Mike Foster's IT Security and Best Practices Blog » Technology

Connecting iPhones, iPads and Macs at your office

Mike Foster — Thu, 05 Jan 2012 04:00:07 +0000

This is a scalding hot topic for senior level executives. Sometimes they say, “My IT is not excited about me connecting.” Here are some important tips—and you can pass them along to IT but only AFTER you look at the tips yourself:

Many of our clients are integrating the iPad into their organizations. Be sure to secure the iPad using steps that include:

A secure lock code
Keeping all Apple patches up-to-date
Setting up the Find iPhone in iCloud (allows remote wipe. In mid-November, someone stole my iPad and I was able to pinpoint the location and have the iPad back with me safe and sound.)

Apple is, in my estimation, working hard to get the iPad accepted and implemented in offices. To that end, Apple has adopted some security measures. This blog is directed at senior executives, so some of these terms may not make sense—and that is okay:

Support for WPA2 for Wi-Fi security (both PSK and Enterprise)
Support for VPNs
Password support including options for complexity, length, forced changes, lockout, etc.
Integration with Exchange
Ability for the IT department to enforce policies
Remote data wipe
PKI support including code signing requirements

If you, or IT, want to know more, check out Apple’s security overview. In particular, their iPad Security Overview and Microsoft Exchange ActiveSync document.

I expect lots of posts on this blog. This is such a hot topic—so many more of these devices are in the hands of executives, and especially after the holidays.

Please post your comments on this blog.

Be sure to enable device tracking on your mobile devices

Mike Foster — Thu, 29 Dec 2011 04:00:45 +0000

Someone stole my iPad. In November I realized my iPad was suddenly missing. Apple’s Find My iPhone showed the device to be in a parking lot just outside of a transportation company’s main office —I used the transportation service late the night before.

I phoned the company and they said they would have the iPad in the front office waiting to be picked up.

There was no sensitive data on the iPad, just in case something like this ever happened. Security features are enabled anyway.

When I arrived hours later the receptionist said they hadn’t heard anything about any missing devices. I checked and now Find my iPhone showed the device’s location to be about 30 miles away, complete with an address and a satellite view of a residence.

I asked if they had any idea why my iPad would be at such and such address. The helpful person at the desk said, “Can you wait a moment? I need to call the owner of my company.”

I was told that the address was that of an employee whom they’d had other problems with before. They informed me that, after the phone call, the owner had actually driven to the home, recovered the iPad, and terminated the person on the spot. Hopefully the owner isn’t the kind of terminator that Arnold Schwarzenegger portrayed in the Sci-Fi movie. I told them not to fire the guy—maybe he is just trying to feed his family and losing his job wouldn’t help him. It was just nice to know I’d have the iPad back soon.

Your device can tell you, “I’ll be back!” with that thick German accent, “Ahl be bock!”

Turn on a locating service for your device today.

Please post your comments on this blog.

What are your favorite apps?

Mike Foster — Thu, 22 Dec 2011 04:00:37 +0000

Here are a list of favorite applications created from polls of CEO groups. You may wish to try out some of these yourself, and I will GREATLY appreciate you responding with YOUR favorite apps—especially those you use in business. It is okay if they are in the list already—I’m keeping score of how many people like them.

Apple, Android—all apps are welcome. These are some of the applications other senior level executives like:

Around Me
Bestparking
Camera
CNN
DBM with Family
Doc Scanner
Doc Scanner Great Quality
Docs To Go
Documents To Go
Evernote
Fire 2
Flixter
Words with Friends
Glipse
Google Voice
GoToMyPC
Group Chat
GroupMe
Harvard Business Review
Hipmunk
Next Gen of Kayak
Intellicast

Logmein for iPad
Map my Run
Movie Phone
Notepad
NPR App
NPR Podcasts
Oprah
Pandora
Pulse
Slacker Radio
SlingBox
SugerSync
Task thing
TED
TripIt
Tunein
Vocatel
Weather and News
Weather Channel App
Yelp
YouSendIt

Please post your favorite apps on this blog.

How to use the cloud wisely

Mike Foster — Thu, 15 Dec 2011 04:00:11 +0000

Many executives know to carefully examine their strategies. If you are considering moving to the cloud, consider these important steps:

Of course, keep your own backups of your data in case the cloud provider ever loses your data and they cannot restore your data.
Establish your own business continuity plan. This plan, which you may practice implementing one or more times a year, is what to do if your cloud provider fails.
Have your legal advisor help you with your contract such that the contract includes clauses for both a service level agreement and a quality of service. The former specifies how much of the time the provider will be up and running for you to use their services. The latter specifies how quickly the service will perform. You want a rapid response as opposed to applications that function so slowly that your user productivity suffers.

Handled correctly the cloud can be very helpful. In case you missed them, the past 3 blog entries discussed the benefits of, cautions for, and dangers of moving to the cloud. Click the links below to read each of those blog posts:

Please post your comments on this blog.

Dangers of using the cloud

Mike Foster — Thu, 08 Dec 2011 04:00:53 +0000

As an executive you always want to avoid making strategic decisions that are, in the end, more damaging than helpful.

Some of the dangers of moving to cloud computing include:

The provider accidentally deleting your important data. This has happened before—even at some of the major cloud providers.
The provider failing, leaving you unable to use the application until you find a replacement.
Not being sure your cloud provider is actually keeping your data secure. History demonstrates your data may not be as secure as you think.
The expensive cost to convert to the cloud; have you considered how expensive it would be to move from the cloud back into your own network?

In the next blog post I’ll discuss some ways you can mitigates some of the dangers.

Please post your comments on this blog.

Be cautious about using the cloud

Mike Foster — Thu, 01 Dec 2011 04:00:57 +0000

In the last blog post I talked about the big benefits of the cloud. What should you, as an executive, be on the lookout for?

Sometimes one of your organization’s most important applications, such as your ERP, offers a cloud based solution. If you have your internal application customized to populate forms in your word processing programs, etc., you may lose the ability to perform customizations if you move to the cloud.

The same with sharing data between your local applications. Moving one of your most important applications to the cloud may eliminate the ability to share data with your other applications.

It may be expensive to convert your systems to run in the cloud.

Using a cloud service just adds one more entity to the finger pointing game of “the hardware guy blames the software guy, who blames the cloud provider, who blames the Internet Service Provider” etc.

In the past, it was easy to define the perimeter of your network as existing at your firewall. Everything outside your firewall is “out there” and everything inside your firewall is “in here.” Utilizing cloud services for your private data blurs the delineation.

In the next blog post I’ll focus on the dangers of the cloud.

Please post your comments on this blog.

Big benefits of using the cloud

Mike Foster — Thu, 24 Nov 2011 04:00:11 +0000

There are major benefits for executives to consider about the cloud.

The most important include your cloud provider doing the following:

Making backups of the data you host with them.
Installing patches to the applications they provide you.
Performing upgrades to their software and provide business continuity solutions to prepare for when disaster strikes their service.
Blocking spam for you if you are using hosted e-mail.

Generally with cloud services you and your users can access the cloud applications from practically anywhere using practically any device that has a browser—even a smartphone.

Many cloud services allow month-to-month contracts and they also offer instant scalability so you can add or remove employees/users anytime you like. This means your fees are adjusted accordingly and instantly as your number of users dynamically increases and decreases.

The next two posts will address both cautions and dangers of using the cloud.

Please post your comment on this blog.

A powerful Windows built-in firewall

Mike Foster — Thu, 17 Nov 2011 04:00:57 +0000

While the firewall included with Windows XP was the brunt of many jokes, there is no joking about the power of the Windows 7 firewall! First of all, the firewall knows the difference between your office, home, and hot spot networks and can protect your computer accordingly.

In fact, the firewall is now referred to as the Windows Firewall with Advanced Security.

Your IT professionals have a great deal of control over what is, and is not, allowed into your computers. Furthermore, there is a great deal of control over what information is allowed out of a machine. These advanced settings can make the difference between your network being infected or not.

In case you wonder, your IT professionals can keep those users from modifying the firewall settings on their own. And, because of robust support for something IT professionals call GPOs, your IT professionals can configure all or even a subset of the computers in your organization rapidly and with just a moment’s notice.

As an executive, unless you already have a robust firewall in place, the “already included with Windows 7″ firewall is worth serious consideration.

Please post your comments on this blog.

Don’t install anti-virus on your computers?

Mike Foster — Thu, 06 Oct 2011 04:00:01 +0000

If you use a cloud service to provide anti-virus to your computers, you don’t need to install anti-virus anymore.

Although, you may need to install a small client on your machines that can communicate with the anti-virus service.

You may hear this referred to as SAAS Software as a service anti-virus. So far, at least three vendors are offering this service to business (not personal) customers including Symantec’s hosted End Point Protection, McAfee SaaS Endpoint Protection, and Web Sense’s Triton Technology.

One of the benefits of this technology is that your computers no longer need to have the latest “signature updates” installed. The latest signatures are, in theory, available in the cloud the instant your anti-virus vendor creates the signature.

Someday your anti-virus may be provided from the cloud too!

Please post your comments on this blog.

Old-school anti-virus is no longer the best protection

Mike Foster — Thu, 29 Sep 2011 04:00:11 +0000

Anti-virus sounds like a great feature, right? But anti-virus can be ineffective in fighting newer threats.

For years, anti-virus tools attempted to detect viruses by looking for known “signatures.” Think of the “signatures” as a thumbprint of a virus. The anti-virus tools look for those thumbprints and the anti-virus vendors constantly update “signature” files in an effort to keep up with the thumbprints of all new viruses.

These days, some viruses can “morph” at regular intervals—keeping their same dangerous functionality and avoiding the signature matching. An analogy would be someone being able to change their thumbprint one or more times each day.

Over the years anti-virus has evolved to include new ways to stop viruses. One way is to watch for dangerous behavior. The problem here is for the anti-virus tool to be able to discern if the dangerous behavior is being performed by a legitimate process or a virus.

Anti-virus vendors are constantly playing the “cat and mouse” game of keeping up with new virus strategies. This is one more reason to always stay current with the latest anti-virus offerings available.

Please post your comments on this blog.