The Top 10, Top Predictions for 2012
Around this time of year, almost everyone and their brother put out their annual predictions for the coming year. So instead of coming up with my own, I figured I’d simply regurgitate what many others are expecting to happen. Security Predictions 2012 & 2013 - The Emerging Security Threat – SANS talks Custom Malware, IPv6, ARM hacking and Social Media. Top 7 Cybersecurity Predictions for 2012 - From Stuxnet to Sony, a number of cyberattacks emerged in 2011 that experts have predicted for quite some time. Webroot’s top seven forecasts for the year ahead. Zero-day targets and smartphones are on this list. Top 8 Security Predictions for 2012 – Fortinet’s Security Predictions for 2012. Sponsored attacks and SCADA Under the Scope. Security Predictions for 2012 - With all of the crazy 2011 security breaches, exploits and notorious hacks, what can we expect for 2012? Websense looks at blended attacks, social media identity and SSL. Top 5 Security Predictions For 2012 – The escalating change in the threat landscape is something that drives the need for comprehensive security ever-forward. Firewalls and regulations in this one. Gartner Predicts 2012 – Special report addressing the continuing trend toward the reduction of control IT has over the forces that affect it. Cloud, mobile, data management and context-aware computing. 2012 Cyber Security Predictions – Predicts cybercriminals will use cyber-antics during the U.S. presidential election and will turn cell phones into ATMs. Top Nine Cyber Security Trends for 2012 – Imperva’s predictions for the top cyber security trends for 2012. DDoS, HTML 5 and social media. Internet Predictions for 2012 – QR codes and Flash TOP 15 Internet Marketing Predictions for 2012 – Mobile SEO, Social Media ROI and location based marketing. Certainly not an exhaustive list of all the various 2012 predictions including the doomsday and non-doomsday claims but a good swath of what the experts believe is coming. Wonder if anyone predicted that Targeted attacks increased four-fold in 2011. ps Technorati Tags: F5, cyber security, predictions, 2012, Pete Silva, security, mobile, vulnerabilities, crime, social media, hacks, the tube, internet, identity theftBIG-IP Edge Client 2.0.2 for Android
Earlier this week F5 released our BIG-IP Edge Client for Android with support for the new Amazon Kindle Fire HD. You can grab it off Amazon instantly for your Android device. By supporting BIG-IP Edge Client on Kindle Fire products, F5 is helping businesses secure personal devices connecting to the corporate network, and helping end users be more productive so it’s perfect for BYOD deployments. The BIG-IP® Edge Client™ for all Android 4.x (Ice Cream Sandwich) or later devices secures and accelerates mobile device access to enterprise networks and applications using SSL VPN and optimization technologies. Access is provided as part of an enterprise deployment of F5 BIG-IP® Access Policy Manager™, Edge Gateway™, or FirePass™ SSL-VPN solutions. BIG-IP® Edge Client™ for all Android 4.x (Ice Cream Sandwich) Devices Features: Provides accelerated mobile access when used with F5 BIG-IP® Edge Gateway Automatically roams between networks to stay connected on the go Full Layer 3 network access to all your enterprise applications and files Supports multi-factor authentication with client certificate You can use a custom URL scheme to create Edge Client configurations, start and stop Edge Client BEFORE YOU DOWNLOAD OR USE THIS APPLICATION YOU MUST AGREE TO THE EULA HERE: http://www.f5.com/apps/android-help-portal/eula.html BEFORE YOU CONTACT F5 SUPPORT, PLEASE SEE: http://support.f5.com/kb/en-us/solutions/public/2000/600/sol2633.html If you have an iOS device, you can get the F5 BIG-IP Edge Client for Apple iOS which supports the iPhone, iPad and iPod Touch. We are also working on a Windows 8 client which will be ready for the Win8 general availability. ps Resources F5 BIG-IP Edge Client Samsung F5 BIG-IP Edge Client Rooted F5 BIG-IP Edge Client F5 BIG-IP Edge Portal for Apple iOS F5 BIG-IP Edge Client for Apple iOS F5 BIG-IP Edge apps for Android Securing iPhone and iPad Access to Corporate Web Applications – F5 Technical Brief Audio Tech Brief - Secure iPhone Access to Corporate Web Applications iDo Declare: iPhone with BIG-IP Technorati Tags: F5, infrastructure 2.0, integration, cloud connect, Pete Silva, security, business, education,technology, application delivery, ipad, cloud, context-aware,infrastructure 2.0, iPhone, web, internet, security,hardware, audio, whitepaper, apple, iTunesBait Phone
You may be familiar with the truTV program Bait Car, where the police place a vehicle equipped with hidden cameras and radio trackers in various areas to catch a would be car thief in the act. It’s kinda fun to watch people ‘check out’ the car, check out the surroundings and decide to jump in and drive off. You get to see their excitement as they think that they’ve just won the jackpot along with the utter despair as officers remotely kill the car and the thief is surrounded. Even the excuses as to why they are driving it are hilarious. ‘I was just moving it for my friend, so they wouldn’t get a ticket, whose name I forgot and I also can’t remember where they live.’ In the UK, they got something similar except with mobile phones called ‘Operation Mobli.’ Plain clothes police purposely left "bait" phones embedded with tracking devices in nine pubs and bars across the towns of Hastings and St Leonards in Sussex. I’m not sure what makes and models of phones were left for the taking but none of the baited devices were stolen. In every case, an honest patron noticed the ‘forgotten’ phone and turned in to the bar staff. Some might describe this sting as a failure but according to the Sussex Police’s press release Sgt Ché Donald said, ‘This was an excellent result and my faith has been restored as the phones were honestly handed in.’ I often write about the potential perils of losing a smartphone crammed with private data and all the unfortunate circumstances that follow. If it gets into the wrong hands then that is the case yet we must also remember that there are plenty of good, honest folks out there who will do the right thing when they find something that doesn’t belong to them. Maybe they’ve seen police sting shows, maybe they’ve lost something themselves, maybe their parents raised them right or maybe it’s simply kindness and honesty that’s built into every one of us. Human’s are capable of the greatest good and the nastiest of evil, it’s all how we decide to play it. ps References: Operation Mobli deters mobile phone thieves in Hastings Police mobile phone sting fails when.. err.. no handsets stolen Mobile-phone 'sting' reveals honesty of Sussex pubgoers Police Sting Operation Yields No Mobile Phone Thefts It's legal: cops seize cell phone, impersonate owner What’s in Your Smartphone? Freedom vs. Control BYOD–The Hottest Trend or Just the Hottest Term Will BYOL Cripple BYOD?BIG-IP Edge Client v1.0.4 for iOS
If you are running the BIG-IP Edge Client on your iPhone, iPod or iPad, you may have gotten an AppStore alert for an update. If not, I just wanted to let you know that version 1.0.4 of the iOS Edge Client is available at the AppStore. The main updates in v1.0.4: IPv6 Support Localization New iPad Retina Graphics The BIG-IP Edge Client application from F5 Networks secures and accelerates mobile device access to enterprise networks and applications using SSL VPN and optimization technologies. Access is provided as part of an enterprise deployment of F5 BIG-IP Access Policy Manager, Edge Gateway, or FirePass SSL-VPN solutions. BIG-IP Edge Client for iOS Features: Provides accelerated mobile access when used with F5 BIG-IP Edge Gateway. Automatically roams between networks to stay connected on the go. Full Layer 3 network access to all your enterprise applications and files. I updated mine today without a problem. psWhere Do You Wear Your Malware?
The London Stock Exchange, Android phones and even the impenetrable Mac have all been malware targets recently. If you’re connected to the internet, you are at risk. It is no surprise that the crooks will go after whatever device people are using to conduct their life – mobile for example, along with trying to achieve that great financial heist….’if we can just get this one big score, then we can hang up our botnets and retire!’ Perhaps Homer Simpson said it best, ‘Ooh, Mama! This is finally really happening. After years of disappointment with get-rich-quick schemes, I know I'm gonna get Rich with this scheme...and quick!’ Maybe we call this the Malware Mantra! Malware has been around for a while, has changed and evolved over the years and we seem to have accepted it as part of the landmines we face when navigating the internet. I would guess that we might not even think about malware until it has hit us….which is typical when it comes to things like this. Out of sight, Out of mind. I don’t think ‘absence makes the heart grow fonder’ works with malware. We certainly take measures to guard ourselves, anti-virus/firewall/spoof toolbars/etc, which gives us the feeling of protection and we click away thinking that our sentinels will destroy anything that comes our way. Not always so. It was reported that the London Stock Exchange was delivering malvertising to it’s visitors. The LSE site itself was not infected but the pop-up ads from the site delivered some nice fake warnings saying the computer was infected and in danger. This is huge business for cybercriminals since they insert their code with the third-party advertiser and never need to directly attack the main site. Many sites rely on third-party ads so this is yet another area to be cautious of. One of the things that Web 2.0 brought was the ability to deliver or feed other sites with content. If you use NoScript with Firefox on your favorite news site (or any major site for that matter), you can see the amazing amount of content coming from other sources. Sometimes, 8-10 or more domains are listed as content generators so be very careful as to which ones you allow. With the success of the Android platform, it also becomes a target. This particular mobile malware looks and acts like the actual app. The problem is that it also installs a backdoor to the phone and asks for additional permissions. Once installed, it can connect to a command server and receive instructions; including sending text messages, add URL’s/direct a browser to a site along with installing additional software. The phone becomes part of a botnet. Depending on your contract, all these txt can add up leading to a bill that looks like you just bought a car. In fact, Google has just removed 21 free apps from the Android Market saying its malware designed to get root access to the user’s device. They were all masquerading as legitimate games and utilities. If you got one of these, it’s highly recommended that you simply take your phone back to the carrier and swap it for a new one, since there’s no way of telling what has been compromised. As malware continues to evolve, the mobile threat is not going away. This RSA2011 recap predicts mobile device management as the theme for RSA2012. And in related news, F5 recently released our Edge Portal application for the Android Market – malware free. Up front, I’m not a Mac user. I like them, used them plenty over the years and am not opposed to getting one in the future, just owned Windows devices most of my life. Probably due to the fact that my dad was an IBM’r for 30 years. Late last week, stories started to appear about some beta malware targeting Macs. It is called BlackHole RAT. It is derived from a Windows family of trojans and re-written to target Mac. It is spreading through torrent sites and seems to be a proof-of-concept of what potentially can be accomplished. Reports say that it can do remote control of an infected machine, open web pages, display messages and force re-boots. There is also some disagreement around the web as to the seriousness of the threat but despite that, criminals are trying. Once we all get our IPv6 chips installed in our earlobes and are able to take calls by pulling on our ear, a la Carol Burnett style, I wonder when the first computer to human virus will be reported. The wondering is over, it has already happened. ps Resources: London Stock Exchange site shows malicious adverts When malware messes with the markets Android an emerging target for cyber criminals Google pulls 21 apps in Android malware scare More Android mobile malware surfaces in third-party app repositories Infected Android app runs up big texting bills Ignoring mobile hype? Don't overlook growing mobile device threats "BlackHole" malware, in beta, aims for Mac users Mac Trojan uses Windows backdoor code I'll Believe Mac malware is a problem when I see it BlackHole RAT is Really No Big Deal 20 years of innovative Windows malware Edge Portal application on Android MarketOde to FirePass
A decade ago, remote VPN access was a relatively new concept for businesses; it was available only to a select few who truly needed it, and it was usually over a dial-up connection. Vendors like Cisco, Check Point, and Microsoft started to develop VPN solutions using IPsec, one of the first transport layer security protocols, and RADIUS Server. At first organizations had to launch the modem and enter the pertinent information, but soon client software was offered as a package. This client software had to be installed, configured, and managed on the user’s computer. As high-speed broadband became a household norm and SSL/TLS matured, the SSL VPN arrived, allowing secure connections via a browser-based environment. Client pre-installation and management hassles were eliminated; rather the masses now had secure access to corporate resources with just a few browser components and an appliance in the data center. These early SSL VPNs, like the first release of F5’s FirePass, offered endpoint checks and multiple modes of access depending on user needs. At the time, most SSL VPNs were limited in areas like overall performance, logins per second, concurrent sessions/users, and in some cases, throughput. Organizations that offered VPN extended it to executives, frequent travelers, and IT staff, and it was designed to provide separated access for corporate employees, partners, and contractors over the web portal. But these organizations were beginning to explore company-wide access since most employees still worked on-site. Today, almost all employees have multiple devices, including smartphones, and most companies offer some sort of corporate VPN access. By 2015, 37.2 percent of the worldwide workforce will be remote and therefore mobile—that’s 1.3 billion people. Content is richer, phones are faster, and bandwidth is available—at least via broadband to the home. Devices need to be authenticated and securely connected to corporate assets, making a high-performance Application Delivery Controller (ADC) with unified secure access a necessity. As FirePass is retired, organizations will have two ADC options with which to replace it: F5 BIG-IP Edge Gateway, a standalone appliance, and BIG-IP Access Policy Manager (APM), a module that can be added to BIG-IP LTM devices. Both products are more than just SSL VPNs—they’re the central policy control points that are critical to managing dynamic data center environments. A Little History F5’s first foray into the SSL VPN realm was with its 2003 purchase of uRoam and its flagship product, FirePass. Although still small, Infonetics Research predicted that the SSL VPN market will swell from around $25 million [in 2002] to $1 billion by 2005/6 and the old meta Group forecasted that SSL-based technology would be the dominant method for remote access, with 80 percent of users utilizing SSL by 2005/6. They were right—SSL VPN did take off. Using technology already present in web browsers, SSL VPNs allowed any user from any browser to type in a URL and gain secure remote access to corporate resources. There was no full client to install—just a few browser control components or add-on to facilitate host checks and often, SSL-tunnel creation. Administrators could inspect the requesting computer to ensure it achieved certain levels of security, such as antivirus software, a firewall, and client certificates. Like today, there were multiple methods to gain encrypted access. There was (and still is) the full layer-3 network access connection; a port forwarding or application tunnel–type connection; or simply portal web access through a reverse proxy. SSL VPNs Mature With more enterprises deploying SSL VPNs, the market grew and FirePass proved to be an outstanding solution. Over the years, FirePass has lead the market with industry firsts like the Visual Policy Editor, VMware View support, group policy support, an SSL client that supported QoS (quality of service) and acceleration, and integrated support with third-party security solutions. Every year from 2007 through 2010, FirePass was an SC Magazine Reader Trust finalist for Best SSL VPN. As predicted, SSL VPN took off in businesses; but few could have imagined how connected the world would really become. There are new types of tablet devices and powerful mobile devices, all growing at accelerated rates. And today, it’s not just corporate laptops that request access, but personal smartphones, tablets, home computers, televisions, and many other new devices that will have an operating system and IP address. As the market has grown, the need for scalability, flexibility, and access speed became more apparent. In response, F5 began including the FirePass SSL VPN functionality in the BIG-IP system of Application Delivery Controllers, specifically, BIG-IP Edge Gateway and BIG-IP Access Policy Manager (APM). Each a unified access solution, BIG-IP Edge Gateway and BIG-IP APM are scalable, secure, and agile controllers that can handle all access needs, whether remote, wireless, mobile, or LAN. The secure access reigns of FirePass have been passed to the BIG-IP system; by the end of 2012, FirePass will no longer be available for sale. For organizations that have a FirePass SSL VPN, F5 will still offer support for it for several years. However those organizations are encouraged to test BIG-IP Edge Gateway or BIG-IP APM. Unified Access Today The accelerated advancement of the mobile and remote workforce is driving the need to support tens of thousands concurrent users. The bursting growth of Internet traffic and the demand for new services and rich media content can place extensive stress on networks, resulting in access latency and packet loss. With this demand, the ability of infrastructure to scale with the influx of traffic is essential. As business policies change over time, flexibility within the infrastructure gives IT the agility needed to keep pace with access demands while the security threats and application requirements are constantly evolving. Organizations need a high-performance ADC to be the strategic point of control between users and applications. This ADC must understand both the applications it delivers and the contextual nature of the users it serves. BIG-IP Access Policy Manager BIG-IP APM is a flexible, high-performance access and security add-on module for either the physical or virtual edition of BIG-IP Local Traffic Manager (LTM). BIG-IP APM can help organizations consolidate remote access infrastructure by providing unified global access to business-critical applications and networks. By converging and consolidating remote access, LAN access, and wireless connections within a single management interface, and providing easy-to-manage access policies, BIG-IP APM can help free up valuable IT resources and scale cost-effectively. BIG-IP APM protects public-facing applications by providing policy-based, context-aware access to users while consolidating access infrastructure. BIG-IP Edge Gateway BIG-IP Edge Gateway is a standalone appliance that provides all the benefits of BIG-IP APM—SSL VPN remote access security—plus application acceleration and WAN optimization services at the edge of the network—all in one efficient, scalable, and cost-effective solution. BIG-IP Edge Gateway is designed to meet current and future IT demands, and can scale up to 60,000 concurrent users on a single box. It can accommodate all converged access needs, and on a single platform, organizations can manage remote access, LAN access, and wireless access by creating unique policies for each. BIG-IP Edge Gateway is the only ADC with remote access, acceleration, and optimization services built in. To address high latency links, technologies like intelligent caching, WAN optimization, compression, data deduplication, and application-specific optimization ensure the user is experiencing the best possible performance, 2 to 10 times faster than legacy SSL VPNs. BIG-IP Edge Gateway gives organizations unprecedented flexibility and agility to consolidate all their secure access methods on a single device. FirePass SSL VPN Migration A typical F5 customer might have deployed FirePass a few years ago to support RDP virtual desktops, endpoint host checks, and employee home computers, and to begin the transition from legacy IPsec VPNs. As a global workforce evolved with their smartphones and tablets, so did IT's desire to consolidate their secure access solutions. Many organizations have upgraded their FirePass controller functionality to a single BIG-IP appliance. Migrating any system can be a challenge, especially when it is a critical piece of the infrastructure that global users rely on. Migrating security devices, particularly remote access solutions, can be even more daunting since policies and settings are often based on an identity and access management framework. Intranet web applications, network access settings, basic device configurations, certificates, logs, statistics, and many other settings often need to be configured on the new controller. FirePass can make migrating to BIG-IP Edge Gateway or BIG-IP APM a smooth, fast process. The FirePass Configuration Export Tool, available as a hotfix (HF-359012-1) for FirePass v6.1 and v7, exports configurations into XML files. Device management, network access, portal access, and user information can also all be exported to an XML file. Special settings like master groups, IP address pools, packet filter rules, VLANS, DNS, hosts, drive mappings, policy checks, and caching and compression are saved so an administrator can properly configure the new security device. It’s critical that important configuration settings are mapped properly to the new controller, and with the FirePass Configuration Export Tool, administrators can deploy the existing FirePass configurations to a new BIG-IP Edge Gateway device or BIG-IP APM module. A migration guide will be available shortly. SSL VPNs like FirePass have helped pave the way for easy, ubiquitous remote access to sensitive corporate resources. As the needs of the corporate enterprise change, so must the surrounding technology tasked with facilitating IT initiates. The massive growth of the mobile workforce and their devices, along with the need to secure and optimize the delivery of rich content, requires a controller that is specifically developed for application delivery. Both BIG-IP Edge Gateway and BIG-IP APM offer all the SSL VPN functionality found in FirePass, but on the BIG-IP platform. ps Resources: 2011 Gartner Magic Quadrant for SSL VPNs F5 Positioned in Leaders Quadrant of SSL VPN Magic Quadrant SOL13366 - End of Sale Notice for FirePass SOL4156 - FirePass software support policy Secure Access with the BIG-IP System | (whitepaper) FirePass to BIG-IP APM Migration Service F5 FirePass to BIG-IP APM Migration Datasheet FirePass Wiki Home Audio Tech Brief - Secure iPhone Access to Corporate Web Applications In 5 Minutes or Less - F5 FirePass v7 Endpoint Security Pete Silva Demonstrates the FirePass SSL-VPN Technorati Tags: F5, infrastructure 2.0, integration, cloud connect, Pete Silva, security, business, education, technology, application delivery, intercloud, cloud, context-aware, infrastructure 2.0, automation, web, internetInvasion of Privacy - Mobile App Infographic Style
Couple blogs/weeks ago, I posted What’s in Your Smartphone? covering the recent Nielsen report, State of the Appnation – A Year of Change and Growth in U.S. Smartphones. According to the study, 70% (last year) and 73% (this year) expressed concern over personal data collection and 55% were cautious about sharing location info via smartphone apps so, obviously, it is important that users are aware of the risks they face when downloading and using apps. So it is perfect timing that I came across Veracode’s infographic showing real world cases to outline the threat to user privacy posed by mobile apps. Infographic by Veracode Application Security Fascinating and scary at the same time. ps References: How Mobile Apps are Invading Your Privacy Infographic Infographic: How Mobile Apps Invade Your Privacy State of the Appnation – A Year of Change and Growth in U.S. Smartphones Nielsen: 1 in 2 own a smartphone, average 41 apps Freedom vs. Control BYOD–The Hottest Trend or Just the Hottest Term Hey You, Get Off-ah My Cloud! Evolving (or not) with Our Devices The New Wallet: Is it Dumb to Carry a Smartphone? BYOD Is Driving IT ‘Crazy,’ Gartner Says Consumerization trend driving IT shops 'crazy,' Gartner analyst saysKids and their Dot Coms
My daughter likes to glue pictures in a composition notebook – Disney Princesses, giraffes, fairies, Barbie scenes, herself and many other things a kindergartener gravitates towards. Usually she asks for certain characters or a particular animal and I go find and print. This weekend, however, as she was asking for some Barbie pictures and a basketball player, she specifically said, ‘you need to go to barbie.com and basketballplayer.com to get the pictures.’ Oh really? She’s known about ‘dot com’ for a while, especially buyslushymagic.com but this was one of the first times she’s requested, rather instructed me to visit specific sites for her crafts. She is good at a keyboard and knows how to search for youtube videos, which is becoming the norm for 5 year olds. I totally understand that each generation, due to whatever technological advancements, grow up in different era's with different ways of doing things and many conversations start with, ‘When I was growing up…’ or ‘When I was a kid…’ We didn’t have TV; we only had black & white TV; we had to get up to change the channel on our TV; we didn’t have cable TV; we had square TVs; we didn’t have HDTV; our TV wasn’t hooked up to the internet; we didn’t have streaming movies to the TV and soon it’ll be, ‘we didn’t have TVs that watched us when I was a kid.’ It’s fun to live during a time of so much technology innovation and growth and to work for a company, F5, that is an integral part of how it all works. And as is usually the case when I’m contemplating some nostalgia related topic, I came across this infographic: Isn’t it fun to look back and remember what we were doing last century? psThe New Wallet: Is it Dumb to Carry a Smartphone?
When I was a teenager, I used to have one of those cool nylon surfer wallets with the Velcro close, you remember those don’t ya? While pumping diesel (had a VW Rabbit) one day at an old Gulf station, I left the wallet on top of the car and drove off. Realizing that my wallet was not snug in the sun visor when I got home, I retraced my path and found it - parts of it - scattered all over Route 1. Luckily, I got most of my belongings back but had that sickened feeling of almost losing my most precious possession at the time, my fake I……um, my driver’s license. I then got a leather wallet and shoved so many things in there I could have been mistaken for George Costanza, not to mention the hole that evolved right at the bottom point of my back pocket. Not liking the bump on my butt, I eventually moved to ‘money-clip’ type holders, you know those money holder things you carry in your front pocket. I felt ‘safer’ knowing it was in my front pocket and I only carried the essentials that I needed, rather than the reams of receipts I’d have in my wallet. When I was younger, I’d use tie clips, metal binder clips, and other things until I got a nice Harley-Davidson one which holds credit cards and clips currency. I’d still feel sick if I lost it however. Not having a wallet, purse, money clip or other currency container at all, may eventually be our new reality. You see, our smartphones are starting to carry all that digital information for us and according to a recent CNNMoney article, our smartphones are becoming one of our most dangerous possessions. We can do banking, make payments, transfer money, use the phone for loyalty card swipes along with credit card transactions. At the same time, mobile users more vulnerable to phishing attacks, some banking apps for Android, iPhone expose sensitive info, Android Trojan Emerges In U.S. Download Sites and how IPv6: Smartphones compromise users' privacy. We knew it would eventually happen but the crooks are now adapting to the explosive mobile growth, the rise of mobile banking and our never ending connection to the internet. Don’t get me wrong, like many of you, I love having email, contacts, calendar and entertainment at my fingertips along with the convenience of having all my stuff with me; but the chances of losing much more greatly increase since you have the equivalent, or even more, of all your credit cards, personal and private information and other sensitive stuff right on your smartphone. Sure there are backup programs but how many of you actually backup your computer on a weekly basis? How many have wipe or lock software installed to destroy everything on the smartphone if it is stolen? How many have tracking software if it is lost? How many have your actual home address in the GPS navigator so the offender can find where you live and visit while you are away? How many have sensitive corporate information stored on the smartphone since you use it for both personal and business use? Now I’m starting to spook myself. Many people will willingly trade some personal info for personal convenience. You might never give a total stranger your home address and phone number but if they add, ‘in exchange, we’ll give you this branded card and you’ll get 10% off every purchase,’ more than likely, we’ll turn that personal info over. If you understand that every purchase will be scanned, sent to a database and used for marketing or as the merchant describes, to ‘provide you with the best service and offerings,’ then you might accept that. If you accept and understand the risks of doing mobile banking, transferring money, making payments and carrying around your entire life on your mobile device….and take actions to mitigate those risks, like using encryption, backups, wipe/locate software, antivirus, OS updates and other mobile security precautions along with practicing the same discretion as you would with your home computer (like not clicking links from strangers) then you should stay relatively safe. Unless, of course, you leave that digital wallet on the top of your vehicle and drive off. ps Resources Android Trojan Emerges In U.S. Download Sites Sophisticated New Android Trojan "Geinimi" Spreading in China Chinese crack down on 'money-sucker' Androids Your most dangerous possession? Your smartphone IPv6: Smartphones compromise users' privacy Mobile users more vulnerable to phishing attacks Report: Banking Apps for Android, iPhone Expose Sensitive Info Make Sure Your Smartphone Payments Are Secure F5 BIG-IP Edge Client App F5 BIG-IP Edge Portal App Securing iPhone and iPad Access to Corporate Web Applications – F5 Technical Brief Audio Tech Brief - Secure iPhone Access to Corporate Web ApplicationsiDo Declare: iPhone with BIG-IP
Who would have imagined back in 1973 when Martin Cooper/Motorola dialed the first portable cellular phone call, that one day we'd be booking airline tickets, paying bills, taking pictures, watching movies, getting directions, emailing and getting work done on a little device the size of a deck of cards. As these 'cell-phones' have matured, they've also become an integral part of our lives on a daily basis. No longer are they strictly for emergency situations when you need to get help, now they are attached to our hip with an accompanying ear apparatus as if we've evolved with new bodily appendages. People have grown accustomed to being 'connected' everywhere. There have been mobile breakthroughs over the years, like having 3G/4G networks and Wi-Fi capability, but arguably one of the most talked about and coveted mobile devices in recent memory is the Apple iPhone. Ever since the launch of the iPhone in 2007, it has changed the way people perceive and use mobile devices. It's not just the tech-savvy that love the iPhone, it's Moms, Florists, Celebrities, Retailers and everyone in between that marvel at the useful ways iPhone can be used, and for their very own novel purpose. There are literally hundreds of thousands of apps available for iPhone, from the silly and mundane to banking and business. Browsing the web is a breeze with the iPhone with the ability to view apps in both portrait and landscape modes. The ability to zoom and 'pinch' with just your fingers made mobile browsing tolerable, even fun from an iPhone. Shopping from your cell phone is now as common as ordering a cup of coffee - often at the same time! iPhone developers are pushing the limits with augmented reality applications where you can point your iPhone into the sky and see the flight number, speed, destination and other such details as planes fly by. When the iPhone was first introduced and Apple started promoting it as a business capable device, it was missing a few important features. Many enterprises, and small businesses for that matter, use Microsoft products for their corporate software - Exchange for email, Word for documents, Excel for spreadsheets and PowerPoint for presentations. Those were, as expected, not available on the iPhone. As new generations of iPhones hit the market and iOS matured, things like iPhone Exchange ActiveSync became available and users could now configure their email to work with Exchange Server. Other office apps like Documents-to-Go make it possible for iPhone users to not only to view Microsoft Word and Excel documents, but they were able to create and edit them too. Today, there are business apps from Salesforce, SAP and Oracle along with business intelligence and HR apps. Companies can even lock down and locate a lost or stolen iPhone. Business users are increasingly looking to take advantage of Apple iOS devices in the corporate environment, and as such IT organizations are looking for ways to allow access without compromising security, or risking loss of endpoint control. IT departments who have been slow to accept the iPhone are now looking for a remote access solution to balance the need for mobile access and productivity with the ability to keep corporate resources secure. The F5 BIG-IP Edge Portal app for iOS devices streamlines secure mobile access to corporate web applications that reside behind BIG-IP Access Policy Manager, BIG-IP Edge Gateway and FirePass SSL VPN. Using the Edge Portal application, users can access internal web pages and web applications securely, while the new F5 BIG-IP Edge Client app offers complete network access connection to corporate resources from an iOS device; a complete VPN solution for both the iPhone and iPad. The BIG-IP Edge Portal App allows users to access internal web applications securely and offers the following features: User name/password authentication Client certificate support Saving credentials and sessions SSO capability with BIG-IP APM for various corporate web applications Saving local bookmarks and favorites Accessing bookmarks with keywords Embedded web viewer Display of all file types supported by native Mobile Safari Assuming an iPhone is a trusted device and/or network access from an iPhone/iPad is allowed, then the BIG-IP Edge Client app offers all the BIG-IP Edge Portal features listed above, plus the ability to create an encrypted, optimized SSL VPN tunnel to the corporate network. BIG-IP Edge Client offers a complete network access connection to corporate resources from an iOS device. With full VPN access, iPhone/iPad users can run applications such as RDP, SSH, Citrix, VMware View, VoIP/SIP, and other enterprise applications. The BIG-IP Edge Client app offers additional features such as Smart Reconnect, which enhances mobility when there are network outages, when users roaming from one network to another (like going from a mobile to Wi-Fi connection), or when a device comes out of hibernate/standby mode. Split tunneling mode is also supported, allowing users to access the Internet and internal resources simultaneously. BIG-IP Edge Client and Edge Portal work in tandem with BIG-IP Edge Gateway, BIG-IP APM and FirePass SSL VPN solutions to drive managed access to corporate resources and applications, and to centralize application access control for mobile users. Enabling access to corporate resources is key to user productivity, which is central to F5’s dynamic services model that delivers on-demand IT. ps Resources F5 Announces Two BIG-IP Apps Now Available at the App Store F5 BIG-IP Edge Client App F5 BIG-IP Edge Portal App F5 BIG-IP Edge Client Users Guide iTunes App Store Securing iPhone and iPad Access to Corporate Web Applications – F5 Technical Brief Audio Tech Brief - Secure iPhone Access to Corporate Web Applications Is the iPhone Finally Ready for Business Use? iPhone in Business The next IT challenge: Mobile device management Use Your iPhone to See Where Planes are Headed
