MDM not the only avenue to BYOD security. But technology is simply not there yet.

My reply to Steven Song’s post on Cisco Security Blog

http://blogs.cisco.com/security/mdm-not-the-only-avenue-to-byod-security/

Yes. Mobile virtualization is the way to go. In an increasingly Consumerized IT world however, meeting end-user expectations in terms of convenience, cost and usability is even more important than addressing corporate IT professionals’ concerns about security and manageability. Despite a few remarkable attempts by VMware, Citrix and WISE, technology is simply not there yet.

Read more of this post

Consumerization and Mobile Security

How to bypass the iPad password in 5 second

*** UPDATED AS OF 11/14/2011: I can confirm that Apple has fixed this security flaw in iOS 5.0.1 (9A405) ***

http://www.youtube.com/watch?v=ZPHDm88-HAc

Watch how to crack the iPad password in 5 secondsThe consumerization of IT is the single most influential technology trend of this decade. Companies are already well aware of it, as they wrestle with the growing influence of smartphones, tablets, Facebook, Twitter, Dropbox and on and on. While this growth does bring business value, too many companies make the mistake to trust consumer technology with corporate sensitive data without deploying appropriate enterprise-grade infrastructure to secure and manage it. Consumer technology is sexy, convenient and easy to use. When it comes to security and data protection however, consumer technology still has a long way to go. Security and data protection in fact remain top concerns among IT professionals – see The Consumerization Report 2011.

Read more of this post

‘Trend Micro Consumerization Report 2011’ revealed at the Gartner Summit in London

MEDIA ALERT: Cesare Garlati, Senior Director of Consumerization at Trend Micro, to reveal findings of the ‘Trend Micro Consumerization Report 2011’ at the Gartner Security & Risk Management Summit in London


“Rather than resist it, organisations should embrace Consumerization to unlock its business potential. This requires a strategic approach, flexible policies and appropriate security and management tools.”

Speaking at the Gartner Security & Risk Management Summit in London on 19 September 2011, Cesare Garlati, Senior Director of Consumerization at Trend Micro, will be speaking about what Gartner consider the single most influential technology trend of this decade: the Consumerization of IT. Or, how private technology use by employees is becoming increasingly embedded in their business activities and working practices.

Read more of this post

Embrace Consumerization in the Enterprise

Fireside Chat with Ty Smallwood, Chief Security Officer, Medical Center of Central Georgia – Gartner Security Summit 2011, Washington DC.


According to Gartner, the consumerization of IT is the most significant trend affecting the IT Industry in the next ten years. As the Security Officer of one of the largest health care organizations in the U.S., how do you feel about this trend? How is it affecting your organization?

There has definitely been an impact on the organization, both from a policy process and procedure perspective. The cost to accommodate consumerization is always a factor.

Read more of this post

Embrace Consumerization. Unlock Opportunity.

This blog post is based on my talk at the annual “IDC Asia/Pacific CIO Summit” held last July 28, 2011 in Singapore.


The world of enterprise IT is going through lot of changes right now. One of the most important trends that’s causing these changes is consumerization.

Now, what is consumerization? Simply put, it’s the trend wherein employees use their own personal IT devices for work. The most obvious consumerization devices are smartphones. More and more smartphones are being sold to consumers today. In fact, 92 million computers were sold in the last quarter of 2010 but more than 100 million smartphones were sold within the same time frame.

These devices are ending up in the hands of tech-savvy users who have never known a world without the Internet… or a world without immediate connectivity and access. Businesses are going to have to make some real adjustments to lure this new wave of talents and that’s going to require offering them more choices than traditional, standard-issue office laptops.

Read more of this post

Consumerization Talks with Ken Dulaney, VP Gartner Research

“This is the fashion business, not the PC business … most of our clients today say if they were to have an auditor come in and audit them across all the technologies in use, that they would fail.”


The consumerization of IT will be the single most influential technology trend of this decade, says Gartner, and companies are already well aware of it as the wrestle with the growing influence of smartphones, tablets, social media, and on and on. And while this growth does bring risks, too many companies make the mistake of trying to stop all together the influx of consumer IT. What potential benefits can the consumerization of IT yield for your organization? Why is a strategic approach an imperative for attaining those benefits? And what risks will you have to contend with? Below is an excerpt of my recent conversation with Ken Dulaney, Vice President and distinguished analyst in Gartner Research. Ken answers these questions, and more importantly, reveals the solutions and best practices  to turn consumerization into a competitive advantage.

Read more of this post

Riding the Consumerization Wave

Rather than resist it, organizations should embrace Consumerization to unlock its business potential. This requires a strategic approach, flexible policies and appropriate security and management tools.

The consumerization of IT is the single most influential technology trend of this decade. Companies are already well aware of it, as they wrestle with the growing influence of smartphones, tablets, Facebook, Twitter and on and on. While this growth does bring risks, too many companies make the mistake of trying to resist the influx of consumer IT. So what are the solutions and best practices for a company to turn consumerization into a competitive advantage?
Read more of this post

Catching Android Tokens in the Wild

Below is my interview with Shaun Nichols of V3.co.uk on the latest Android security flaw:

Unsecured Wi-Fi leaves Android users open to attack

/v3-uk/news/2071676/researchers-disclosure-flaw-android

Android logo

18 May 2011, Shaun Nichols  , V3

Experts are warning of the dangers of unsecured Wi-Fi connections after a group of German researchers uncovered a security flaw which could leave Android users’ contact information exposed.

Researchers from Ulm University reported that many Android handsets and tablets are currently vulnerable to attack via an unsecured Wi-Fi connection when used to access authentication tokens for Google’s Calendar, Contacts and Gallery services. The vulnerability lies in the handling of the authToken component. When the user is connected on an open Wi-Fi connection, an attacker could capture and reuse the token to access data on the Google services. “The implications of this vulnerability reach from disclosure to loss of personal information for the Calendar data,” the researchers wrote. “For Contact information, private information of others is also affected, potentially including phone numbers, home addresses and email addresses.” The flaw is found in handsets running Android versions prior to 2.3.4 and tablets running Android versions prior to 3.0. The authorisation is performed over a secure connection on newer versions which prevents harvesting of the tokens. The researchers suggest that, if possible, Android handset owners should update to the newest version for their device.

Read more of this post