The VA’s mobile security chief offers IT leaders five excellent tips for securing mobile devices.
Like many federal agencies, the Department of Veterans Affairs has embarked on the journey of integrating iPhones and iPads as mobile solutions. The agency currently has 20,000 mobile devices that includes iPhones and iPads along with some BlackBerries and a small number of Android devices. Despite the range of devices, the VA has been very active in trying to eliminate mobile data breaches and, according to the VA’s director of Mobile and Security Assurance Donald Kachman, the agency’s campaign has been extremely successful.
Kachman credits encryption technologies with as a major factor in that success – 99% of all VA data is now secured around the clock on mobile devices and desktop PCs. The security approach is one that can be a model for any organization.
There are plenty of reasons to want to encrypt the data on a hard drive. Before OS X Mountain Lion, Apple provided tools to do this with the startup drive, via FileVault. Starting right now, however, with OS X 10.8, you can encrypt almost any external drive you like, including flash drives (also known as thumb drives in my neck of the woods). Here’s how.
1Password goes head-to-head with a password cracker and shows why complex passwords are important.
1Password by AgileBits is a an incredible tool for keeping your data safe. More than just a password manager, 1Password allows you to encrypt and organize a wide range of data (website passwords, non-web digital accounts, credit/debit card numbers and financial account details, software licenses, and files containing confidential information.
Those features are all well and good, but the biggest feature is 1Password’s ability to keep all that data secure in the face of brute force attacks – the kind of attacks where a piece of software simply tries combination after combination of possible passwords. Password cracking software that rely on such attacks can easily try thousands of potential passwords each second.
To find out whether or not 1Password can withstand such attacks, AgileBits tested one 1Password against John the Ripper, one of the most well-known password cracking tools.
Many of Mountain Lion’s new features are perfect for businesses, schools, and enterprises.
Mountain Lion includes over 200 new features. Some of them are dramatic and hard to miss while others are minor conveniences that don’t stand out immediately. Many of those big and small new features and improvements have a lot of appeal for business users.
Here’s a list of the many new features in Mountain Lion that can help professionals in almost any industry work smarter, more efficiently, and more effectively.
Do you know which apps are accessing your personal data?
Antivirus software specialist Bitdefender has found that nearly 19% of iOS apps access your address book without your knowledge — or your consent — when you’re using them, and 41% track your location. What’s most concerning is over 40% of them don’t encrypt your data once it has been collected.
That’s all going to change when iOS 6 makes its debut later this year, however.
Bitzer streamlines the process of accessing secure business data/resources on iOS devices.
One of the things that can frustrate mobile users when using an iPhone or iPad for work is needing to repeatedly enter passcodes other user account credentials like a user name and password. Often because of a mobile device’s size and virtual keyboard, this process can seem more onerous than it does while using a Mac or PC in the office.
A growing number of apps and mobile management tools are becoming available that make it relatively easy to safely store business data in an encrypted and secure container on an iPhone or iPad. Realizing that security requires verifying a user’s identity when accessing specific apps or content after the device has been unlocked. Advantages to this include significant increases in mobile data security and the ability to wipe just the business data off of a device if it is lost or stolen.
The downside is the need for mobile users to repeatedly enter credentials – a downside that one mobile developer is helping iOS users sidestep
Phil Zimmerman, the creator of Pretty Good Privacy (PGP) encryption for email in the 1990s, has come to the forefront yet again as the spokesman for Silent Circle, a company planning to beta test an encrypted phone call and text message app for the iPhone and other smartphones. The app will be free when it’s released in July of this year, but the service itself will cost somewhere in the $20 per month range.
Zimmerman, long a proponent of technological solutions to civil liberties, thinks people will pay for the privacy.
“I’m not going to apologize for the cost,” he told CNET, “This is not Facebook. Our customers are customers. They’re not products. They’re not part of the inventory.”
That may well be the case, but getting consumers to pay subscription fees is notoriously difficult. Silent Circle plans to offer a solution for easily encrypted email, phone calls, and instant messaging to start, with plans for encrypted SMS in the future.
In addition to the iPhone release, Zimmerman told CNET that the company was planning to roll out an app for Mac and PC as well, but that it’s not ready, yet. They’ll focus on the mobile app first, allowing customers to communicate securely if they both have the app installed. If only one does, the information will be encrypted to Silent Circle’s servers, but not from there to a recipient’s phone.
This sounds great for most consumers needing to keep their legal communication safe and private, but it’s unlikely that lawmakers will see it the same way. It’s possible that Phil Zimmerman may yet again fall under scrutiny as he did when he released his first encryption product nearly two decades ago.
Disk images are the way most software came packaged before the Mac App Store, allowing developers to pack entire folders full of installers and files into a single compressed image, ready to send acros the internet at a moment’s notice (and the payment of a shareware fee, hopefully). DropDMG makes this process super simple.
Securing business data on employee-owned devices like the iPhone and iPad is one of the biggest challenges for IT departments when it comes to operating bring your own device (BYOD) programs. The mobile device management (MDM) approach taken by most companies is an excellent starting point because it aims to make devices themselves more secure. Unfortunately, it also tends to impose limits on what workers can do with an iPhone or iPad that they bought and paid for out of their own pockets.
Another approach to the challenge is to carve out a specific niche of secure storage on each employee-owned devices. Good Technology has always offered this mechanism for securing business emails and related technologies like shared contacts and calendars. This week, Good took that concept and made it available to iOS developers in a product called Good Dynamics.