How secure is Mobile Device Management anyway?

Objective-C HookingResearchers have successfully breached the Good Technology container. MDM software can only be as secure as the underlying operating system.


As the adoption of smartphones and tablets grows exponentially, one of the biggest challenges facing corporate IT organizations is not the threat of losing the device – likely owned by the employee – but the threat of a targeted attack stealing sensitive corporate data stored on these mobile devices. As a first line of defense, an increasing number of companies rely on Mobile Device Management software and Secure Container solutions to secure and manage corporate data accessed from these mobile devices. However, a recent analysis conducted by Lacoon Mobile Security – presented a few weeks ago at the BlackHat conference in Amsterdam – shows that the leading secure container solution Good Technology can be breached and corporate email stolen from Apple iOS and Android devices.

Read more of this post

Mobile Security: iOS Jailbreaks Pose Risks

Mobile Security: iOS Jailbreaks Pose RisksJailbreaking is happening in the millions: don’t turn a blind eye.



The latest jailbreak for iOS 6.1, released on 4 February, was downloaded by a whopping 5 million users in the first 48 hours alone, according to the website stats posted by Cyril (a.k.a. pod2g), the developer of the latest hack published on evasi0n.com. During these first two days, the websites served 40 million page views of which a good 50 per cent to 2.5 million unique visitors from the U.S.

Read more of this post

Smartphone Security Winners & Losers

Mobile Security Winners & LosersPost based on my interview with Jeanne Friedman, content manager for  RSA Conference.

In the mobile space the BYOD trend is becoming a minefield for IT administrators. Many companies have experienced a data breach as a result of an employee owned device accessing the corporate network. When the stakes are this high, corporate IT needs to know which platforms to allow and which to refuse.

Android is the most popular mobile platform in the world. It is also the most vulnerable to attack and in fact the most exploited. Contrary to common perception, Apple mobile devices are not immune to security flaws. And in fact less secure than Android if users “jail break” their devices – to escape Apple’s control.

Read more of this post

Advice for BYOD users: don’t be naive about mobile security.

Trend Micro interviews at the Mobile Convention Amsterdam 2012 reveal a shocking lack of education with regard to the security risks posed by mobile devices. Here is what you should know.

We all love our smartphones and tablets. And we all love those little mobile apps that make our devices so unique, useful, and fun. But have you ever thought about how safe they are? Should you trust your smartphone to shop online? Is it safe to access you bank account from your tablet? Is it ok to check your corporate email from your mobile phone? Should you trust the device manufacturer? Should you trust the app developer? Do you need mobile security software – as you know you do for your PC?

Read more of this post

Remote working during the Olympics: any new security risks?

What enterprises need to consider as large numbers of staff prepare to work away from the office.

Video post based on my interview* with Stuart Sumner of Computing – Part 1.

A large proportion of staff are set to work remotely this summer as the Olympic Games disrupt the UK’s transport networks. In a recent video interview, Stuart Sumner of Computing asked me whether remote working during the Olympics will create any new security risk for UK firms. My answer is I don’t think so.

Read more of this post

What’s in a Jelly Bean: is Android 4.1 going to help with BYOD?

Google recently announced Android 4.1 ‘Jelly Bean’ at its I/O conference in San Francisco. The latest flavor of the world’s #1 mobile OS promises better user experience and sexier UI. But does it really make any easier for IT to secure and manage those personal devices used for work?

Generally speaking, 4.1 is an incremental release that takes Android one step closer to Apple iOS, which has been in the market for 5 years now. From a corporate IT perspective, nothing is dramatically different or better.

Read more of this post

How Secure is Your Smartphone? Android, iOS, BlackBerry and Windows Phone Under Attack

Post based on my interview* with David Gilbert of IBTimes UK

As the adoption of smartphones grows rapidly, one of the biggest challenges facing the manufacturers, developers and, ultimately, users is not the threat of losing your phone, but the threat of someone stealing the personal data stored on your mobile phone.

Senior Director of Consumerization at Trend Micro, Cesare Garlati spoke to the IBTimes UK about this serious issue and made it clear that no matter what type of phone you own, you are in danger. “Every single platform is exposed to this, no platform is immune. Some are safer than others, but none are immune.”

Read more of this post

Jailbreaking BYOD Control. Is Apple ready for enterprise primetime?

Mobile World Congress 2012

Mobile World Congress 2012

Consumerization is happening now, but many IT departments simply aren’t prepared to deal with the new challenges and complexities it entails. With IT managers increasingly urged by CEOs to stop saying ‘no’ and start supporting consumer tools, they need to reappraise their traditional approach. Put simply, IT needs flexible standards – they can’t say no but neither can they say yes to everyone.

Read more of this post

Consumerization and Mobile Security

How to bypass the iPad password in 5 second

*** UPDATED AS OF 11/14/2011: I can confirm that Apple has fixed this security flaw in iOS 5.0.1 (9A405) ***

http://www.youtube.com/watch?v=ZPHDm88-HAc

Watch how to crack the iPad password in 5 secondsThe consumerization of IT is the single most influential technology trend of this decade. Companies are already well aware of it, as they wrestle with the growing influence of smartphones, tablets, Facebook, Twitter, Dropbox and on and on. While this growth does bring business value, too many companies make the mistake to trust consumer technology with corporate sensitive data without deploying appropriate enterprise-grade infrastructure to secure and manage it. Consumer technology is sexy, convenient and easy to use. When it comes to security and data protection however, consumer technology still has a long way to go. Security and data protection in fact remain top concerns among IT professionals – see The Consumerization Report 2011.

Read more of this post

There is a bug in my Apple – Part 2

Intego announces first-ever iPhone malware scanner – really?

July 12, 2011 11:49 AM ET Gregg Keizer – COMPUTERWORLD

http://www.computerworld.com/s/article/9218339/Mac_security_firm_ships_first_ever_iPhone_malware_scanner

Follow up on my previous post on the new security flaw discovered in Apple’s iPhone and iPad – see http://bringyourownit.com/2011/07/07/oops-there-is-a-bug-in-my-apple/

With impeccable timing, this morning Intego announded the availability of the “first-ever iPhone malware scanner”. Sure enough I went to the Apple Store and downloaded the VirusBarrier app in my iPhone and iPad. My test drive impressions: the app still leaves to the end user the responsibility to check the attachments rather than enforcing it. It is quite clunky and may provide a false sense of security: if you tap the attachment and then release the finger a little too early, you’ll end up opening up the attachment instead of scanning it(!) Probably safer – and cheaper – not to open pdf attachment in general. And as any other consumer app, there is no centralized IT management whatsoever: no reporting and no policy enforcement. One more thing: Apple is supposedly working with Adobe to address this vulnerability and will provide an update soon. At that point this app may become simply useless … but I guess this is one of those situations where “something is better than nothing” …

A few comments from a couple of Trend Micro’s experts:

Mark Bloom, Director – Director Product Marketing @ Trend Micro : “Usage or not, they [Intego] will get a lot of brand awareness out of this…..just for that value, it was worth the development effort.”

Patrick Wheeler, Sr Product Marketing Manager @ Trend Micro : “[… Apple iOS] antimalware matters, which puts us [Trend Micro] at an advantage over MDM-only vendors like MobileIron, Airwatch, and Symantec, and allows us to talk up the differentiation for our own antimalware we get from integration with SPN.”

Follow

Get every new post delivered to your Inbox.

Join 26 other followers