Is Motorola’s New Patch Schedule Exposing Users to Security Threats?

It seems Motorola has decided that the extra work of keeping its Android devices up-to-date with the latest security patches is not important enough.

Motorola has just announced that it will not follow Google’s Android security update cadence.

Instead, the mobile company will only provide security updates to its smartphones when it is convenient for their development team. The reason is: “…because of the amount of testing and approvals that are necessary to deploy them, it’s difficult to do this on a monthly basis for all our devices. It is often most efficient for us to bundle security updates in a scheduled maintenance release (MR) or OS upgrade.”

This means that Motorola’s Android users are more exposed to security vulnerabilities than other mobile users, such as Google Nexus.

Mobile security is a top concern for many businesses. In the recent Cisco 2016 Annual Security Report, mobile security was identified as one of the top security defenses SMB are currently using.

However, the truth of the matter is that up until now, we haven’t heard that much about large-scale security incidents involving mobile devices. In fact, in the latest Data Breach Investigations Report from Verizon, security researchers from Verizon specifically mentioned that they did not even have enough data to support adding mobile attacks to their report.

Ransomware for mobile?

Ransomware may change this. As more cybercriminals consider ransomware as the go-to method for making money in the PC market, targeting the vast amount of mobile device users may be the next natural step toward increasing their revenue stream.

As more and more employees depend on their mobile device for their daily work, taking those devices hostage may be just as effective as taking employees’ PCs hostage.

Every day, new vulnerabilities are detected in mobile devices which may allow attackers to successfully run ransomware code that can breach the sandbox environment implemented by all modern mobile OS.

One example is the Accessibility Clickjacking vulnerability discovered by SkyCure some time ago. This Android OS vulnerability allows an attacker access to resources outside of the sandbox. It’s this type of vulnerability that is exactly what ransomware needs in order to encrypt all the files on the mobile device and effectively take it hostage.

Ransomware has a direct and quantified effect on both the user and the business; therefore, it may tip the scale toward the importance of securing mobile devices. A concerted effort should be made to ensure that the mobile device OS is up-to-date with the latest security patches—effectively blocking any attempt of leveraging known vulnerabilities and unleashing destructive attacks like ransomware.

Keep your systems protected with LANDESK Security Suite and don’t forget to check out our free white paper below.


Wi-Fi Security at the Republican National Convention? Not So Much

Now that the Republican National Convention (RNC) is over, it’s time to review what may be the biggest story to come out of that event. It’s a story of widespread deception that fooled many, and the possible consequences of the success of that deception.

I’m talking, of course, about the duping of some 1,200 convention delegates, who were fooled into logging onto fake, “free,” public Wi-Fi networks.

Fake Wi-Fi Networks

Avast, an antivirus software purveyor, set up fake Wi-Fi networks with real-sounding network names (SSIDs) for a single day. And ignoring much of the non-political news of the day and any education they may have received at work, delegates connected.

“Some 68.3 percent of users’ identities were exposed when they connected, and 44.5 percent of Wi-Fi users checked their emails or chatted via messenger apps,” The Register reported on July 21.

In many cases, delegates were completely clueless about the risks they were taking. “With mobile devices often set to connect to known SSIDs automatically, users can overlook the networks to which they are connecting. Although convenient, this feature is eminently easy to exploit by cybercriminals who set up a false Wi-Fi network with a common SSID. Moreover, web traffic can be visible to anyone on any Wi-Fi network that is unencrypted. Any Wi-Fi that does not require a password is a risk,” the article added.

Now, none of the preceding paragraphs should be news to anyone carrying a smartphone, whatever the delegate selection criteria were for this event. But sadly, the RNC Wi-Fi debacle is more typical than exceptional.

People Open Phishing Attachments

In his recent blog post, Ransomware: The Threat and How to Protect Your Enterprise Part 1, my learned colleague Eran Livne noted that “23 percent of those who receive phishing emails open them, and 11 percent of those recipients click on attachments to those emails,” from the Verizon 2015 Data Breach Investigations Report.

Verizon also found that a phishing campaign of as few as ten emails was more than 90 percent likely to fool at least one recipient. This despite earnest user education efforts about ransomware, not to mention highly visible media coverage.

Which brings us to the crux of the issue: the all-too-human tendency to know, but not to do.

To Know, But Not to Do

“Currently, more than one in three American adults over 20 is obese—up from roughly one in four 20 years ago—and nearly 70 percent are overweight,” reported Catey Hill in the December 2015 article.

And those figures make weight loss big business.

“Companies that focus on weight-loss services (think Nutrisystem and Weight Watchers) raked in $6.3 billion in revenue in 2015, according to an IBISWorld report; sales of supplements—many of which promise weight loss—add billions more,” the article added.

By the way, that IBISWorld report estimated 2015 profits for weight-loss companies at $934.5 million.

The amazing thing about this market? Most weight-loss advice boils down to the same guidance: eat more mindfully and move more often. Which implies that most of us who struggle to avoid the “obese” category know what we need to do, but just don’t do it.

Wi-Fi security is a lot like weight loss. Tons of money gets spent on Wi-Fi security, but someone puts themselves, their personal information, and their company’s networks at risk every day by connecting to networks with no or inadequate security.

You Know What to Do, So Do It!

So, as Eran also said in his blog post, “…by all means, implement a user-education program—but also take at least some basic measures to protects the data on all endpoint devices.”

LANDESK can help, and you don’t even have to buy anything. Start by reading Part 1 and Part 2 of Eran Livne’s ransomware blog post.

Then, head for the LANDESK webinars page, and register for our August 3 webinar on: “Ransomware: The NSA’s Top 10 Mitigation Strategies (and More),” which will feature LANDESK CSO Phil Richards.

Don’t forget to check out some of our solutions for fighting ransomware and other IT threats, including our free white paper below. That way you can minimize the negative effects of that all-too-human tendency mentioned earlier, “to know, but not to do,” the next time it hits one of your colleagues. Or you. (Just sayin’.)


Mobility Management and its Role in Unified Endpoint Management

It’s an annual event that we look forward to at LANDESK, the release of the Gartner Magic Quadrants (MQ) for our various solutions.  For me, the Magic Quadrant for Enterprise Mobility Management Suites is special.  Not because of the days we invest preparing our response (it’s a lot of work), but the MQ gives an opportunity for those of us who live with these products day-in/day-out a chance to step back realize how fast this area of technology moves, and what it means to our customers.

It makes sense, when you think about it: Users exchange their mobile devices every 12-18 months, and that can cross two generations of smartphone models.  With that compressed lifecycle, and the evolution of functionality that comes with each new generation of device, keeping up with the technology is worthy of an annual assessment like the MQ.  Mobile, on its own (and that’s how the EMM Magic Quadrant is determined) is so dynamic, so when we see the MQ publication, we are always happy to see the market assessment aligning with big challenges our customers are looking for us to help them solve.

One of the biggest changes this past year has been the desire to consolidate the toolsets needed to manage everything users carry – from their laptop (and it could be Windows, Mac, etc.) to their smartphone/tablet/other (Android, iOS, etc.). The term is “Unified Endpoint Management”, and we have been hearing a lot from our customers about the desire for clients of all types (traditional and mobile) to be managed together in this way.  It enables user-centered IT management with huge efficiencies. This is the first time that UEM rankings have been part of Gartner’s Magic Quadrant criteria.

For the IT admin, it offers a single system for configuring and managing everything a user carries.  A truly integrated UEM solution, such as LANDESK Management Suite 2016, delivers this in such a way that make it super easy to see, configure and manage all the devices in a user’s portfolio, together and simultaneously.  For the end user, they can count on consistent access across the screens they use, because the policies are configured uniformly based on their role, not the device itself.  Simple, easy user management.

We don’t want to spoil the fun of reading the Gartner Magic Quadrant for Enterprise Mobility Management for yourselves, but we’re extremely proud of our inclusion and move into the “Visionaries” quadrant of the MQ (no vendor saw as significant a shift in the positive direction)!  We’re also honored to have been recognized for our Unified Endpoint Management approach, which leverages our historic strength in Client Management Tools, and brings EMM into the same LDMS product for a truly integrated solution.  Take a look Gartner’s assessments, then take a look at all the devices your users carry.  Do you have all the visibility you need to confidently manage it all?

What does LANDESK 9.6 and the Starship Enterprise have in common?

No, it doesn’t have anything to do with wiping out Romulans or Klingons! It does, in fact, have to do with the speed of LANDESK Management Suite 9.6. The Starship Enterprise (1701-D) in the Next Generation, had a normal maximum operating warp speed of warp 9.6. Coincidental? Maybe. It could go a little faster if you pushed the warp core.

Each new version of the Enterprise came with an astounding change in speed and range.

In the original Star Trek Scotty had to contend with warp 5.2  and so the infamous words “I’m giving it all she’s got Captain!” were heard

In the original Star Trek, Scotty had to contend with warp 5.2 “I’m giving it all she’s got Captain!”

LANDESK 9.6 also comes with greater speed to manage the end-users. Take for instance software distribution and patching. You can now distribute applications, operating systems and patches more than 20x faster. This means if you have a critical patch to get out to everyone, the window for how long the organization is vulnerable is much smaller when it takes only minutes to distribute a patch across an entire enterprise, instead of a few hours. It’s faster and more efficient too, generating even less traffic on the business network. That type of speed and efficiency can keep your shields up and at full strength to keep your business safe and productive.

Just like taking the Enterprise out of space dock for the first time, it’s your turn to try out the newest LANDESK 9.6. Take it for a test flight and feel what warp 9.6 is like. Coming July 22!

Move Over Grandma, Here Comes LANDESK 9.6

My grandmother lived in an amazing time in history. Through her lifetime she saw the emergence of cars, airplanes, spaceships and computers. By the end she was working on becoming a MS Word guru and adopting cell phones. It is just amazing to see how technology has progressed in her lifetime. Grandma and typewriter

Looking back through her life, I think of how she had to communicate with her five sisters and mother who lived across the country.  Since long distance phone calls were expensive, here are the steps of keeping up with the family back in the mid-twentieth century:

  1. Pre-write a letter with a pen and paper.
  2. Find the typewriter with the sticky “t” key.
  3. Load typewriter with 6 sheets of paper and 5 pieces of carbon paper. Both of these items were very scarce during WWII.
  4. Type with such force that it nearly breaks the typewriter to get through all 6 sheets of paper.
  5. Hope to goodness that you didn’t make a typo – no spellcheck.
  6. Find 6 envelopes and stamps and make a trip to the post office.

And presto, in a little over a week, her family would get a communication from her. Contrast this with taking out your smartphone, snapping a picture of your kids and sending it to your entire family in the blink of an eye.

What does this have to do with LANDESK 9.6? LANDESK (LD) has worked hard to make the process easier for IT folks. With each new version, managing systems is becoming more like our social media example and much less like my dear grandmother.

During Interchange 2014, we worked on what would be the best way to show the efficiencies gained in our new provisioning process in LD Management Suite 9.6. Our plan was to show a video of the existing product version to create a migration template and contrast that with Rex McMillan, our Product Manager, creating the same task live with the new version.

As with all best laid plans, ours went awry. Just like watching a racecar from the sidelines, Rex was so fast that we were unable to switch to his live machine quick enough to show him actually create the task. Take a look at these videos:

LANDESK Interchange Keynote on Creating Provisioning Templates

LANDESK – Old Way of Creating Provisioning Templates

Provisioning is an important task and one that IT administrators do on a regular basis as they onboard new employees, change out hardware or migrate to the latest Windows® version.  Streamlining this task makes it much more efficient for the IT admin to effectively repeat this process and even upgrade the user to the latest software titles in the process.

It worked out in the end. Rex was able to show how he considerably decreased the amount of time taken and increased efficiency in creating the completed task. With each new version, LANDESK is making life much easier for IT; it’s like upgrading your typewriter to a smartphone.

This is just one of the many new features coming in LANDESK 9.6 making its debut July 22, 2014!

LANDESK Acquires LetMobile

Following our incredible momentum from 2013, I am excited to announce that this morning LANDESK Software announced it has acquired secure mobile gateway provider LetMobile.

We are excited to welcome the LetMobile team and their innovative technology to the LANDESK family as we continue to deliver on our vision of user-oriented IT. As you will see over time, this integration makes a lot of sense because LetMobile has a similar approach to LANDESK, one where the end user is front and center.

The safe management of data in the mobile domain is one of the most pressing issues in enterprise mobility and in IT generally. With thousands of new devices entering the enterprise every week and with a variety of ownership and responsibility models, IT decision makers are working to understand the next steps in the mobility narrative. Complicating these issues is the central fact that these devices are used for professional and personal activities interchangeably throughout the day. How can IT come to terms with the security risks brought by this new digital lifestyle? 

BYOD Now More Important to Workers Than Coffee

Using personal devices in the workplace is not a new topic and now pretty common practice across the European workforce. However, whilst many people are still talking about the effects BYOD is having on staff productivity and the remote working benefits it offers, the cost saving and corporate spending debate for organisations and users remains on the side-lines.

According to our recent research, having the latest consumer device to use in the boardroom or replacing a notepad for a tablet is proving to be so popular with employees that not only do 39% of employees now purchase their own device for work purposes, but they are actually spending more of their own money on them than they are on tea and coffee.

User-Oriented Mobility: One Size Does Not Fit All

If you read the media, one would think that the whole world is going to be using their own device and that device will be mobile. While BYOD and mobility are indeed transformative, this monolithic view of the world misses some key differences based on different types of users and the job they do. Taking a user-oriented mobility view shows some key differences between people based on the job they do.

As you look at different users, you see some key differences in the devices they use, the ownership of the device, and the business concern for that device. In an attempt to simplify (but not oversimplify) mobile users, let’s look at 3-4 different user types:

  • Operational Task Workers
  • Customer Task Workers
  • Knowledge Workers: Corporate Controlled and BYOD

Operational Task Workers
Think of the person working in a warehouse or doing deliveries and this would be your operational task worker. What does user-oriented mobility mean here? This person is probably using a rugged mobile device that probably has a barcode scanner or takes signature input. This person is not going to be bringing their own device to work do to cost and specificity of the job. Organizations primary concern here is productivity so they are going to provide the device, standardize devices for consistent experiences, and the devices will be shared due to shift work. Without this device, the user is unable to do their job as it is mission critical to their work.

Knowledge Workers: Corporate Controlled
Accounts, lawyers, marketers, HR, engineers and many others make up the knowledge worker space. To date corporate control has been the norm and in many cases will remain the norm for certain industries and geographies. For example, many European countries privacy and work laws result in users having a personal smartphone and a work smartphone. Other regulated industries (finance, healthcare, government) want to maintain control to be in compliance with standards.

Security is the primary business concern in this situation. Here users will be provided the device (a smartphone andor tablet) and in many cases the experience will be similar to desktops and laptops in that the devices have a higher level of standardization, control, and security. Unlike the operational task worker, this person isn’t crippled if their device goes down as they will likely have a laptop or desktop or another mobile device to fall back on.

Knowledge Workers: BYOD
Everyone’s favorite topic: the BYOD knowledge worker. In some cases this person is both BYOD and corporate controlled. This person has a new tablet or phone and wants access to corporate resources across all their devices. In other cases, this could be a contractor who has their own devices and needs to access a client’s ‘network, apps, and data. User-oriented mobility means less intrusion on the end user experience, but security is still paramount for the business. Herein lies the challenge: secure the user’s personal devices without disrupting their experience.

Customer Task Workers
I saved this one for last because it is an interesting segment. This might be a retail associate, a car salesman, a healthcare worker or anyone who is assisting customers with a sale or service. This person is interesting because they are most likely moving away from a shared PC or shared rugged mobile device to a tablet. This user’s device is typically corporate owned due to shift work and the need for standardization. There is a strong need for security and productivity here due to the type of information that is stored or accessible from this device (product information, customer information) and the purpose of the device (sales and customer transactions). Expect a lot of device proliferation here as they are coming from a shared device model.

Mobile is applicable to everyone. User-oriented mobility means organizations need to consider the types of devices and solutions that are most appropriate for the different users to do their job.

ROI of the Mobile Worker

Over the past several months, I’ve been listening to the way customers describe their return on mobility investments.  The answers are impressive.  Answers range from increases in worker speed of task completion, to task accuracy, to month to recognize complete return on dollar investments, reductions in man-hours for cyclical process completions, reductions in seasonal headcounts, reductions in worker training time, and more.  The measurements of return on mobility investment are impressive percentages and yield significant dollar-value savings to each of the companies I’ve heard from.

What is really interesting is how companies can measure their return on investment in such vast and different ways. In some cases, the measure is dollars saved by reducing errors.  In others, it is increased shipments that yield additional dollars per package shipped.  In still others, the savings is recognized by a reduction in seasonal labor, or less worker hours dedicated to completing a specific task.  Whatever the measurement, there are two things that remain true: Every measurement ties to a dollar-value savings that can prove a mathematical return on investment for the dollars spent enabling mobility.  Even more importantly, the measurement each company used to describe their ROI told far more about the problem each was attempting to solve.

Enterprises deploy mobility to achieve a higher level of productivity, but it is not done just Warehouse worker using mobile devicefor the sake of using mobile technology. There is an underlying pain that the company is trying to address – some way of improving a process to gain efficiency, or to recognize a cost savings.  There is a problem to be solved by deploying mobility – and one recommended approach to begin defining the best mobility solution is to start with an operations audit that can help find the weaknesses and inefficiencies in current processes.  By adding automation and voice-enablement, Speakeasy has consistently shown productivity gains for mobile supply chain workers of over 35%. That’s like getting an extra day of productivity from every worker – for every three days worked. Now that’s a fast ROI!

What problems are you aiming to solve with mobility in your enterprise? What measurements are you tracking to determine ROI?  Email me with your objectives at:

2014 Prediction Series: Mobility

2013 is nearing its end and what a ride it has been!  What will the ride be like in 2014?  Well, you can expect your travel bag to get even lighter, as enterprise mobility makes it easier to get more work done while away from the office.  In 2013, we’ve seen the BYOD story rise to the top of mind for many IT administrators. Devices have entered corporate networks at a feverish pace as more and more employees across business roles are arming themselves with smartphones and tablets.

From a hardware perspective, the leading manufacturers of smartphones – especially on sparkling_2014_lightsthe Android OS, have become clear; with Samsung leading the way.  Apple released two new versions of iOS, and new generations of the iPhone (5s and 5c) and iPad (Air). Microsoft acquired Nokia, a signal that the company is drawing a parallel path to both Google and Apple – adding an understanding of mobility hardware into their mobile OS strategy.

So what can we expect from mobility in 2014?  Good news for enterprises everywhere: your employees will be able to do more, with less:

  • Less weight:  More corporate employees will take their tablet on the road – leaving even their laptops at the office.  One reason: tablets are getting even lighter to carry everywhere. Apple’s latest iPad, iPad Air, weighs 20% less than the generation it succeeds, and nearly 30% less than the original version.  At 16oz (US), this tablet, and notable Android equivalents, easily displaces more laptops in travel bags.
  • Fewer systems:  Mobile Device Management (MDM) becomes broadly viewed as a commodity.  The perspective that MDM is an ingredient in a larger IT management suite will continue to gain in popularity among companies. Enterprises everywhere will look for closer integration between management of mobile IT and other endpoints.
  • More mobile productivity: Couple the increased ease of carrying mobile devices with more integrated IT management of mobile users and companies can expect to see productivity continue to increase.  As mobile workers experience a more seamless experience when they leave the office, they can accomplish more on the road.

As these and other events unfold in 2014, LANDesk is here to help you get the most out of your enterprise mobile deployments – and all your IT management needs.  What are your mobility predictions for 2014?  Please post your predictions in the comments section below.

I invite you to also read my Wavelink blog post 2014 Predictions for IT in Ruggedized Environments for a look into the future of mission-critical mobility.