Mobile Security: Q&A with Peter Brockmann, Tech Analyst, Part 1

This week, VPN Haus talks to Peter Brockmann, tech analyst and president of Brockmann & Company. In the first in this two-part series, Brockmann weighs in on the security of mobile devices. VPN Haus: How are connectivity security issues different for iPhone OS mobile devices vs. the Blackberry or Palm devices? Peter Brockmann: Modern smartphones are really pocket computers. As such, they exhibit each of the same security risks as their larger computing relatives. They have passwords, sensitive emails, files and critical business applications in their multi-gigabyte on-board flash storage. They can be easily lost; easily stolen. They support WiFi and, as such, can be vulnerable to eavesdropping and Access Point spoofing attacks. Vendors of the leading devices – BlackBerry, iPhone, Windows Mobile, Symbian, Palm (3rd parties offer it for Android devices) – offer products and services to overcome these security risks and enable the device to be a solid platform for mobile business computing and communications. Devices need to be able to be remotely wiped clean including lock out secrets, passwords and public key infrastructure credentials. Devices need to support encrypted data transmissions over WiFi and over 3G/4G/LTE wireless services. Enterprises need to be able to support rollouts of hundreds or thousands of devices at a time and need to update software remotely and implement corporate-wide security policies. Unfortunately, each of the manufacturers has implemented different server software to achieve the same result. This is unfortunate because the remote access administrator has to use different apps that do the same thing to support these leading devices, which can introduce process errors and slow support responses, not to mention...

Mobile Security: Q&A with Peter Brockmann, Tech Analyst, Part 1

This week, VPN Haus talks to Peter Brockmann, tech analyst and president of Brockmann & Company. In the first in this two-part series, Brockmann weighs in on the security of mobile devices. VPN Haus: How are connectivity security issues different for iPhone OS mobile devices vs. the Blackberry or Palm devices? Peter Brockmann: Modern smartphones are really pocket computers. As such, they exhibit each of the same security risks as their larger computing relatives. They have passwords, sensitive emails, files and critical business applications in their multi-gigabyte on-board flash storage. They can be easily lost; easily stolen. They support WiFi and, as such, can be vulnerable to eavesdropping and Access Point spoofing attacks. Vendors of the leading devices – BlackBerry, iPhone, Windows Mobile, Symbian, Palm (3rd parties offer it for Android devices) – offer products and services to overcome these security risks and enable the device to be a solid platform for mobile business computing and communications. Devices need to be able to be remotely wiped clean including lock out secrets, passwords and public key infrastructure credentials. Devices need to support encrypted data transmissions over WiFi and over 3G/4G/LTE wireless services. Enterprises need to be able to support rollouts of hundreds or thousands of devices at a time and need to update software remotely and implement corporate-wide security policies. Unfortunately, each of the manufacturers has implemented different server software to achieve the same result. This is unfortunate because the remote access administrator has to use different apps that do the same thing to support these leading devices, which can introduce process errors and slow support responses, not to mention...

What We're Reading… Week of 6/21

Network World, Quiz: Do You Know IT Security? eSecurityPlanet, VPN Security Flaw Discovered About.com, VPN Troubleshooting Guide for Remote Workers Securosis, Top 5 Security Tips for Small Business [tweetmeme source=”vpnhaus”...

What We’re Reading… Week of 6/21

Network World, Quiz: Do You Know IT Security? eSecurityPlanet, VPN Security Flaw Discovered About.com, VPN Troubleshooting Guide for Remote Workers Securosis, Top 5 Security Tips for Small Business [tweetmeme source=”vpnhaus”...

What does Meaningful Use of EMR Mean?

First, we want to congratulate Information Week’s Marianne Kolbasuk McGee on what Haus thinks is the finest coverage of the EMR technology issue of the major IT weeklies. Job well done! For those of our readers who aren’t familiar with the meaningful use stipulation, here is a rundown culled from McGee’s reporting. The healthcare industry is scurrying to implement electronic health record (EHR) systems with the hopes of taking advantage of the government’s $20 billion-plus meaningful use incentive program.  But what remains questionable is – what exactly is “meaningful use”?  Although this hasn’t been finalized by the government, the proposed definition includes movement towards using certified EHR technology to improve healthcare quality, efficiency and patient safety.  However, the ambiguity of the working definition has delayed the industry to move forward with implementation.  More details on the proposed definition can be found on the Centers for Medicare & Medicaid Services’ (CMS) website. Dr. David Blumenthal, national coordinator for health IT, explains the privacy and security issues commonly associated with digitizing health records in a recent June 15 interview with McGee.  He explains that the HITECH act enacted a whole series of provisions to tighten the privacy and security laws under HIPAA, and the Office of Civil Rights has already issued an interim final rule on breach notification that requires the notification of patients or other individuals whose data is exposed.  Dr. Blumenthal also explains that healthcare IT departments are concerned about the technical challenge of putting EHRs into practice and possible lost of initial productivity. If we could make one suggestion, it would be that McGee explore what meaningful use...