By Mobile Helix CEO and Co-founder, Seth Hallem
Hackers are siphoning billions from the global economy each year by stealing data for profit. However, in spite of this rising threat, enterprises continue to make the same mistakes over and over again. It is time to change our assumptions and to re-think how we protect sensitive data.
Hacking is a booming business. Business has been good for several years now. Data breaches are at all-time highs. Cyber-attacks are skyrocketing, and ransomware is a growing fad. And the best news of all is that the same old tricks (see XSS, SQL Injection, SPAM ….) are still working just as well as they always have. How is it possible that a business that was estimated to cost the global economy $450 billion dollars is continuing to grow? That is a lot of money diverted to criminals in lieu of legitimate participants in our global economy.
By Seth Hallem, originally published in HelpNetSecurity, Sept. 16, 2013
It has been an eventful time in the mobile world with two recent breaking stories revealing vulnerabilities in the security infrastructure for Android and iOS respectively. While vastly different in their nature, both point to a fundamental lesson that CISOs in an increasingly mobile world cannot ignore – when it comes to encryption, read the fine print. Otherwise you may find yourself up the proverbial creek without a paddle (i.e., remediation strategy).
Meltdown and Spectre reveal that perfect information protection comes at an increasingly steep cost.
In the field of data security, 2018 began with a jolt. The revelation
of the Meltdown and Spectre security vulnerabilities has taught us that
in 2018 (and beyond), nothing is sacred.
Speculative execution, the architectural concept that is exploited in the Spectre vulnerability, has been in use by mainframe processors since the mid-1970s. It is taught in Computer Architecture 101 in universities around the world. And yet, it turns out that the security implications were never fully understood until about seven months ago.
Out-of-order execution, the culprit in the Meltdown
vulnerability, is also a ubiquitous concept, although Meltdown is easily
avoided with a better implementation of the concept.
Peripatetic lawyers, take note from Friday, 1/5/2018, in the Washington Post:
“U.S. customs agents conducted 60 percent more searches of travelers’ cellphones, laptops and other electronic devices during the government’s 2017 fiscal year, according to statistics released Friday by U.S. Customs and Border Protection (CBP).
The agency said it searched 30,200 devices but the inspections affected only 0.007 percent of the 397 million travelers — including American citizens as well as foreign visitors — who arrived from abroad during the 12-month period that ended Sept 30.”1
This brief article from Help Net Security, Top blacklisted Android and iOS apps by enterprises caught my eye this morning. The piece highlights a portion of the data from the new Appthority 3Q ’17 Enterprise Mobile Security Pulse Report, which you can download for free.
The Help Net Security article cites the apps blacklisted by enterprises for iOS and for Android, their “Risk Score” and the “Risk Driver.” IT professionals should take note, not only of the blacklisted apps but of the associated risks.
Lawyers receive, annotate, and share documents using a single encrypted app.
Today at ILTACON 2017 you can see our new in-app annotation in LINK 3.3.
Lawyers can quickly annotate a document receive via email or a document stored in iManage Work® and NetDocuments® DMS. Then email the annotated document or check it into DMS with LINK 3.3.
“With the addition of PDF annotation, LINK now provides the industry’s broadest complement of workflows for lawyers on mobile devices,” Seth Hallem, CEO and Co-founder of Mobile Helix. “LINK workflows, whether annotating, editing, or comparing documents, ensure security and control of documents. Clients are imposing tougher security requirements on law firms. Our goal is to provide law firms with stringent security while making it easy for lawyers to get work done with LINK.”