December 20, 2010 | 
Author 
With the introduction of cool mobile devices available for corporate world, executives feel their existing blackberry out of fashion. For a while, blackberry devices ruled the corporate world for mobile communications. They are efficient and highly secure.
Blackberry security is still considered the gold standard for enterprise mobile communications. However, with generation Y taking over the corporate world, enterprise infrastructure have hard time meeting their demand to have social networking and other mobile applications available on their mobile devices. RIM’s product is no more preferred; rather it is now one of the options that should be available to the corporate users.
There is also increasing demand among employees to use their personal mobile devices (individually liable) for enterprise use. They view pervasive wireless LAN (WLAN) and mobile cellular coverage as “must have” capabilities and consider smartphones as “must have” tools that would help integrate their personal and professional lives.
Until recently every enterprise had a web address advertised along with their products. Now, their applications are showing up in mobile device application (app) store and their mobile web addresses (example m.mycompany.com) are advertised along with their web address (example www.mycompany.com) increasing their competitiveness.
So how do we secure such diverse devices while making them available for corporate use?
Posted in Infrastructure, Security Architecture | 
Tags: Android, Architecture, Blackberry, Disk Wipeout, Encryption, Google, Information Security, iOS, iPad, iPhone, Malware, Mobile Device, Open Source, Operating System, Password, Smart Phone, Social Networking, Symbian | 
No Comments »
Ever found your bank statements on Facebook? How about your health records and business plans? That’s what happened to a friend-of-friend of mine. My friend found her friend’s family pictures, health records, business plans and bank statements on Facebook.
The friend-of-friend engaged me to help her out from this as she had no clue how all these information ended up on a Facebook wall. Apparently the friend-of-friend is a business woman and a millionaire who travels a lot to Asian countries such as Malaysia, Singapore and India.
She recently had to undergo a brain surgery in India for which a lot of information was exchanged to her doctors and friends via Gmail. Information includes her health records and bank statements from Canada. She also used this account to exchange business plans with her partners as well as family pictures with her friends.
Posted in Access Control, Between The Lines, Miscellaneous | Tags: Facebook, Fraud Prevention, Social Networking | No Comments »
The technique that uses both contextual and historical user information along with data supplied during an internet transaction to assess the probability of whether a user interaction is authentic or not is called risk based authentication.
Traditional username and password along with information such as who the user is, from where the user is logging in (IP address and information of the location from where the user is actually in at the time of transaction), velocity of the transaction (the process of verifying if its possible for a person who recently logged in from location 1 could login from location 2) and the type of device the user is using are considered as contextual information.