security - page 20

Enterprise security vendor Fortinet decided that the best way to understand members of the millennial generation (or Gen-Y) and their potential impact on IT and security policies was to ask them directly for their views on technology in the workplace. What Fortinet learned will probably keep CIOs and IT leaders up at night.

Most millenials view BYOD programs and the ability to choose the technology they use for work as a right rather than a privilege and have few qualms about outright ignoring policies that restrict that right – even in situations where they know that important data breaches could be the result.

Most worrying for IT leaders, however, is that most young workers feel that device and data security is their personal responsibility even when sensitive business data is stored on or accessed from their personal iPhone, iPad, or other device.

In a post-9/11 environment, the TSA is suspicious of everything. Shoes. Bottles of water. What you look like underneath your clothes. Everything

So when Game Collage developer Juraj Hlaváč flew back from last week’s WWDC and was discovered with a mysterious black box in his backpack that resisted all attempts to be scanned by the airport’s security equipment, and mysteriously glowed to boot, the TSA quickly became suspicious.

Luckily, before it became cavity search suspicious, Hlaváč revealed the true nature of the black box in his bag: an Apple Design Award for his app, Bobo Explores Light.

The iOS6 beta brings much finer-grained controls to the privacy settings, letting you specify just what services any app will have access to. Previously you’d get an alert whenever an app wanted to know your location. Now you’ll see the same kind of alert when apps ask to use data from your calendars, contacts, reminders and photos.

Secure remote access has always been important for companies with mobile workers. As Apple and other mobile technology companies enable an increasingly mobile workforce, however, those remote access needs are increasing rapidly and can easily strain existing VPN setups.

Increasing capacity can be accomplished with the traditional appliance or server-driven VPN solutions, but that can get expensive and doesn’t guarantee that even more capacity won’t be needed in a few months or a couple of years. One company offering a scalable and cost-effective solution to these challenges is iSimplyConnect.

Professional social network giant LinkedIn has acknowledged that it is looking into a massive data breach. As a result of the breach as many as 6.5 million user accounts may have been compromised. Account data including login information and passwords have been leaked and posted to a Russian hacker site. Although LinkedIn hasn’t confirmed the breach or detailed which accounts might have been impacted, the fact that the company is acknowledging the potential threat and investigating it is a big cause for concern.

At this time, it’s better to err on the side of caution.

If you use LinkedIn, you should consider that your account data has been compromised and change your password immediately.

We first looked at Mobilisafe a couple of months ago when the company’s signature mobile management suite was still in private beta. The company, which was started by former T-Mobile Android engineers, seeks to offer broad mobile device and data security without requiring the types on-device agents or profiles used by most mobile device and application management suites.

Mobilisafe executives describe their product as a mobile risk management solution rather than as a device or application management tool. The distinction being that Mobilisafe helps IT departments identify specific threats that can then be mitigated rather than simply locking specific apps and restricting access to on-device features like blocking an iPhone user’s ability to snap photos and upload them to iCloud.

The news that IBM bans Siri for every employee that has an iPhone 4S and participates the company’s BYOD program unleashed a lot of discussion about whether the company was being paranoid or prudent. One of the bigger questions to come out of all that discussion was a reframing of the issue itself – does Siri have a place in the business world to begin with?

Setting aside the security and privacy issues that led IBM to ban Siri, are there compelling use cases for Siri in the workplace? If there are, do they outweigh the privacy and security concerns? Could Apple do more to make Siri business-friendly?

One of the challenges that the BYOD and consumerization trends are creating for IT departments is employee use of public and/or personal cloud services. We’ve covered some of the big challenges this presents in terms of data security and ownership as well as the potential business continuity problems stemming from multiple versions of documents stored across different cloud services by multiple employees.

IT concerns may be more common and well-known, but there are cloud-related issues that employees need to consider as well – particularly if they use a work email address to register for a service, access a service from work, or use a service to store or transfer work-related files.

The biggest challenge for many business when dealing with the consumerization of IT and BYOD trends is often cultural. IT needs to cede control of devices, app choices, and where/when employees and executives actually interact with corporate data. That’s a cultural shift for IT. There’s an equal cultural shift that needs to happen when it comes to users and executives who must take at least partial responsibility for keeping their iPhones, iPads, or other devices secure along with the business data on them.

This requires user education and solid communication between users and IT. To be truly effective, security policies need to be endorsed by senior management and adoption and understanding of them needs to follow from the top down through the organization.

Unfortunately, that isn’t what’s happening in many businesses. In fact, the people most likely to ignore or violate such policies are C-level executives, members of the board of directors, and even IT.

There are a handful of intrinsic beliefs that Apple has as company – most of which came from Steve Jobs. The constant focus on building experiences rather than just products is one of them. Another is that Apple looks forward and not backward when it comes to technology. The company simply acknowledges that to offer its users truly great new experiences (and products), it cannot hold onto (and be held back by) outdated technology.

Apple often gets criticized for pushing its technologies and its users forward, particularly in business and enterprise IT circles. Despite that criticism, Apple may be doing companies (and users) a big favor by not supporting older Macs and OS X releases indefinitely as Microsoft does with Windows XP – and that advantage isn’t just about better products.

An IDC study commissioned by Microsoft discovered that supporting XP now costs companies and schools five times what it would cost them to support Windows 7 – making Apple’s forward-looking policy not only technically advantageous but also significantly less expense in the long run.

Over the past several months, Box has reinvented itself. The company went from being a pretty basic cloud storage solution to true enterprise solution and a hub for storing, viewing, and editing all manner of documents on an iPad or other mobile device. Box’s journey continued this week as the company launched a series of new features for business and enterprise customers.

Apple has gotten a fair amount of flack over Siri – most of it relating to Siri not recognizing words or phrases, misinterpreting requests, or providing incomplete or inaccurate answers. Apple is even facing a class action lawsuit over Siri not working as promised by iPhone 4S ads.

For IBM, however, the concern isn’t that Siri won’t work as advertised. Big blue is worried that Siri will work exactly as advertised and that confidential and sensitive information will leak outside IBM’s network as a result. For those reasons, the company disables Siri on the iPhones of its employees.

Apple has been a major force in the BYOD movement. You can even argue that Apple ignited the BYOD flame with the release of the iPhone and iPad. While there have a number of studies looking at how companies in the U.S. are reacting to the trend, numbers haven’t readily been available from other markets.

That changed today with a new study that looks at BYOD in EMEA (Europe, Middle East, and Africa) business and institutions. The results show Apple devices as a clear preference in these markets, somewhat more limited BYOD adoption, and many of the same security concerns discussed by U.S. firms.

BackUp Gmail does what you’d expect: it backs up your Gmail account to your desktop computer. It’s a simple Menu Bar app that works in the background. It’s only $2 in the Mac App Store, but does have a few problems.

Are BYOD programs really all that common? According to a new report from staffing and recruiting firm Robert Half, the answer is that they aren’t. In fact, according to the report many CIOs and IT departments don’t allow employees to use personal devices. That runs contrary to a lot of other data that shows the iPhone, iPad, and other personal technologies are increasingly finding their ways into the office.

The immediate judgement might be to throw out this report or others because of the disconnect between them. That wouldn’t be a wise course of action, however. In fact, putting this report and another recent study that we covered last week side by side indicates that many CIOs may be dangerously unaware of what’s going on in their companies.

Last week, Adobe created a firestorm of user unrest when it issued a series of security bulletins impacting three applications of its Creative Suite and said that users must pay to upgrade to the latest versions of the apps if they wanted patches that would close the vulnerabilities.

The company was quickly besieged by users, technology professionals, and security experts demanding that it reverse course and offer security patches to users who couldn’t afford the upgrades (or didn’t want to spend the money). Even though company quietly backpedaled and announced it would offer security updates without acknowledging the reason for its about face or offering an apology, the gaffe raises concerns that Apple’s yearly OS X release cycle might lead it down a similar path.

You’ve been sliding to unlock your iPhone and your iPad since day one. Why not do the same on your Mac? Well, today’s tip will show you how, with a simple app download, you can be sliding and gesturing to unlock your Mac in no time at all.

Businesses and individuals thinking that they have mobile security covered, may need to think again. That’s the message from a new report on mobile security shows that nearly half of people using a personal device like an iPhone, iPad, or Android device are doing so without their company’s knowledge or permission. The same report showed that users frequently access sensitive or confidential data from mobile devices but would stop after a security breach.

Adding to concerns around personal mobile devices and BYOD programs, one third of IT professionals in the survey said that their company has already experienced a mobile-related security incident.

I have mixed thoughts on home-monitoring systems. On the one hand, you get some peace of mind knowing when the house is empty. But on the other, if the worst does happen, you get to watch the burglar burglarize your home, live, as it happens. I guess at the very least, you do have a warning not to use that toothbrush ever again. Not after the burglar stuck it in his [That’s enough! -Ed].

Still, if you’re going to add cameras to the house, then Logitech’s new “Alert 750n Indoor Master System – with Night Vision” looks pretty good. It uses your home’s powerlines to both power the camera and connect it to the network, and you can monitor it from an iOS app.

Apple released iOS 5.1.1 for iOS device owners today over-the-air and in iTunes. The update brings several bug fixes and improvements, including a fix for certain iPads that loose connectivity when switching between 2G and 3G networks.

An important security update has also been included in iOS 5.1.1 for a URL spoofing technique in Safari that made the news a couple weeks ago.

There’s plenty of news out there about the way mobile technology, BYOD programs, and other facets of the consumerization of IT trend are reshaping the workplace and the IT department. The traditional daily routine of typing a username and password into PC in the morning, using that computer all day long, and shutting it down before heading home is gone for many of us.

Today, we use a mix of devices in the office, during meetings, on the road, and often from home. That mix of devices, a range of different apps, cloud services, and remote access empowers us in ways that were unimaginable a few years ago. In this new workplace, however, do we need something more than the old username and password to make resources available and keep them business data secure?

BYOD programs have a tendency to worry IT departments. After decades of being charged with keeping computers, supporting devices, and data safe and in working order, losing control of hardware is a massive culture shift. Even absent a BYOD program, the growing number of mobile devices that are used outside of the office and take corporate data outside the security of an enterprise network can be disorienting for long term IT professionals.

That leads to a tendency to clamp down with every ounce of security muscle available – mobile device management (MDM) can’t entirely secure an iPhone or iPad, but they can do a pretty good job of locking it down, monitoring it in the office or on the road, and make it easy to wipe everything off of it at a moment’s notice.

The BYOD movement has transformed the relationship between IT staffers and other employees in a wide range of companies. While there are benefits to BYOD, there are also headaches – and securing data on personal devices and/or securing the devices themselves is one of the biggest. While there’s an ongoing discussion about whether to manage data, apps, or devices, right now most companies are developing a strategy that has a mix of approaches.

All that could change if the mobile management industry unfolds the way Gartner analyst Ken Dulaney expects. Dulaney is an advocate of creating what he calls “beneficial viruses” that companies can layer into apps and data itself – the idea being that the data could delete itself if it becomes compromised.

Last week, Eugene Kaspersky — the eponymous founder of the industry leading Kaspersky security company — made some waves by claiming that OS X was “at least 10 years behind Microsoft in terms of security.”

Since Kaspersky’s eyebrow-arching claim, there’s been a lot of bickering about whether what he said was true, or whether his comments were self-serving. Maybe Kaspersky’s right, though, and Apple should follow in Microsoft’s footsteps and outsource OS X security to the anti-virus industry?

Facevault is a one-dollar photo archive app that can only be unlocked by one person – the one with the right face.

It sounds neat, and yes, it works. But the face recognition features come at a price, and are hindered by a flaw that affects other apps using the same technology: it can’t tell the difference between real faces, and photos of real faces.