Mobile Security: putting the consumerisation genie back in the bottle

Since the arrival of the first consumer-bought smartphones, enterprise security has been under threat. That all-important chain of defense against security risks has been undermined by its weakest link, people, in this case by using non-standard devices to conduct business and therefore making corporate data vulnerable to attack.
The alternative, to roll out company-issued mobile devices, has not been an easy path to follow. When historical market leader Blackberry lost its leading position in the market to Apple and Google’s Android, companies also lost a significant part of the ability to control corporate messaging and applications from a central point.
From the perspective of the IT shop, the consequence has been fragmentation, which has undermined the ability to deliver a coherent response in security terms. While solutions such as Mobile Device Management have existed, they have been seen as onerous; also, some devices (in particular those based on Android) have been seen as less secure.
Looking more broadly, many organisations have ended up adopting an approach in which corporate devices are used alongside personal equipment for business use. The genie of consumerisation is out of the bottle, say the pundits. But now devices exist that can deliver on an organisation’s mobile security needs, the question is, can it be put back?
The answer lies in addressing the source of the challenge, which is not the device but the person using it. Human beings assess risk all the time, and indeed, we are very good at it. In the case of a mobile device for example, we are prepared to put up with a small amount of discomfort if it will get us the result we want: sending a message, say.
If the discomfort is too great, we will assess other risks, such as, “What happens if I get caught using my personal phone?” If the answer is nothing, then the chances are that the behavior will continue. With this in mind, anyone deploying a mobile solution needs to consider two variables: the discomfort it causes, and the cost of avoiding the discomfort.
Considering the discomfort first, the point of any mobile solution is to enable productivity. Different security features — such as encrypted data storage, separation of apps and so on — may be applicable to different business scenarios.
Defining a solution appropriate for an organisation or group requires familiarity with the security features available on a device and the risks they mitigate. Better knowledge makes for more flexibility, reduced operational overhead and therefore increased probability of a successful deployment.
An equal partner to product knowledge should be an understanding of the organisation concerned, the data assets to be protected and what constitutes their acceptable use. If a policy is in place, this may need to be reviewed: note that it needs to be signed off at the top of the organisation to be effective.
Once a standard configuration has been defined, it will require testing. Too often, enterprise mobile security can fail “for want of a nail” — insufficient licenses on the RADIUS server for example, or lack of WiFi cover in areas where authentication takes place. Users need a solution that works from day one, or they will immediately lose confidence in it.
Putting all these measures in place can help minimize discomfort, but the need to go hand in hand with measures to ensure that the capabilities cannot be circumvented. Note that we are talking about the organisation’s most important asset — it’s people — who will respond far better to inclusionary tactics than draconian tactics.
At the same time as understanding why secure mobile working technologies are being deployed however, employees need to know that they need to act as a strong link in the chain, not a weak one. An Acceptable Use Policy should be enforceable, in that a staffer at any level’s card will be marked if they attempt to circumvent it.
In addition, the genie should be given a clear timescale for getting back in the bottle. For example, in an ‘anything goes’ environment which mixes personal and corporate mobile equipment, individuals should be given a cut-off date following which corporate data access will only be possible via a secure device.
A final question is about sustainability, that is, how to keep it all going? Reporting is important, with deprovisioning perhaps the most critical — it is one thing to know that resources have been allocated to the right people, but even more so is to know that any rights — and indeed devices — have been returned on change of role or exit from the company.
The bottom line, and the most fundamental challenge, is that any shiny new corporate devices deliver on what they are supposed to do — in this case enabling mobile users to stay productive without compromising on corporate risk. Provide people with usable security they will not try to circumvent, and you avoid consigning devices to the desk drawer.
If you’re interested in improving your business’s mobile security operations, join us for our upcoming webinar: Evolving Enterprise Security for the Mobile-First World. This webinar is presented by GigaOm’s Jon Collins, with sponsorship by Samsung. Register now for the webinar taking place on Wednesday, March 9 from 1 to 2pm EST.

Mobile recap: iOS Android Wear; Pebble Time Steel; Huawei Nexus

In the final run up before the Apple Watch launches, an interesting rumor made the rounds: Google is allegedly working on bringing Android Wear watch support to iPhones. On the surface that may sound odd: Why would Google even consider such a thing?

Google Play Music Android Wear main

The reality is: [company]Google[/company] has long supported [company]Apple[/company]’s mobile OS with nearly all of its services and there are plenty of examples of that. There are iOS apps for Google Play Music and Movies, for example, as well as Gmail, Google Voice, Google Search (which adds Google Now contextual notifications to iOS), Drive, Maps and more. About the only main Google app that still remains Android only I can think of is Google Keep.

Granted, Android Wear is a different case since this is Google’s smartwatch platform. There’s precedent here, however: Google eventually added Google Glass support for iPhone users. I think, as a result, it would make sense for Google to bring an Android Wear to iOS. It would open up Android Wear watch sales to a completely new segment of potential users and allow Google to keep gathering valuable information from iPhone owners.

pebble time steel

Such cross-platform support is something that the Pebble smartwatch enjoys. And if that wasn’t enough, the new Pebble Time edition now has a stainless steel option. Pebble introduced the Pebble Time Steel this week, allowing those who already backed the plastic model a chance to upgrade. The metal version will cost $299 when it arrives in June but early backers can reserve one for $249.

Months later is the typical time of year when Google introduces a new Nexus handset and there’s been buzz this week that Huawei will get the nod to design and produce it. If that happens, it will be the first time a China-based company was tapped for the Nexus phone since the line was introduced in 2010. Previous Nexus-makers include HTC, Samsung, LG and Motorola.

huawei watch official

Huawei has even dropped hints about any future phones it might sell in the U.S., saying they will come with “stock Android,” which is a key feature of Nexus phones. Of course, Google wants its own flagships to be high-quality, good-looking devices and Huawei has proven itself in that area if the company’s new Huawei Watch is any indication.

Report: Android OS coming to virtual reality headsets

Google has reportedly hired a team to build a version of the Android operating system for virtual reality headsets, the Wall Street Journal reports.

Vice president of product management Clay Bavor and engineering director Jeremy Doig are leading the VR team, which includes “tens of engineers,” according to the WSJ report. Like Android for mobile phones, the VR version will be available for any virtual reality company to integrate into its headset.

David Coz and Boris Smus demonstrate Cardboard at Google I/O.

David Coz and Boris Smus demonstrate Cardboard at Google I/O.

Bavor helped create Google Cardboard, a stripped down virtual reality headset actually made from cardboard. VR goggles can actually be made from very inexpensive components — in the case of Cardboard, just two lenses and a cardboard case that straps in a mobile phone. The phone itself, which presents two nearly identical images on a split screen to give the impression of a 3D virtual world when viewed through the lenses, does most of the work.

At last year’s Google I/O developers conference, Google actually showed off several applications created specifically for virtual reality. Besides apps for Cardboard, there was also a short film drawn by former Disney animator Glen Keane. Google’s Advanced Technology and Projects team converted the “Duet” drawings to a 360 degree film that could be viewed on phones.

While everyone has been busy racing to build the best virtual reality headset, a leading operating system has yet to emerge. It’s currently a fragmented space that feels secondary to creating games and other content. Google is obviously in a good place to develop a respectable option.

Nike+ moves from app to platform with four new device partners

After going it alone with health tracking hardware, Nike is expanding relationships to use its Nike+ app with non-Nike devices. The company announced four new hardware partners on Friday — Garmin, Tom Tom, Wahoo Fitness and Netpulse — with a new “Partners” app feature to connect the Nike+ app with third-party devices.

The updated Nike+ Running App makes pairing with the new partners easy. Users will see a “Partners” screen when they update or download the app. The “Connect a Partner” button guides users to settings to manage preferences and establish the seamless connection between Nike+ and the partner apps and devices.

The idea here is to expand the use of Nike+ and give the app’s users more freedom to choose a wearable device or software platform. That’s a sharp change from Nike’s several-year approach of exercise tracking with devices ranging from footpod step-trackers and, more recently, its FuelBand wearable band.

Change has been in the wind for some time, however, as [company]Nike[/company] first kept its software limited to [company]Apple[/company] iOS devices for several years and recently releasing a Nike+ app for Android. And roughly a year ago there were reports of Nike abandoning its own hardware efforts and laying off much of the Fuelband team. As a long-time runner, I welcome the change from app to platform; it’s long overdue.

Why it makes sense that Huawei could make the next Nexus

Here’s an interesting rumor out of China: iSuppli researcher Kevin Yang posted on Weibo on Wednesday that Huawei will be making a Nexus device this coming fall. The post has since been deleted.

Huawei isn’t a household name in the United States, but it actually makes a good deal of sense that Google would contract with the Chinese electronics giant. Here’s why:

Huawei has promised its American phones will come with stock Android

Speaking to the Verge, Huawei’s consumer boss Richard Yu said that Huawei’s stateside phones will come with “stock Android” instead of Huawei’s version because “American consumers trust Google.”

“If you have a problem you can check with Google,” Yu told the Verge. That sounds a lot like Huawei phones will be able to tap into Google Play support, like the Device Assist app, which is only available for certain devices, such as the Nexus line, usually sold directly by Google.

In fact, given that Huawei seems so fixated on consumer cachet — Yu called Xiaomi a “low-end” brand — breaking into the American market with a device that can be purchased directly from Google seems like a good introduction to savvy consumers.

Huawei Mate 7

Huawei Mate 7

Huawei already makes expensive phones

Although Nexus devices from years past have been affordably priced, last year’s Nexus 9 tablet and Nexus 6 smartphone were priced at $399 and $649 respectively — as expensive as anything out there.

Huawei, as opposed to rivals like Xiaomi, makes expensive phones. Although it makes affordable devices too, it’s concerned with the high-end of the market. The Ascend Mate 7, Huawei’s flagship, costs as much as 3699 RMB ($590). If Google is still positioning Nexus devices as the best that Android can offer as well as developer devices, Huawei is a good fit.

Huawei is a big company, and would be able to handle a Nexus order — it shipped 75 million smartphones last year. It can certainly deliver premium fit and finish, judging by its new Android Wear smartwatch.

huawei watch official

Fingerprint scanners

At one point, the Motorola-made Nexus 6 was supposed to come with a fingerprint scanner in the place of the dimple in its back, but it was cut for some reason. There hasn’t been a recently released Motorola phone with a fingerprint scanner, probably because the available technology hasn’t been good enough. (You’d have to go back to the Atrix, which came out in 2011, to find one.)

Huawei-Ascend-Mate-7-fingerprint-01

Aside from Samsung and Apple, Huawei has done more with smartphone-mounted fingerprint scanning than any other smartphone maker. The Ascend Mate 7 has a fingerprint scanner on its back — close to where the Nexus 6 would have had one — and it’s pretty good. It doesn’t require users to swipe their fingers, instead, it only needs a tap, like Samsung’s new scanner and Apple’s Touch ID.

If Google is serious about mobile payments — and given the rumors about Android Pay and its recent purchase of Softcard, it certainly is — then it will need to introduce biometric security to more Android devices. This means that it’s a safe bet that the next Nexus will have a fingerprint scanner, and Huawei has proven it can provide one.

Why it might not happen

Huawei designs its own ARM-based processors, which are named Kirin. Although Android is designed to work on top of all sorts of chips, it’s difficult to imagine that Google’s next developer device would eschew a Qualcomm chip, which has been the go-to supplier for years.

It also seems a bit early for Google to be locking down Nexus suppliers. The first murmurs about Motorola making the Nexus 6 surfaced last July, after Google’s annual developer’s conference.

Also remember that Google was rumored previously to be working on a “Silver” line of devices with Google support and stock Android. Although that plan seems to have been scrapped, there’s still a chance that Huawei’s new device could be one of many Google-directed phones and tablets coming out this fall.

Got an Android 4.0 device? You might want an alternative browser

Google won’t be updating its Chrome browser past version 42 for older Android devices, so it can better focus on its mobile browser for more current phones and tablets. The company announced that it would freeze Chrome 42 for its Ice Cream Sandwich (ICS) software, which debuted in December, 2011.

In the last year, we’ve seen the number of Chrome users running ICS drop by thirty percent. Developing new features on older phones has become increasingly challenging, and supporting ICS takes time away from building new experiences on the devices owned by the vast majority of our users. So, with Chrome’s 42nd release, we’ll stop updating Chrome on ICS devices. After Chrome 42, users on ICS devices can continue to use Chrome but won’t get further updates.

The latest stats from Google’s dashboard show that out of all of the Google Android phones and tablets that visited the [company]Google[/company] Play Store in the last week of February, only 5.9 percent of those ran ICS. That number has been greatly diminished as users replace old devices or get Android software upgrades installed.

As Google notes on the Chromium blog, you can still use Chrome for Android on your ICS-powered phone or tablet. The browser will still work, but it won’t get any updates, meaning no new features and — more importantly — no security updates as new exploits are found.

My recommendation: If you can’t get your ICS device upgrade to Android 4.1 or better, consider installing a third-party browser such as Firefox, Opera, or one of my faves, Dolphin Browser for Android.

Apple iPhones outsell Samsung smartphones in last quarter of 2014

We had an inkling that the fourth quarter smartphone sales crown was close: Last month, Strategy Analytics suggested it was a dead heat between Apple and Samsung. On Tuesday, research firm Gartner stepped in and declared Apple the winner with 74.8 million iPhone sales compared to an estimated 73 million for Samsung.

For the year, Gartner says 1.24 billion smartphones ended up in consumers hands. And while both Apple and Samsung sold more phones in 2014 than in the prior year, neither actually outpaced the overall market. We know that because Gartner’s data says both lost market share in 2014:

gartner smartphone sales 2014

So who were the winners for the year?

Lenovo and Huawei both made gains in overall market share around the world, with the former surely aided from its purchase of Motorola. With Lenovo now selling Motorola smartphones in China for the first time in years — with a compelling blend of both hardware and software — I’d expect 2015 to look rosy for Lenovo as well. Of course, the company is competing with another China-based manufacturer in Xiaomi, which was actually fifth overall in the final three months of 2014. Xiaomi’s quarterly smartphone sales rose to 18.6 million, compared to 5.6 million in the 2013 holiday season.

But the real winners were those namely companies lumped together in the “others” category.

According to Gartner’s data, this group moved from 38 percent smartphone market share in 2013 to 43.3 percent last year. This speaks to the many Google hardware partners who are offering low-cost hardware with Android software in various parts of the world; a trend that’s likely to continue for the foreseeable future.

Report: Google preparing iOS app for Android Wear smartwatches

Right now, you need an Android phone to use an Android Wear smartwatch. But according to a report from French technology website 01net, Android Wear might be going cross-platform with an iOS app, possibly launching at Google’s annual developer conference in May.

When Apple Watch launches in the next month, it will require an iPhone to work. Android compatibility is extremely unlikely. If Google were to allow Android Wear smartwatches to work with iOS devices, that would be a significant difference between the platforms, and some users would see it as a reason to pick an Android Wear device over an Apple Watch. At the very least, it would expand the market of possible Android Wear users.

Last year, Android Wear senior product manager Jeff Chang hinted that Google was contemplating cross-platform compatibility for Android Wear but had run into technical obstacles. “It’s not always completely up to us right? There are technical constraints, API constraints so we are trying really hard, ” Chang told the Huffington Post.

Currently, we have to treat this report as a rumor. Although 01net is a reputable website, it doesn’t cite a source — only “according to our information” (selon nos informations) — and warns that it hasn’t been confirmed.

Still, it’s fun to imagine a time in the near future when your Moto 360 could talk to your iPhone 6. Recently, a developer who goes by MohammadAG hacked his Android Wear smartwatch to talk directly to an iPhone using Apple’s notification services. Although it was more of a concept than a working Android Wear solution for iOS, it showed that it’s possible. Given that Google has native iOS support for many of its products, it wouldn’t surprise me if Google is working to bring Android Wear beyond Android. Let’s see it happen, Google.

Double vision: YotaPhone 2 with e-ink rear screen coming to US

Although the unique YotaPhone 2, with its front and back displays, can work with AT&T and T-Mobile’s networks, you can’t buy the phone in the U.S. just yet. That’s changing soon but don’t expect to see the handset with e-ink rear screen in a carrier store anytime soon. Instead, the company is taking to Indiegogo to sell the phone for around $600 off-contract, according to PhoneScoop.

YotaPhone 2 front and back

Availability news came out of the Mobile World Congress where company announced the Indiegogo campaign. You can’t purchase the phone at the moment but you can provide an email address for updates in anticipation of April sales. YotaPhone says it will provide early-bird pricing for the Android 4.4 phone — which will get [company]Google[/company] Android 5.0 in the near future — and plans to bring it to retailers such as Best Buy in the U.S. as well.

This is the second iteration of YotaPhone’s handset with a traditional front screen coupled with lower resolution e-ink screen on the back. And this second time around gave the company another chance to show how a secondary screen can add to the phone experience. This hands-on Yotaphone 2 video from Android Central shows how the e-ink screen is better integrated into standard phone features in a way that doesn’t hit the battery too hard.

[youtube=http://youtu.be/w6ZCVdbJbZk]

Key to the approach are new configurable panels, or screens, where you can choose what’s displayed on the e-ink screen: Think of notifications, boarding passes, email, books and more. Compared to the newer flagship phones recently announced at Mobile World Congress, the YotaPhone 2 is a step behind, using last year’s [company]Qualcomm[/company] Snapdragon 801 chip, for example. The addition of that second, low-power screen could offset such a compromise for some users, and the phone does have otherwise solid specs, including a 5-inch 1080p display, 2GB of memory, wireless charging support and a large 2500 mAh battery.

Your Android phone is about to get better with this update

One of the ways Google keeps Android fresh on a regular basis is by updating Google Play Services on handsets. This approach helps reduce fragmentation because it brings new features to both new and old Android phones without a full software update. And Google is doing that again, rolling out version 7 of Google Play Services to phones this week.

In a post on the Google Android Developer blog, the company outlined a few of the improvements that you’ll see with Google Play Services 7.0, provided developers take advantage of them. Here are a few new tidbits you’ll see soon in [company]Google[/company] Android apps.

Location Settings Dialog Android

There’s a new location check, for example, with apps that use your proximity. Before this update, an app would check to see what locations settings you chose, i.e.: Wi-Fi, cellular networks, and/or GPS. If you wanted to change that in-app, you really couldn’t. Instead, to enable finer location controls, the app would boot you to the Android settings for you to make the changes. With Google Play Services 7.0, this can be done in-app for a better experience.

Nexus 6 Google Fit

Also included with the update are several new Google Fit APIs. These are broken out from what used to be a single API for all sensor data to track movement, exercise and the like. The end benefit may not be visually apparent, but Google says that using the individual sensor APIs for Google Fit will significantly reduce memory usage, which keeps your phone moving along.

Lastly, Google Play Services adds support for gamers. Specifically, developers can use the new Nearby Connections API to turn smartphones and tablets into second-screen gaming controllers for games on a TV.

[youtube=http://youtu.be/JvPUD6eI_vw]

Again, all of these APIs, as well as others, in Google Play Services 7.0 will be available on phones running Android 2.3 or better, which is nearly the entire user base for Google Android phones. There’s no reason an old phone can’t have new features.