Tag : applications

Threats That Are Spoofing Mobile Enterprise Apps

Nicht jede App ist vertrauenswürdig. Manche installieren Schadsoftware, andere klauen Dokumente oder Passwörter. Von diesen sollte man besser die Finger lassen.

Malware has taken to mobile applications, namely those in the enterprise. Enterprise employees use mobile applications to share data, send packages, manage email, and otherwise juggle the needs of a functioning business. Spoofing applications such as Cisco’s Business Class Email app, ADP, Dropbox, FedEx Mobile, Zendesk, VMware’s Horizon Client, and Blackboard’s Mobile Learn app, makes for very dangerous territory. These spoofed applications are nearly identically to the real counterpart, without serious knowledge of information technology you would never know that the FedEx app you are using is really malicious malware. By impersonating these types of enterprise applications, using the brand and packaging name, unsuspecting users become the host of dangerous malware.

Shuanet is a family of malware that automatically roots a device and installs itself on the system. After Shuanet installs itself on the system it proceeds to install more applications without the permission of the user. These applications are pushed to the phone with the intention to continue installing even more applications and more opportunities to fill the unsuspecting device with malware. With each installation of more applications comes aggressive marketing tactics to try to get a user to bite. Rooted devices are essentially in an altered state, when a device is rooted it is usually for the gain of customization, however in order to remain secure one must know how to configure the security, if they do not configure the device properly the device will no longer receive important software updates. Factory resetting a device infected with malware that installs itself on the system partition, such as Shuanet, will not wipe the malware completely from the device. Apps like these continue to download applications that also house malware, which only adds fuel to the fire.

Examples of apps it spoofs: ADP Mobile Solutions, CamCard Free, Cisco Business Class Email (BCE), Duo Mobile, Google Authenticator, VMWare Horizon Client, Zendesk, Okta Verify.

AndroRAT is another family of malware spoofing enterprise applications. Originally AndroRAT was developed by university students for a class project. It was used as a remote administration tool, as it allows a third party to control the device. Well controlling the device also means allowing the software to collect information from the device such as contacts, call logs, text messages, audio from the microphone, and even device location. Not exactly a comforting piece of information. Hidden remote access software allows attackers the ability to control the device and extract data with nearly nothing standing in their way. Most compromising to the enterprise is the continued remote access to a mobile device. This mobile device is carried throughout the day and it is only a matter of time before the device connects to a business network, allowing an attacker to infiltrate Wi-Fi networks and VPNs.

Examples of apps it spoofs: Dropbox, Skype, Business Calendar

 


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit:5 active mobile threats spoofing enterprise apps

Apple approaches enterprise and partners with SAP

apple-sap-1200x520Apple is making headway in the enterprise market, adding another major partnership to their resume, SAP. Apple will work alongside to develop more native iOS apps as well as an SDK for SAP’s HANA cloud platform. The SDK element is meant to open the door for the more than 2.5 million SAP users to develop and build native iOS apps that can access real time data through SAP systems. The agreement between Apple and SAP also includes a new “SAP Academy for iOS” in which SAP customers and partners are invited to meet face-to-face, learning how to design apps for iPhones and iPads.

Apple CEO Tim Cook relays his excitement about the deal by saying, “With 76 percent of business transactions touching an SAP system, SAO is the ideal partner to help us truly transform how businesses around the world are run on iPhone and iPad,”Cook said this week. Apple has said that roughly 310,000 businesses and public agencies use SAP applications and services.

During the past two years Apple has made some major deals. IBM, Cisco, and now SAP, many in the industry are predicting Oracle is next on the list for Apple. This would be a good move for Apple, as Oracle is one of the last pieces to the enterprise puzzle.


 

If you would like to educate yourself in more detail about the information presented in this blog post please visit:Apple’s SAP deal means more iOS enterprise apps

 

The Newest Security Trend – Rewarding Hackers

hacker-malware

There is always that one superhero willing to play nice with the villain. In the world of tech hackers, HackerOne is that superhero. HackerOne acknowledges that modern security is hacker-powered. They have created a platform for vulnerability coordination and bug bounty. In other words, HackerOne works with hackers to find security holes in your company, because to be honest, who better to trust than the villain himself!

HackerOne facilitates communication between hackers and companies. If a hacker does find a bug, HackerOne works as the middleman ensuring the company pays the hacker for the discovery, charging 20 percent commission of the hacker’s pay out. Companies such as Uber, Dropbox, Square, Snapchat, Airbnb, Vimeo, have all joined the HackerOne movement.

Bugcrowd works similar to HackerOne, bringing together good hackers with companies looking to verify their security systems. In comparison to HackerOne, which rewards hackers with a payout decided by the company in question, Bugcrowd works on a subscription basis. Charging a service fee or a project-based charge, Bugcrowd provides market rate suggestions for rewards and manages all payouts for their companies. Their companies consist of AT&T, Dropbox, Facebook, Etsy, Paypal, Twitter, just to name a few. As you might notice, some of the companies listed are clients of both HackerOne and Bugcrowd.

Google, of course, has a public bug bounty program of their own, that offers up to $100,000 for hackers who find vulnerabilities in its Chrome software. Although the reward amount depends on the size of the bug, the rewards are substantial enough to keep hacker interest, ranging from a few hundred dollars to several thousands.

Opening a bug bounty program to the public, puts forth the message that the company values the security of its systems and lessens the likelihood of malicious activity. Despite strong efforts to keep systems secure, no one bulletproof organization exists. In the fight against hackers, a little incentive goes a long way toward a more secure system.

 

If you would like to educate yourself in more detail about the information presented in this blog post please visit: Meet the Middlemen Who Connect Hackers for Hire With Corporate America

IBM Watson at Cancer Center

IBM’s Watson supercomputer may be best known for single-handedly beating “Jeopardy!” game show champs but IBM has taken it one step further which is proving to be a huge benefit for the healthcare community.

IBM has partnered with WellPoint which will assist in building applications that can be specialized for each doctor and organization. Imagine the applications of this for healthcare in every specialization — quite impressive!

It is now being leveraged to help doctors at Cedars-Sinai’s Cancer Clinic in Los Angeles stay up-to-date on medical breakthroughs and treatments.Watson helps doctors by providing many different cancer treatment options in a matter of seconds by pulling data from current clinical records and treatments, historical records, and past cancer cases.

Virtual Desktops

Desktops v1.02: Ever feel like you don’t have enough desktop space to do the work you have to perform on your computer? Want the ability to open different applications on different screens and even though you may have two or three screens, you feel it’s still not enough? Then you need to try Desktops an application by Sysinternals Suites that lets you virtualize your desktop screens. It allows you to organize your applications on up to four virtual desktops and with the use of shortcut keys you can alternate between the set of desktop screens as you need to.

http://technet.microsoft.com/en-us/sysinternals/cc817881.aspx

Virtual Desktop Infrastructure (VDI); Session Based Computing

Spring is fully upon us and the summer heat is looming in the not too distant future. Many of us are planning out our summer vacations to beat the heat and spend time with our friends and families. While our minds are probably already off to some beachside locale, there is still a bit of time before we’ll be flying there ourselves. In the meantime, perhaps now is as good a time as any to look into moving your business over to an older and simpler way of computing.  Session based technology has been around for many years and at one point in the late 90’s/early 2000’s it was a very popular desktop architecture.  For a variety of reasons it became less popular primarily due to the desktop hardware cost decreasing significantly.  Session Based computing is where you take all the data and processing activity off the local desktop and have it take place on a robust server.  By doing this you can have multiply desktop sessions running on a single server if you were so inclined.  For best practice methodology, bva recommends putting all sessions spread over two (2) servers to ensure up-time and load balancing for the user community.  The great advantages of Session Based Computing are the following:

  • Smaller Footprint
  • Eco-Friendly and More Green
  • All Data on Servers, No Loss of Data
  • Seamless and Consistent Interface over Different PC’s
  • Ability to Leverage Older PC Hardware for Production
  • Ability to Leverage Newer Operating Systems Virtually Without Conflict
  • Application Virtualization Ensures Seamless User Experience

The most popular products leveraged today for this type of architecture are as followed:

  • Remote Desktop Services (Terminal Server)
  • Citrix Systems
  • Vmware View

Virtual Desktop Infrastructure (VDI) is another name for Session Based Technology. VDI is an emerging architectural model where a Windows client operating system runs in server-based virtual machines (VMs) in the data center and interacts with the user’s client device such as a PC or a thin client. Similar to session virtualization (formerly known as Terminal Services), VDI provides IT with the ability to centralize a user’s desktop; instead of a server session, however, a full client environment is virtualized within a server-based hypervisor. With VDI, the user can get a rich and individualized desktop experience with full administrative control over desktop and applications. However, this architecture, while flexible, requires significantly more server hardware resources than the traditional session virtualization approach.

Key benefits of VDI are:

  • Better enablement of flexible work scenarios, such as work from home and hot-desking
  • Increased data security and compliance
  • Easy and efficient management of the desktop OS and applications

Virtual Desktop Infrastructure-VDI-Pro’s and Con’s

In the past 6 months BVA has seen a tremendous push towards (VDI) Virtual Desktop Infrastructure which is unique in my eyes, for the most part it is because we have come full circle.  About 10 years ago there was a tremendous push toward thin-clients and dumb terminals which had a lot of success back then.  After a few years of this, organizations decided to move back to heavy client models mostly due to workstations lowering their cost.  Regardless of how we got to this point, VDI is back and more popular than ever.  BVA has deployed over four VDI solutions in the past three months with minimal hurdles and we are getting great reviews from the client via user experience.

Lets talk about VDI and what it is and is not.  Basically Virtualization technology can provide virtual desktops to your users which, over time, will save you on hardware cost as well as administration. All of us are familiar with the concept of virtual platforms/servers and using this technology to virtualize server applications (like SQL server, print servers, or other dedicated servers). VDI takes this a step farther.

Here are the steps to using VDI:

  1. Create a virtual machine
  2. Install a VDI Connection Broker – this Connection Broker is what determines which Remote Desktop Host a user is assigned or should be connected to. Here are some of the connection brokers available today:
    • ChipPC Virtual Desktop Center
    • Citrix Desktop Broker for Presentation Server
    • Dunes Virtual Desktop Orchestrator (VD-O) and Virtual Service Orchestrator (VS-O)
    • LeoStream Virtual Desktop Connection Broker
    • Propero workSpace
    • Provision Networks Virtual Access Suite (VAS)
  3. Install a desktop operating system on that VM, such as Windows XP or Windows Vista
  4. Install desktop applications on the VM
  5. Allow remote access to that virtual desktop system over the network using any number of possible remote control options

VDI is basically thin-client computing (such as Citrix/Terminal Services). With VDI, you are taking the processing off of the end user’s device and bringing it onto a server. The difference with VDI, unlike thin-client, the virtual desktop is dedicated to a single end user or mapped to provide the desktop OS & applications to a single client viewing device.  Many VDI packaged solutions, of course, uses VMware or Microsoft’s virtual platforms as the underlying virtualization product.

Why should an organization use VDI?

  • SecurityDesktops are more secure
  • Rollback – Can use VMware’s snapshot and revert technology on desktop machines
  • Centralized Apps – Applications upgrades are easier because systems are all in a centralized location
  • Speed Deployment – You can quickly clone existing machines and roll out new systems because machines are all in a single central repository
  • Provide a full desktop PC – You are providing full access to a virtual machine and each virtual desktop is mapped to a single user or a single client device.
  • Reliability – If you could quickly restore any PC OS to a usable state, free from viruses or corruption, how reliable could your desktop systems be?

Here are some key points about the solution for your reference:

  1. You could use older or existing PC’s but that doesn’t provide you all the benefits you could get from VDI. You could also use thin-client devices running RDP. Ideally, you might consider something like the new Wyse Thins OS-VDI, made just for thin clients that will be connected to VDI servers. More information can be found at: http://www.wyse.com/about/news/pr/2006/0802_VMwareVDI.asp and http://www.wyse.com/products/software/os
  2. With regards to remote control application, you can choose from RDP, VNC, or others
  3. For Legacy hardware you can use RDP, for example, which supports USB devices on the client and if you could put a parallel or serial device on the server, you could also access it from the client.
  4. You will have to do your own cost comparison, keeping in mind, the soft numbers related to the increased security and management functionality.  There are several case studies that outline a 5 year ROI that shows the cost comparison where you come out appropriately.

Windows Intune – Optimistic View

BVA has been in the cloud for sometime.  Obviously being in the cloud means alot of different things to alot of different people.  Everyone seems to have their own spin on the term.  For some time now we have wondered if Microsoft would come out with System Center for the cloud (BPOS). The overall BPOS solution has been fairly stable and successful yet there have been a few pitfalls but have worked through them with support.

As its core, Windows Intune is a cloud-based version of the desktop management capabilities customers could previously get by deploying Microsoft System Center technologies. For those that do not know that Microsoft System Center, it’s basically a bunch of older product put together via a large suite of applications.  That being said the applications contributed are valid and great products.  It’s basically the old SMS desktop management system and basically MOM.  These are tried and tested application that BVA has deployed for several years, yet all required their own on-premise servers.  Therefore, Window Intune, rather than hosting a System Center server on-premises and managing desktops from the server, administrators using Windows Intune load a client onto the desktops.  Administrators can access, via a browser, the management software and tools in the cloud and manage and secure those desktops through the cloud. In addition to the product features, the monthly subscription will include upgrade rights to Windows 7 Enterprise for every covered desktop and an option to buy the otherwise hard-to-get Microsoft Desktop Optimization Pack (MDOP).

When the first limited beta of Windows Intune arrived in April, Microsoft described it almost exclusively as a midmarket IT-focused offering, with a slightly lower-end core audience than the System Center suite of products reaches. Core capabilities of Windows Intune include the ability to centrally manage the deployment of updates and service packs to PCs, to manage protection of PCs through the Microsoft Malware Protection Engine, to receive alerts that help administrators proactively monitor PCs, provide remote assistance, track hardware and software inventory, and set security policies.  For users familiar with Microsoft’s other product families, Windows Intune combines a Web-based management console with the desktop malware protection and reporting of the Microsoft Forefront Protection Suite and the update management, inventory and software deployment of Microsoft System Center Configuration manager 2007 or Microsoft System Center Essentials. Windows Intune also has the operating system distribution capabilities of Configuration Manager.

After reviewing all the facts it seems that this will be a great offering for our client base.  We are going to try this out at a client next month and we are looking forward to really seeing the real-world applications and cost savings.  I think it is fair to say that I am a little apprehensive about the security associated in imaging desktops through the cloud, but time will tell.  As a collective unit, BVA is staying positive with the security and ease of use.