Tag : instant messaging

iPad and iPhone Can Be a Security Risk

BVA has found that these types of mobile devises if not provisioned correctly can seriously be a security risk to your network environment.  Security policies need to be set forth to ensure security at all levels of access.  Apple iPad tablet device as well as the iPhone is slowly becoming a legitimate business tool, your employees will soon have them in hand and invade your business. The reality is that the iPhone changes the playing field for security and really surprised IT consulting companies and their administrators when it got released.   The users needs versus wants changed completely where being able to have a Smartphone that just sync’s calendars, contacts, and emails changes drastically. The iPhone hit the scene and next thing we were getting requests for it to be integrated into a businesses mail environment immediately. These requests were coming from owners and directors, decision makers were being demanding about making it work, totally side-stepping the security protocols set forth by years of experience and best practice.  The bottom line is that the line between corporate tool and consumer gadget has not just been blurred; it has been completely erased.  There have been several studies that have shown that when asked, the iPad and iPhones present the greatest smartphone security risk for IT.  It’s a scary thought that you have locked down your environment but since a new gadget gets releases to the market and owners want it, it diminishes the integrity of the system.

There was recently a few contents by security outfits where they had people hack the iPhone in less than 2 minutes and won a cash price.  This is a scary thought and quite frankly shows how easy it can be for the non-hacker.  Obviously it might take a little longer from a less talented hacker but it can clearly be done.  Apple has little intention to make their OS more secure because it’s not the market that they are targeting.  Again they are targeting the consumer, not the business enterprise.  I am sure there will be a point in time when that day comes but it is not in the near future.  If Apple at the very minimum addressed just the enterprise security, supportability requirements, and new hardware level encryption.  I want to be very clear that the OS on the iPhone is the same as the iPad as well as its security. Apple targeted the iPad primarily as a media consumption gadget for the residential consumer, not the business community but again we have seen this shift.  I am not saying that you should ban the iPhone or iPad but develop policies and procedures that address the rules of engagement for integrating the iPad with your network environment.

As you develop the policies, keep in mind that the iPad is unique and could fall into a few different areas for policies.  Here are some key points to keep in mind:

•    delivers notebook-like functionality
•    smartphone OS platform
•    normally placed in the policy bucket for computer usage and security policies, not recommended
•    a good policy bucket to consider – smartphone usage and security policies (recommended)
•    same smartphone OS was hacked in less than 2 minutes

Make sure that whatever policy selected addresses the most important factor here which is allowing or denying the storage of confidential or sensitive information on the iPad, or how e-mail, instant messaging and other communications conducted through the iPad fit within archiving and compliance requirements.

Microsoft Lync Review – Analysis of Microsoft Lync – Is Microsoft Lync Viable | BVA IT Consulting Blog

BVA has reviewed and looked at the new Microsoft Lync.  The new name for the next generation of our real-time communications products, known until today as Communications Server and Communicator. Over the last five years Microsoft has been on a journey to transform communications with the power of software.  Lync delivers on this vision by unifying enterprise voice, instant messaging and web, audio and video conferencing into a new, connected communications experience.  A key part of the release is the re-branding to Microsoft Lync.  Lync, a combination of “link” and “sync”, is about connecting people in new ways anytime, anywhere.  Beyond simplifying and shortening the current branding, customer research found that the name Lync appeals to end users and IT pros, even more than descriptive options like Communicator. This could seriously be an alternative to an on-site VOIP phone system via reliability, feature set, integration with Microsoft technologies, as well as cost.

The feedback on Lync 2010 has been pretty good from initial testers.  Here is a sample of the types of comments that Microsoft got from the TAP programs and internal beta:

  • “Just love, love, love the new UI.”
  • “An incredibly comprehensive set of tools, including integration into workflow with SharePoint”
  • “Everything I’ve tried to do, I’ve been successful so far.”
  • “[OCS 14] looks more user-friendly and visually it’s like, ‘wow’. It looks better and aesthetics are a lot better, especially when you are using an application nine hours a day.”
  • “The overall user experience is more engaging, convenient, and social-oriented, when compared to 2007 or 2007 R2. Thank you! :-)”

I’ve been using Lync – and as my only ‘phone’ – for the past month and the experience has been pretty solid.  A few of my favorite features:
1.       Switch between your head-set and phone in the middle of a call with device switching.
2.       Gotta run? Leave the office and take your call with you on your mobile phone.
3.       Select multiple people and click to make a group call, and then drag-and-drop someone into the conference from Outlook.
4.       Connect with family while you’re travelling – start a high-definition voice and video conversation with a Windows Live Messenger user.
5.       Hush that annoying meeting participant.   When someone is causing bad audio on the conference call, Lync will identify which phone to mute to improve quality – and productivity.

Something to consider moving forward when looking at different communication methods.  Is VOIP the way to go?