Mobile Archives - Page 4 of 9

David Abbou

If you’re a smartphone user and you live on planet Earth you’ve probably heard about the Android Stagefright vulnerability. And most likely you’ve read some facts about that make it sound so pandemic they could easily be used in a trailer for an upcoming Hollywood scare flick. Here’s a quick scan of some of the headlines:

“It Only Takes One Text To Hack 950 Million Android Phones”

“Android Stagefright Vulnerability Puts Millions at Risk”

“There’s (Almost) Nothing You Can Do About Stagefright”

“Nearly 1 billion phones can be hacked with 1 text”

“Stagefright: Android’s Heart of Darkness”

That will make you hair stand up won’t it? And these statements aren’t hyperbole; they’re all true facts about the threat the Stagefright vulnerability poses to Android smartphone users. The vulnerability exploits a security gap within Android’s Stagefright media library. Because this playback engine processes videos files before a user opens them, attackers can send a simple SMS or MMS file to a device and can already commence stealing data from your device and hijacking your camera or microphone whether you’ve opened the message or not.

But the plot gets thicker still. Google was actually warned about Stagefright in April and applied the necessary patches to their internal code branches with 48 hours. They also relayed the source code patches to the various device manufacturers (Nexus phones were not originally included but have begun receiving the patch this week) and smartphone carriers so they can deliver the update within new firmware. The fix is in then, no? Apparently not. Four months later and counting, not one original equipment manufacturer (OEM) has delivered this patch to it user base. While this vast network of OEMs and carriers sort out their process gaps users remain vulnerable… but not just consumers. What about the all the work apps and data sitting on their devices?

How scared should enterprises be of Stagefright?

Every day BYOD employees are opening work apps delivered to them by employers from their personal Android phones. Stagefright’s ability to attack 95 percent of all unpatched phones introduces a new mobile security threat, one that will test the resilience of MDM and EMM device security features. It certainly won’t be the last flaw to surface within consumer devices that can breach sensitive and often lucrative corporate data – these threats are constantly evolving.

So then, how can enterprises be best prepared to prevent these threats and take back control of their apps and data?

Don’t depend on personal devices for your enterprise security

The enterprise mobility community has already begun recognizing the need to augment strategic focus from purely device security to a data-first perspective, and Stagefright is another example that reinforces the need for this change.

It’s this philosophy that helped spawn Virtual Mobile Infrastructure (VMI), which remotes a virtual Android device onto smartphones from the data center using a remote display protocol. Users simply download a thin client app, which reflects a mirror image of the actual mobile applications running in the server. The remote display protocol swiftly relays all draw and mobile sensor commands made by the user to the Android platform which executes them and sends back the image to the device. The speed, response time and image quality of this set up is already at a level on par with native mobile apps.

Essentially this means you can continue to allow your employees the flexibility of using their own BYOD devices, rather than introduce stringent policies that are by no means bulletproof. In the case of Stagefright there’s very little users could have done to keep it at bay, nor should enterprises continue to put the onus of device security on their employees.

You can do that because your entire corporate environment is remote and completely separate from that of the personal device. When a clever vulnerability like Stagefright strikes, your corporate data won’t be there to attack. Security management for mobile apps becomes much simpler as it’s now handled behind within your corporate datacenter.

VMI gives enterprises control over Patch Management

This time around, Stagefright exposed a Patch Management gap for Android device manufacturers and Google. And it’s one of the fallouts of the way our consumer and enterprise technology has collided as enterprises become more mobile. With VMI, your security team can make sure it is applying the latest patches on the virtual device in the server. Even if your users’ personal smartphones are not protected, you are.

Chen Landau

From the engaging sessions, to the diverse attendees, the hilarious 70s-themed “Geek Out” and meeting passionate peers at “Dinner with Strangers” while enjoying the local Denver fare, I have to hand it to the organizers – BriForum Denver 2015 delivered a fun, interactive and enlightening three days chock-full of value.
The energy and enthusiasm at the Westin Denver conference hall rarely subsided and was as ubiquitous as the end-user computing and enterprise mobility topics you could hear being talked about no matter which way you turned. At our booth we were able to shed some intel on Nubo Virtual Mobile Infrastructure to the many VDI connoisseurs, virtualization junkies and EMM pros, who were curious to better understand how VMI could help them jump their current and future enterprise mobility hurdles with flying colors.
BriForum gave me a great opportunity to grasp just how well people in the industry understand how VMI works, what distinguishes it from other application virtualization approaches, and where it could most impact their overall mobility strategy.
Understandably, many attendees who were used to the desktop virtualization school of thought were not yet aware that with VMI an Android mobile OS, not Windows, is being remotely extended to mobile devices. Running Android from the server gives you access to all of the apps your employees are downloading from Google Play Store these days on both their Android phones and iPhones. This makes it much easier to deploy corporate mobile apps regardless of device platform. Development teams no longer have to create apps for multiple OSs – create a single Android app for everyone and you’re ready to go.
VMI also makes BYOD much more attractive and less contentious for your end-users. First, they get to work apps that were actually built for a mobile interface, and benefit from the high-quality user experience they’re already used to on their smartphones and tablets. Gone are the days of making the best of cumbersome, awkward desktop apps being crammed into their smaller interface. That means they’re much more likely to embrace BYOD and use these productivity tools more often. That productivity will also be boosted because the privacy issue is essentially taken off the table.

For high-security and regulated enterprises, VMI is a complete game-changer since zero corporate data ever gets saved on the mobile device. Lost phones don’t have to be wiped, and the security environment is completely controlled at the corporate-level.

Unlike app wrapping and software development kits provided by MAM technologies, VMI lets IT keep enterprise data away from mobile device security risks and vulnerabilities in a seamless and unfettered way.
But above all, people that visited the Nubo exhibit were most itching to see the performance of remote mobile apps up close and personal. I always get a kick out of watching people’s reactions when first playing with the Nubo thin client app, and seeing their surprise at the native mobile look and feel, uncompromised response time and smooth functionality of mobile sensors like the camera, location, GPS, NFC, proximity, movement, angular rotation.
In the end, we truly believe that the value VMI can bring to the mobile enterprise is only as good as its remote display protocol. Only a protocol that can achieve the same end-user experience as native mobile apps can enhance enterprise mobility and BYOD initiatives in the way they need to going forward.
It’s because of this that our R&D and engineering team spent two years developing, evaluating and optimizing our UX over IP protocol to produce minimal latency and unmatched response time. With a peak bandwidth efficiency running at 250 Kbps, users can depend on extremely reliable performance regardless of any fluctuations or drops in cellular bandwidth – and one that works on both 3G and 4G networks.
Our team has optimized VM servers for scalability so that Nubo can support tens of thousands of concurrent sessions. Enterprises can also opt to either run Nubo on-premise or on our secured cloud.
It was great to see people walking away with a clearer picture of the impact Nubo can make for their business. I look forward to seeing both new and familiar faces at next year’s event. Missed the conference this time out? Experience Nubo VMI for yourself by downloading a free trial.

Hanan Baranes

Last week I met with a team of developers at a major bank and took them through Virtual Mobile Infrastructure (VMI). They were very interested in learning how VMI would let them take advantage of all mobile sensor capabilities – location services, GPS, proximity, movement and angular rotation, NFC, camera and more. So they took turns using Nubo, observing the look and feel of both out-of-the box enterprise apps and consumer apps, as I explained how we developed our UX over IP remote display protocol to perform on par with native mobile apps. One lead developer paused and then asked: “So if we ran all our apps within a VMI platform, could that also be our MADP (Mobile Application Development Platform) going forward?” “Actually yes”, I explained. This sparked a conversation about how running a standard native development environment from the server that is compatible with all devices can actually revolutionize the development of enterprise apps.

It highlighted some perhaps understated benefits of using Nubo’s VMI solution: VMI can actually be a replacement for MADP solutions for developing and distributing B2C, B2B and B2E mobile apps, and make app development simpler, faster and more secure. This is true not just for banks and other financial institutions, but also for any large enterprises developing and providing mobile apps to customers and enterprise apps for mobile employees.

VMI can actually be a replacement for MADP solutions for developing and distributing B2C, B2B and B2E mobile apps and make app development simpler, faster and more secure.

But how exactly does this work and what are the advantages?

Speaking the Same Language – A Dream for Organizations and App Developers
VMI involves running apps from a remote mobile platform, and the mobile OS used is Android SDK, the most popular mobile platform adopted by most corporations. This serves as a native development environment that works on a wide variety of devices. This aids both enterprises and developers in a number of ways:
- Businesses Save Training Time and Resources: Businesses save substantial time and resources training developers on niche MADP platforms which are developed to work for specific apps as opposed to being adaptable across many organizations.
- Finding Qualified Developers Just got Easier: Using a standard platform like Android SDK for enterprise apps means organizations can dip into a much larger talent pool and find qualified developers with less time and difficulty.
- Increases Career Opportunities for Developers: Imagine being a TV journalist from Finland and applying for a job at the Boston Herald, only with one problem… you don’t speak English! Many developers move on to new challenges every few years, so their ability to work effectively with platforms is a very important selling point when being recruited for new positions. Being versed in Android SDK requires minimal training, and developers can transfer their skills and knowledge easily from one organization to another. They become empowered by mastering the platform which is most in-demand and helps open up a wide spectrum of career opportunities.
All Apps Run on One Central Remote Platform
In many cases when an organization develops MADP tools to provide various clients with mobile apps, each client has a separate version for different devices and OSs. This fragments the landscape for software developers when it’s time to roll out a new app version. It’s not readily clear which client has which version of the platform and where plug-ins and other necessary updates need to applied.
With VMI, all of the apps are centrally managed from one remote platform. This helps to get a grip on version control and eliminates the guess work, saving time and stress for your development team.
A Safer Playground for Developers
From a security perspective, mobile apps virtualized from a remote mobile platform leave zero digital footprint on devices. When developing native mobile applications or web-based and HTML apps, measures must be taken to prevent storing local data. Even when these precautions are taken, coding errors can occur and result in local data on devices.
VMI renders many app security issues a moot point as all of this data stays on the secured and remote enterprise server. This remote environment also means that data is always transferred through secured channels. More details on VMI data security can be found in our Security White Paper.
Employees Receive Native Mobile UX, increasing BYOD Productivity
Because VMI architecture is able to run native mobile apps from the server, mobile users receive the user experience they’ve grown accustomed to with apps they use on their personal smartphones and tablets.
Many of the other platforms for app development are either not fully native or not native at all. They range from HTML5, web-based apps to hybrid apps. While native apps have their own standardized SDK (software development kit), development tools and user interface elements, web-based apps cannot offer this consistency. As a result, the user interface, functionality and overall performance fall well short of native apps. Compromised UX leads to lower uptake by employees of your enterprise apps, less BYOD productivity, and more employees being steered towards unapproved solutions aka Shadow IT.
Running native mobile applications from the data center holds obvious advantages to banking clients for example, who need to perform financial transactions as quickly and easily as possible. It also plays a huge factor in realizing enterprise mobility objectives, as BYOD employees adopt mobile work applications much more so if they translate well to the mobile form factor and enable them to seamlessly access and collaborate financial documents and reports.
You can see exactly how apps look and perform on Nubo for yourself by downloading a free trial.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	Google analytics
_gid	24 hours	Google analytics