of these variables and IT can only recommend devices and applications. IT has no way to enforce a standard OS, device or app across the organization. In fact, the more IT tries to lock down devices, the more end-users will try to by-pass policies, increasing risk to the organization, the report says.
Second, old security models are no longer relevant. In the PC operating system scenario, the agent-based security method worked well. This involved a piece of software residing on the PC that controlled the process and data belonging to other applications. Unfortunately, this agent-based security model cannot be used to secure Mobile because of the differences in the way these operating systems are designed.
Mobile operating systems are designed using a sandboxed architecture which enables for isolation of apps and associated data which can only interact and share data through very well-defined mechanisms. This allows for greater security than the open-file system used by PC OS, and needs new tools that leverage specific security capabilities made available by the device vendor itself.
Different Threats Require Different Responses
Prat Agarwal, director of business development at secure mobile printing leader Breezy, agrees with the new MobileIron white paper that mobile devices expose company data to different threats. “Enterprise Mobility Management (EMM) tools help companies minimize risk and protect data without interfering with end-user productivity,” Agarwal says. “The methods are different than those used in a PC-only environment, because the threats are different.”
The differences include device-based threats such as:
- Always-on connectivity which could allow unauthorized parties to access business data.
- Software vulnerabilities that allow “jailbreak” or “rooting” of devices, compromising data security.
- Portable form-factor making the devices susceptible to theft and misplacement.
In addition, mobile devices are always connected to the Internet, and users often rely on untrusted public networks that provide a way for malicious parties to access and intercept transmitted data using rouge access points, Wi-Fi sniffing tools, and sophisticated man-in-the-middle attacks. Agarwal says, “The only proven way to protect against man-in-the-middle attacks is on-device encryption. That’s why Breezy encrypts every file: so the simple act of sending a document to a printer doesn’t open the door to this kind of attack.
For more information about the kinds of threats posed by mobile devices, and how to combat them with proven tools, download the new MobileIron white paper, or the mobile threats infographic available at the same link, watch this video from Breezy, or download The Definitive Guide to Mobile Printing, a free ebook from Breezy.
Graphic credit: The graphic is part of an infographic called Security in the Mobile First Era by MobileIron; ©2014 MobileIron.
According to Forrester Research, companies should build an app store into a corporate mobility strategy because they make it easy to distribute the tools that employees need and they can also help with data security and control what apps are used.Read More
Secure mobile printing leader Breezy today announced that it has joined OpeanPeak’s SECTOR Network. The addition of the leading Android & iOS secure mobile print app allows global service provider EMM solutions to print without sacrificing security.Read More
Mobile printing is more than cloud printing although the two are often mixed up when bloggers and journalists talk about the category. Mobile printing is the act of printing a file (a document, photo, web page, email or something else) from a mobile device such as a smartphone or tablet on a printer that is probably connected wirelessly to the mobile device.Read More
Everyone in IT knows about BYOD – bring your own (mobile) device. But does your company have a policy and procedure in place to deal with BYOA? Employee use of third-party cloud application services and consumer applications in the workplace is one of the biggest challenges facing IT right now.
According to a recent report from Gartner, this is trend represents such a challenge because more than 75% of mobile apps fail basic security tests. Employees download from app stores and use mobile apps that can access enterprise assets or perform business functions, and many of these apps have little or no security assurances. Well-meaning employees can easily expose themselves to cyberattacks and violations of enterprise security policies.Read More
A Screw’s Loose is one of the more interesting technical blogs out there. Katz, a Director of Mobility Engineering at Sanofi and a widely recognized thought leader in enterprise mobility, wrote a great post recently on the a continuing gap between what users want and what IT delivers – and noted that the cause of that gap is the way IT views the users.
In the post, Katz writes that IT shouldn’t view employees as IT users, but as IT customers. Changing the definition makes a big difference in how products and services are developed, rolled out, and supported. “Whenever people talk about creating apps the conversation turns to delighting the customer. Companies build apps that will delight people. They will have a great user interface (UI) and an even better user experience (UX). They will enable people to do what they want/need to do. We learn from day one when you walk into a company it’s all about pleasing the customer. That’s why we build consumer apps the way that we do,” Katz wrote.Read More
Writing in CITE, the magazine dedicated to the consumerization of IT, technology journalist Ryan Faas summed up the frustration of many IT executives by saying, “With the rise of different mobile platforms and content ecosystems, the technology world is becoming increasingly fragmented.”
It’s true of course. How many operating systems connect to your corporate network every day? Windows (in pre- and post-Windows 8 versions), OS X, Linux, Chrome OS, all the various versions of Android, iOS, Windows Phone, Amazon’s Kindle and Fire products, and BlackBerry are among the possibilities that more and more companies have to accommodate – and secure.Read More