Mobile payments and security — money walks, money talks

Once upon a time a mobile phone was something we used for talking. Today making a call ranks sixth on the list of most common uses for a mobile phone. Now there’s a new kid on the block that, in time, will push making a call even lower down the list. Mobile payment, or m-payment, is taking off. Early adopters like Starbucks already attribute significant revenue gains to their investment in mobile. Although overall mobile payments adoption and usage rates are still a fraction of standard credit/debit card transactions industry watchers expect this to change very quickly.

What’s in a Name? The ABCs of Mobile Device Management

BYOD? CYOD? Given the slew of acronyms flying around mobile device management (which, of course, goes by the acronym “MDM”), you’d be forgiven for losing track of what some of these actually stand for, much less the concepts they represent. As offices increasingly embrace digital technology and enable more employees to work remotely, mobile devices like phones and tablets, not to mention laptops, have increasingly phased out the traditional desktop computer. But this paradigm shift is also opening a lot of sore spots and potential security vulnerabilities around corporate data– after all, it may be more convenient for employees to be able to send work emails from their personal phones, but what kind of liability does that create for the company when their sensitive material is stored in an employee’s private cloud storage? This raises further questions about where exactly a company should expect to draw the line between personal and business use on a mobile device. The business should allow a certain degree of convenience for the employee using their device, but at the same time, it’s important to ensure there are adequate security protocols in place. To that end, it’s worth dissecting just what exactly your MDM options are: BYOD: Under a Bring-Your-Own-Device policy, employees use their own personal phones or tablets for business purposes. This policy provides the greatest flexibility to employees in terms of familiarity – it’s their own phone, after all – but it also raises some privacy concerns, for both the company and the user. In fact, 57 percent of employees polled in a Bitglass survey said they opted out of their company’s...

Open Haus: Automatic Hotspot Logon

If you were a hacker targeting a network, which would be most appealing – a network contained in a residential building, an office or corporate facility, or a public place? The information contained on the network of a residential building probably wouldn’t be particularly valuable, and it would also be well-protected. You’d face even more security if trying to attack a corporate network, so that probably wouldn’t be your best option either. You’d probably target a public network – one in an airport, coffee shop or hotel – over which users dealing with sensitive information would try to connect, perhaps without having the same security protections they would have if they were in their home or office. Public networks can be vulnerable, and they do make popular targets. Consider all the possible threats – from snooping and evil twin schemes to narrowband jamming and replay attacks – hackers can deploy against these networks. It’s also important to consider that there are now many more public hotspots than there were even a few years ago – global Wi-Fi hotspots are expected to triple from 1.3 million in 2011 to 5.8 million this year. For business users in particular, hotspot connections are ideal for when they’re at day-long events (when using mobile data on their phone or tablet would quickly drain their battery) or when they travel abroad (to avoid costly roaming fees). For these users, and for anyone else who relies on hotspots for secure remote access, NCP engineering has integrated Automatic Hotspot Logon into its NCP Secure Client. How It Works A safeguard protecting the end device against attack...

How to Resolve the BYOD Stand-Off between Employees and IT

“Try to please everyone, and you’ll end up pleasing no one.” This is one of those classic, ubiquitous statements that can apply to any number of situations. Take the Bring-Your-Own-Device (BYOD) trend. To the employees whose jobs are made easier and more convenient by BYOD, the appeal of these initiatives is obvious. That’s why demand for BYOD is expected to increase by 25 percent between 2014 and 2019, driven by the consumerization of IT and increased mobile data speeds that meet enterprise-acceptable levels. Yet, on the other side of the spectrum, are the IT departments tasked with enforcing BYOD security frameworks. The same things that employees see as beneficial about BYOD – convenience and freedom of choice – are exactly what make IT departments so fearful. The two groups are fundamentally at odds. Users want, and demand, access to a broad range of personal mobile devices in the workplace. They want to be able to safely access work files on their phones while on-the-go and work from their homes on their personal laptops. Meanwhile, IT departments are tasked with protecting network security at all costs, and that means they are the ones who have to say “no,” and who have to restrict the technology employees are permitted to use in the workplace. That’s how BYOD “pleases no one” – users are frustrated by what they perceive to be restrictions on free use, while IT feels like it’s constantly engaged in an uphill fight against employees who frequently, both purposely and unwittingly, violate best practices around secure remote access VPN and BYOD. It’s the classic case of unstoppable force (in...

3 New Year’s Resolutions for Network Administrators

Although it’s been a historically troubling year for the cybersecurity community, the advantage of a new year is that network administrators can make a fresh start. The end-of-year Sony hack has brought even more mainstream attention to network security – not to say that a full year of prominent attacks didn’t – and this increased awareness should lead to healthier IT security budgets and more resources to prevent the next attack. When network administrators get back to work in 2015, here are three New Year’s resolutions they should focus on: 1. Take Back Control with Remote Access Central Management As IT administrators know all too well, employees often perceive a see-saw effect between their productivity and the degree of restrictions placed on the technology they use day-to-day. The fewer restrictions, the easier their jobs become, and vice versa. So, how can IT departments find middle ground? The answer is to selectively limit the ability of employees to access and share certain information. Unfortunately, as a report by the Ponemon Institute found, 80 percent of IT administrators say their companies do not enforce a “need-to-know” data policy. This is despite the fact that, as the report said, “An organization that reduces the amount of data employees have access to … and streamlines their processes for granting access will likely benefit from more productive employees.” The New Year’s lesson here for network administrators is to take back some power from employees. Just as some of the most common New Year’s resolutions focus on regaining control of some aspect of your life, whether that’s financial (reducing debt), social (planning a vacation), or...

Back to BlackBerry: Frustrated Mobile Users Reject BYOD for the Former Market Leader

It’s a tough time to be a BlackBerry user.  Despite having a committed fan in the Oval Office and some new features to brag about, including a digital assistant, BlackBerry has seen Android, Apple and Microsoft phones completely erode its market share. Its popularity has actually receded so far that BlackBerry is now less popular than nameless “other” devices in smartphone market share surveys. As bleak as the news seems, though, a resurgence of BlackBerry is possible, at least in some circles. Thanks to what some say are restrictive Bring-Your-Own-Device (BYOD) and remote access policies, some mobile devices users in the corporate world are rebelling against BYOD – specifically, they don’t want their personal mobile devices to be controlled by their employer’s IT administrators. They say that mobile device management products and oversight mechanisms quickly deplete their battery life, disrupt their desired workflow, and, worst of all, infringe on their privacy. This is a problem they never had with their corporate BlackBerrys, which, unlike today’s market leaders, were better suited for use in business settings. CIO Magazine collected this information from an anonymous, frustrated IT executive at a New York City investment firm, who also shared that 60 percent of the company’s employees would rather go back to using the two separate devices, including a BlackBerry solely for business use, instead of using one phone to store both their personal and professional information. He described in detail the “nightmare” environment around the company’s BYOD woes that was caused by the company’s invasive BYOD policies. Although the issues plaguing this investment firm could translate over to other companies, it’s not...