In today’s modern digital age, you need an operating system that can keep your workers and their assets safe from threats. Windows 10 is safe, secure, and it provides critical security capabilities that enable organizations to effectively guard against malicious activity. At Coretek Services, we have years of experience helping customers upgrade their Windows systems so they’re using the best version available. Contact us today to find out more.
FARMINGTON HILLS, MI – December 14, 2017 – UPDATE on Citrix Innovation Award 2018. You’ll have your chance to vote for Coretek and the Americas, January 2-9. Details to follow soon. Be a part of the excitement!
Mobile Application Management (MAM) is a feature that’s not new. However, Microsoft is always improving on the MAM capabilities, and today Intune supports multiple operating systems on Mobile devices. This is not an easy feat; since Microsoft are bound by the APIs that these other platforms offer, such as iOS and Android. These non-Microsoft operating systems are the most prevalent on mobile devices today; and with greater access to corporate data, this poses a threat to data protection and leakage.
We’ve all used application policies from Microsoft’s wide range of applications that have been for many years. For example:
- GPOs control where icons are, where data is saved, what drives are mapped, etc.
- Configuration manager is used to push software out to authorized users and remove applications from those who are not
- Active Directory provides a way to secure data on the network with Groups and Users
…And while Microsoft released Intune quite a few years back, I’ve only recently become a real fan since I’ve started using Mobile Application Management without enrollment. Let’s take a quick look at how MAM allows you to offer access to corporate data without compromising too much of that flexibility that users enjoy by choosing their own device platform and bringing their own devices to work.
There’s nothing new with the concept of “Bring your own device” (BYOD); it’s a concept that’s been around for quite some time. Users can bring their own devices and use them for daily business when a cell phone is needed to do just that. Traditionally, users would logon to a segmented Wi-Fi network that has no access to the corporate network. This allowed IT admins to avoid having to manage additional network access to the company resources and provide an open network for these devices as well as guests visiting their offices. However, with many companies moving data and apps to “the Cloud”, the focus is no longer about segmenting networks, and is instead more focused on protecting the data.
Traditional office apps like Word, Excel, and PowerPoint have been available on mobile devices for quite some time now too, but they commonly required sending the documents to your phone and then opening them. With Office 365, SharePoint online, and OneDrive, these apps now have access to a massive amount of your corporate data. Without protecting this data when accessed on a mobile device, a user could download sensitive company information on their mobile device unencrypted and unprotected from prying eyes. This is where I think Mobile Application Management really starts to come into play.
A Real-World Example
Intune’s Mobile Application Management provides the capabilities to protect your sensitive information on the device, wherever that device is, whether it is in a hotel half-way across the world, left behind in a taxi cab, or picked from the pocket of your CEO. The device may be compromised but the data is secure. This is due to the way application management protects the data on the device. Let me provide you with an example:
Bob’s a CEO of an organization that provides financial information to customers across the financial markets. The details of the finances can make or break a company’s stock profile if they were to be leaked. Bob uses an iPhone to read emails and open documents on his device while traveling the subway in New York City. During a busy morning, he’s shuffling to make it to his next appointment and accidentally drops his phone while exiting the train.
Because of a rich set of policies that Bob’s admin has configured with MAM, the data Bob accesses is not allowed to be stored on the device; and after 5 attempts to unlock the phone unsuccessfully, the corporate apps and data would be wiped. Even if they were to guess the PIN on Bob’s phone, they would still have to guess his credentials; which are required to open any of the company apps that Bob uses. It’s important to understand that:
- The data is not on the device
- There’s a high-probability that someone would automatically wipe the device by guessing the PIN wrong 5 times
- By the time Bob realizes he’s lost his phone, a quick call to his IT Department triggers the admin to send a remote wipe request to his device AND receives a confirmation of success
That was just one example and there are many more features that MAM can enable to protect your data.
Bringing MAM Home
Mobile Application Management is easy to enable and deploy to your users. With proper communication and process, your company data will be secured. Don’t wait for one of your end-users to accidentally leak sensitive information that could make or break your organization’s reputation. Identify those that are using mobile devices and protect them sooner than later.
The arms race between cybercriminals and security firms has reached a fever pitch. Today end users and businesses alike are faced with the growing threat of Ransomware. This is a type of malware that locks and encrypts devices and files preventing access unless a specific amount of money (Ransom) is paid. In 2015, the FBI received roughly 2,453 complaints related to Ransomware malware attacks, which amounted to $24.1 million in losses.
Ransomware relies on social engineering to spread through infected phishing emails, attachments, or malicious content running on infected websites. Once a machine has been compromised, the malware executes and encrypts all data files. This includes local files as well as network drive file storage. After the files are encrypted, they are unrecoverable unless a “ransom” is paid to the attacker. Outside of restoring from a backup the only way to restore the data is to pay the distributor of the malware. (Whoa!)
Initially, individual home users were targeted — but the focus of these attacks has shifted, and businesses are now their primary targets. The shift of the attacks has made these Ransomware companies very profitable, and as such the problem is growing rapidly. As the malware continues to evolve and become more sophisticated, the organizations have grown and now have full time employees dedicated to developing and improving the malware. They leverage some of the most sophisticated phishing and social engineering techniques seen to date. The threat posed by Ransomware is growing and should not be underestimated by our clients.
To mitigate your risk ,the Internet Crime Complaint Center (IC3) division of the FBI recommends the following:
- Always use antivirus software and a firewall. It’s important to obtain and use antivirus software and firewalls from reputable companies. It’s also important to continually maintain both of these through automatic updates.
- Enable popup blockers. Popups are regularly used by criminals to spread malicious software. To avoid accidental clicks on or within popups, it’s best to prevent them from appearing in the first place.
- Always back up the content on your computer. If you back up, verify, and maintain offline copies of your personal and application data, ransomware scams will have limited impact on you. If you are targeted, instead of worrying about paying a ransom to get your data back, you can simply have your system wiped clean and then reload your files.
- Be skeptical. Don’t click on any emails or attachments you don’t recognize, and avoid suspicious websites altogether.
IC3 additionally says if you believe you are a victim of ransomware to file a complaint with the FBI and suggests disconnecting from the internet to avoid any further data loss if you receive a message demanding payment.