Category: Security

Israel Lifshitz

In today’s mobile and cloud era, IT is losing much of its control.

Devices are often owned by employees and IT has limited control over them (BYOD). The apps are usually 3rd party apps and IT has zero knowledge and control over the apps’ content and security. The network, which the user uses to access data, is often a public/shared network and even the services/servers are now becoming cloud-based.

This lack of control has already caused lots of problems, which result in losses of billions to organizations. One major impact of these problems, is when security issues start to pop up.

The organization becomes more vulnerable to cyber threats, even though it’s hard to see the immediate damages caused. It’s inevitable that at one point, something would surface and dramatically affect the organization in both direct cost damages, as well as reputational ones.

So, how can IT get control and security to come back home?

Virtual apps can definitely do the work. Virtual mobile apps are the actual apps that employees run on their mobile devices (e.g. Salesforce1, Dymamic 365, SucessFactors, etc.), but actually run on a secure virtual platform. The users can access those apps from a thin client (running on their device), which only displays the screen of the apps on the secure platform. The diagram below shows how it works.

 

The secure virtual app platform is under full control of the IT department. IT can decide exactly which app to install (and of course which not to) and which users can access each app. All the data is safely under control of the IT team, which has the authority to decide what should be backed up, deleted, shared, etc. The network itself is also fully controlled by IT, which can decide the network service that could be accessed by specific users and apps. Even if the network service is on the cloud, you could still limit that service to be accessed only from the secure platform.

One of the common questions I get from people is: “Do I need to be an app developer to build virtual apps?” The answer is: “Absolutely not”.

Each app can become a virtual app. You just need to add the app binary (without any modification required) to the Nubo platform and the platform will immediately generate a unique virtual app for you. Beside the common security and control benefits, virtual apps allow you to move fast, when facing tight schedules, and deploy any app to your users with minimum cost or investment.

Israel Lifshitz


A lot has already been said about the WannaCry mega cyber-attack. Even if the first wave has already stopped, thanks to an effective kill switch, new waves are emerging, as some clones of this vicious virus are appearing. Thus, we should start learning about this cyber-attack and draw important conclusions to help us prepare for the future.

Some known (and unknown) facts about WannaCry:

  1. WannaCry took advantage of an already-known vulnerability (not a zero-day vulnerability) but was still able to spread all over un-patched computers. Effective patch management procedures implemented by organizations, could have prevented this kind of catastrophe. Still many large organizations have failed to do so.
  2. WannaCry exploits vulnerability through a well-known and used network service (SMB in Windows machines).  Companies have thousands of different network services available. All of them potentially have network vulnerabilities that will be exposed in the future, thus being exploited for future attacks.
  3. So far, no one knows exactly how the malware is spread. There have been some rumors that it is spread through emails, but no one could confirm that. It could have been spread through other forms, such as mobile devices connected to company Wi-Fi or VPN.

When trying to predict the future of cyber-attacks, I could not avoid thinking how mobile devices would play an integral part of the next mega attacks, simply because of the following:

 

  1. The spread of mobile devices is huge. There are billions of mobile devices around the world . Each mobile device is now a smartphone, which means that it is actually a computer that has the same kind of vulnerabilities, just like the computers that were infected by WannaCry. Those mobile devices are everywhere, both physically and virtually, which means that they are connected to every network possible.
  2. Patch management is ineffective in mobile devices. Companies cannot simply use a patch management solution and make sure all their smartphones are patched. Smartphones, unlike desktops and laptops, are often owned by employees, and the company cannot install patches on them. Even if enterprises hope that the users install patches, as soon as they become available, this will not solve the problem, since in the mobile world, many devices are left without any effective patches.
  3. The protection on mobile devices nowadays is very poor. Companies believe that encrypting the data in the device (using a container) or in transit (using a VPN) serves as good protection. However, this will not stop a future cyber-attack such as WannaCry.

The only effective protection measure against such WannaCry-like mobile attacks will be a total separation between mobile devices and your data. The technology that has been proven to do such separation is Virtual Mobile Infrastructure (VMI). This is because of the nature of the solution, which does not just separate the data and the apps from the device, but also separates the network services. In VMI, all the connection from mobile devices are carried through a single remote display protocol, and there is no connection to any other (possibly vulnerable) network services.

On a personal note, I believe that the next mega cyber-attack on smartphones is just around the corner; yet, I’m convinced that organizations can protect themselves by utilizing VMI, as the most effective mobile access solution.

Michael Gagnon

Who has not heard that “Knowledge is Power” in today’s technology connected economy? Knowing what to know is important but knowing what you don’t know is even more critical to execution. With so much information flowing in today’s marketplaces, how is information: and in particular, mobile information, made actionable on your employees favorite mobile device?

The ability for business to disrupt & win is directly related to the quality of relationships between an Enterprise & its customers, its employees, its partner/supplier ecosystem. Nurturing these relationships with free flowing, frictionless & ultimately secure mobile data is at the core of increasing the ecosystem effectiveness. Matching “Know How” with “Know Who” across the enterprise ecosystem is one of the incredible opportunities that data and mobility can harvest.

Technological innovation is so often cited as the fuel of disruption & transformation in the Enterprise. The reality is the more subtle. Intricate shifts in the relationship structures between customers, employees and partners/suppliers are what make the end game of ecosystem transformation possible. And secure mobility is a key catalyst.

But how do you get the information your customers, employees, partners/suppliers need need; when they need it and where they need it, in a simple, consumable and action oriented form on their favorite mobile device?

Bottom line is that knowledge is truly powerless unless and until it flows freely, transparently & with complete security to mobile users…. at point of need. Your ecosystem wants to execute work jobs where they can best happen and this is generally not at a desk as we are so often told by our customers.

Big Data systems are a great example of this conundrum. Big Data systems drive real time analytical capabilities provide a treasure trove of highly contextual, relevant information; derived from some of the most sensitive & proprietary subsets of data in the Enterprise. Big Data is at the core of new competitive capabilities in the Enterprise but does it suffer from mobile security bottlenecks as it tries to deliver insight from Hadoop Clusters to mobile devices?

How you get this information from your Hadoop Data Lake to your mobile device simply, securely & at scale, so users across your entire ecosystem can interact with complete trust and integrity? All of the work to create the situational context that is Big Data is worthless if it cannot be delivered in a totally transparent but totally simplified & secure manner to customers, employees partners & suppliers.

How to enable simplified, “intelligence grade” security at scale is the problem to the answer. Big Data systems need to fulfill their promise to mobile users in the same way they do for those same users fixed devices like PC’s. Could it be that traditional approaches to mobile security found in EMM systems now create too much complexity, cost & friction for the dynamic world of real time Big Data systems?

What if the networks that connect Big Data systems to mobile devices were inherently “intelligence grade” in terms of security transmission, delivery & data protection?

NUBO’s Virtual Mobile Infrastructure (VMI), provides a next generation approach to providing free flowing, transparent & secure delivery of information from Big Data & Cloud Systems to iOS & Android devices. Nubo VMI runs virtual Android mobile devices in a secure AWS Cloud or Premise based platform. Mobile apps are delivered via Nubo’s intelligent remote display protocol called UX over IP to customers, employees, partners/suppliers mobile devices.

The contribution that UX over IP makes to Enterprise security & ecosystem productivity is that Nubo VMI requires “zero data” in transit or on the device to operate ecosystem mobile apps normally. Mobile threat perimeters are reduced to zero with no compromise in user interaction & experience with mobile applications like Outlook & Office 365. With Nubo VMI there is simply no data to hack because there is no data on the mobile device to be hacked. You cannot steal what you cannot see.

Mobile app developers can radically reduce investments into the myriad of traditional mobile app security practices such as app vulnerability testing, mobile device compatibility testing, OS vulnerability testing & app wrapping to name just three. Nubo VMI will reduce mobile app development life cycles by 50% while reducing app development costs by 65% while increasing mobile app security to “intelligence grade”.

Nubo VMI is a platform that delivers radically simplified enablement of mobile apps for customers, employees, partners & suppliers across the Enterprise ecosystem. Using Nubo VMI, the right information is delivered to the right person at the right time where the work actually gets done. Enterprises can be incredibly flexible in the specific situational information that is delivered to users in their ecosystem without the traditional concerns, costs & complexities that are mobile app development as we know it today.

Relationships in the ecosystem will be enriched and empowered because of the incredible relevancy of information that can now be more safely delivered to mobile devices. Nubo VMI helps drive better customer experience ideation, ecosystem collaboration while taking cost, complexity and delays out of traditional mobile application dev-ops.

Winning in today’s market, demands that mobile ecosystem players be on the same page and at the same table with the right information for each and every user to leverage appropriately.