InformationWeek Stories by Esther Shein

InformationWeek Stories by Esther Sheinhttp://www.informationweek.comInformationWeeken-usCopyright 2012, UBM LLC.2013-03-15T08:15:00ZAT&T 4G Takes First Place in Speed TestsA new report compares each of the top four U.S. carriers' data performance and how they stack up in 4G LTE benchmark testshttp://www.informationweek.com/byte/personal-tech/wireless/att-4g-takes-first-place-in-speed-tests/240150866?cid=RSSfeed_IWK_AuthorsAT&T has the fastest 4G network among the top four U.S. carriers, according to <a target="_blank" href="http://rootmetrics.com/special-reports/lte-performance-review/">the latest report from Root Metrics</a>, an independent, third-party mobile analytics company. <div style="margin:0; padding: 0 0 5px 5px; width:210px; float:right; text-align:center;"><a target="_blank" href="http://twimgs.com/informationweek/byte/news/2013-March/AT&T-Verizon-Sprint-LTE-Speeds.jpg"><img alt="AT&T Verizon Sprint LTE Speeds" title="AT&T Verizon Sprint LTE Speeds" src="http://twimgs.com/informationweek/byte/news/2013-March/AT&T-Verizon-Sprint-LTE-Speeds-200.jpg" alt="same as caption" hspace="0" vspace="0" border="0" /></a><div style="margin:4px 0 0 0; padding:0; color:#990000; font-weight:bold;">Click for larger image</div></div>AT&T had an average LTE-only download speed of 18.6 megabits per second and an average upload speed of 9Mbps, according to Root Metrics, which used more than 725,000 data samples. Across its LTE markets, AT&T averaged a maximum download speed of 57.7 Mbps and a maximum upload speed of 19.6 Mbps. By comparison, Verizon, which came in second place with an average LTE download speed of 14.3Mbps and an average upload speed of 8.5Mbps. It averaged maximum speeds of 49.3Mbps for downloads and 19.7Mbps for uploads. But its 93.2 percent reliability rate was found to be the best among the group. Although AT&T does not have the largest 4G LTE network — Verizon's LTE network was available in 77 markets tested while AT&T's was available in just 47 — the findings did not come as a total surprise. "We saw AT&T's speeds picking up considerably as 2012 advanced, with some extremely fast results in several of our RootScore Reports," so its performance in LTE study wasn't an anomaly, says Bill Moore, CEO of RootMetrics. He adds, though, that "What remains unclear at this point, though, is whether AT&T's edge in LTE speed is a result of having a newer, and therefore potentially less congested network, or an outgrowth of different implementations of LTE by the carriers. We'll be retesting markets throughout 2013 and are interested to see how the race might change as the carriers' networks continue to mature." Sprint came in third place with an average of 10.3Mbps for LTE downloads and 4.4Mbps for LTE uploads. Its maximum average speed was 32.7Mbps and it had a maximum upload speed of 9.9Mbps, according to the report. Moore says its speeds were a "pleasant surprise," since they were actually faster than what Sprint had advertised on its website. "That bodes well for consumers looking for another LTE option moving forward," he notes. T-Mobile continued its trend of strong download speeds, even without LTE available in 2012, the testing indicated. Even though AT&T outshone Verizon in speed testing, Moore notes that the latter's "consistency at delivering LTE service stood out as a highlight. We accessed their LTE network in every market we tested, and our crowdsourced results show that consumers are also finding Verizon's LTE in more places than they are with the other carriers." And while T-Mobile does not offer 4G LTE coverage, Moore says the FCC's decision earlier this week to approve the carrier's merger with MetroPCS gives it "a ready-made LTE footprint and additional spectrum it can use to expand its LTE capacity" in large markets. "A combination with MetroPCS potentially gives T-Mobile not only a bigger consumer base but also more marketing clout, which could in turn put more pricing pressure on the other LTE carriers." In terms of what consumers can expect from the carriers this year, Moore predicts that Sprint, after spending 2012 prepping its network, will have a significant LTE rollout in 2013. While noting that Sprint is also in the center of complicated potential mergers with Softbank and Clearwire, which could muddy the waters, he says "what is clear is that Sprint seems poised to become a more aggressive competitor and the mobile landscape could shift significantly." <a target="_blank" href="http://twimgs.com/informationweek/byte/news/2013-March/AT&T-Verizon-Sprint-LTE-Coverage-Map.jpg"><img alt="AT&T Verizon Sprint LTE coverage maps" title="AT&T Verizon Sprint LTE coverage maps" src="http://twimgs.com/informationweek/byte/news/2013-March/AT&T-Verizon-Sprint-LTE-Coverage-Map-452.jpg" /></a><div style="margin:4px 0 0 0; padding:0; color:#009999; font-size:small; ;font-style: italic; text-align:right;">In addition to professional speed testing, RootMetrics provided data from users reporting on network availability using their <a target="_blank" href="http://rootmetrics.com/app/">CoverageMap app</a>. Click map for larger image.</div> T-Mobile, meanwhile, is also preparing to launch LTE, with its first market most likely coming live very soon, Moore says. An official LTE rollout, combined with the spectrum advantages and consumer base emerging from its acquisition of MetroPCS, he says, will give T-Mobile an important footing moving forward as well. "All of this is good news for consumers," Moore says. "There should be more options to choose from if you are looking for fast LTE service and there could potentially be increased competition between the carriers, which could also lead to benefits for the consumer." 2013-03-07T08:00:00ZCommunication and Collaboration Startups Win Innovation AwardsEnterprise Connect explores unified communications, network video, SIP trunking and BYOD Nexistant, Plivo, Scoop App and UberConferenc for an IT audience.http://www.informationweek.com/byte/personal-tech/communication-and-collaboration-startups/240150218?cid=RSSfeed_IWK_AuthorsFour startups focused on enterprise communication and collaboration have been selected the winners of Enterprise Connect's Third Annual Innovation Showcase competition. Chosen from a field of over 20 entries, they are:<ul><li><a target="_blank" href="http://www.nexistant.com/">Nexistant</a>, a developer and provider of virtual reception and remote expert videoconferencing applications</li><li><a target="_blank" href="http://www.plivo.com/">Plivo</a>, a scalable voice and messaging platform wrapped with flexible APIs and backed by 24/7 support</li><li><a target="_blank" href="http://www.scoopapponline.com/">Scoop App</a>, a collaborative issue management and support system that lets staff and customers record and describe any issue from their mobile device</li><li><a target="_blank" href="http://www.uberconference.com/">ÜberConference</a>, a next-generation audio conferencing service with a visual interface</li></ul> The four winners will present their ideas and approaches during opening general sessions at the Enterprise Connect Conference & Expo beginning Monday, March 18 at the Gaylord Palms in Orlando, FL. The Innovation Showcase features startup companies with products geared at helping businesses communicate and collaborate more effectively. To qualify, applicant companies had to have at least one customer that employs over 250 people that is currently using the nominated product or service, and have revenues of less than $3.5 million. The winners were selected based on the potential of the company's new idea, product, or service to advance enterprise communications and/or collaboration. "With only four presentation slots available yet so many fresh ideas, the selection process for the third annual Innovation Showcase award was the toughest yet. Strong applicants boasted so many creative solutions to satisfy the growing demand for communication beyond voice — from adding visual elements to enabling mobile access," said Dave Michels, CEO of Verge1, who managed the Innovation Showcase selection process, in a statement. "These young and promising companies epitomize the future of workplace communications and collaboration," said Fred Knight, Enterprise Connect GM and Co-Chair, in a statement. "Innovation Showcase winners are inspiring an overall refresh of how businesses use technology to simplify and streamline the exchange ideas and information — what Enterprise Connect is all about." Nexistant and ÜberConference will present on Monday at 11:00 a.m. and Plivo and Scoop App will present at 1:00 p.m. In addition to the presentations, the four Innovation Showcase winners will be in Booth 1128, in the <a target="_blank" href="http://www.enterpriseconnect.com/orlando/2013/exhibitor-list/?_mc=IWKEC13">Enterprise Connect Exhibition</a>. The Innovation Showcase competition judging panel consisted of Dave Michels, a frequent contributor to <a target="_blank" href="http://www.nojitter.com/">NoJitter.com</a>, Enterprise Connect's editorial web site, as well as enterprise communications experts, including customers and industry analysts. Officials from Google, Cisco, Avaya, IBM, Microsoft, Frost & Sullivan, NEC, American Express, MasterCard, Verizon, AT&T, Polycom, Sprint, Comcast and Johnson & Johnson will be among the featured speakers. Conference tracks will include "Building a UC & Collaboration Roadmap," "How to Keep Video from Blowing up Your Network," and "Managing Mobility in a BYOD World." <a target="_blank" href="http://www.enterpriseconnect.com/orlando/?_mc=IWKEC13">Enterprise Connect</a>, produced by UBM Tech, publisher of BYTE, will be held from March 18-21. <a target="_blank" href="http://www.enterpriseconnect.com/orlando/?_mc=IWKEC13">Save $200 Off a Conference Pass or get a FREE Expo Plus Pass.</a> 2012-12-13T08:35:00ZHow To Decommission BYOD Mobile DevicesEmployees with smartphones and tablets used in a BYOD scenario often leave confidential data on them when they replace them with new devices. This is a big mistake and exposes the company to great risk. Here's how to establish a policy for securely moving forward with a new BYOD device.http://www.informationweek.com/byte/personal-tech/smart-phones/how-to-decommission-byod-mobile-devices/240144356?cid=RSSfeed_IWK_AuthorsMobile connected devices are the most sought after gifts this holiday season even beating out money, peace and happiness &#151 according to <a target="_blank" href="http://www.ce.org/News/News-Releases/Press-Releases/2012-Press-Releases/Consumers-to-Spend-More-on-Tech,-All-Items-This-Ho.aspx">a recent study by the Consumer Electronics Association</a>. But in the midst of the unmitigated joy the latest tablets and smartphones will bring comes a message of caution: when it comes time for out with the old, in with the new, BYOD workers need to deal with the data still sitting on discarded devices. Right now they don't. MDM provider <a target="_blank" href="http://www.maas360.com/">Fiberlink</a> teamed up with Harris Interview to ask 2,243 workers what they had done with their previous mobile device when they upgraded to something new. Fifty eight percent of respondents said they kept the device, although inactive; 16 percent had the data professionally wiped; 13 percent turned the device over to the service provider; 11 percent donated the device, gave it away or threw it in the trash and five percent had the device securely destroyed. Most notable was that 68 percent of employees said they did not have their devices professionally wiped or securely destroyed when swapping them out for newer technology, according to Fiberlink. <hr /><blockquote>The rapid pace of product upgrades in the device market has created new markets for people to sell their old device. Click here to read about <a href="http://www.informationweek.com/byte/personal-tech/smart-phones/resale-sites-for-gadgets-flourish/240144357">three companies in this business</a>.</blockquote><hr /> "Whatever apps and information they have on there is still on there that's the concerning part," says David Lingenfelter, information security officer at Fiberlink. "The risk varies based on what you end up doing with the device. If you give a used device to your kid, chances are they won't do anything, but if you turn it into your carrier... they'll check to see if there's personal information on there. That's human nature; it's how people think." He says it's really incumbent on the company, as much as the employee, to ensure that they know what to do when they get a new device for use at work. "It's an education thing," Lingenfelter says, noting that people tend to forget about the specifics of a corporate BYOD policy, especially if it was implemented a long time ago. "They need to let employees know what to do with device... and the company should wipe it." In some cases, however, there is no policy. Seventy-eight percent of companies reported having some type of policy that specifically addresses mobile devices, according to <a target="_blank" href="https://downloads.cloudsecurityalliance.org/initiatives/mobile/Mobile_Guidance_v1.pdf">a study by the Cloud Security Alliance</a>. "With the majority of 69 percent having a low maturity of policy from non-existent to partially addressing mobile device security and privacy controls it seems most organizations are still wrestling with some of the tougher privacy directives of BYOD owners and organizational data security on BYOD," the study noted. If there is a BYOD policy in place, the issue of discarding corporate data will depend on how the company set up the policy; if the employee turns off the carrier signal, the MDM agent on the device may alert IT, says Lingenfelter. In such a case, IT can contact the end user to asked what happened to the device and what they are planning to do with it. But in other situations, the employee will not know what to do and may just end up turning off the device and leaving potentially sensitive data on it. The bottom line, says Lingenfelter, is the company needs to have a policy, someone to enforce that policy and make sure users are aware of what the policy says. Fiberlink has issued a four-step process for deactivating a device:<ol><li>Notify Your IT Department Once you receive a new device and want to use it for your company's BYOD program, send your IT department a note and let them know you will be swapping devices.</li> <li>Transfer Corporate Materials to Your New Device Have your IT department quickly transfer all corporate materials from the old device to the new device through the MDM platform. If you don't have an MDM solution in place, ask your IT department to assist with transferring data, although this is more complicated and could take longer.</li> <li>Extract Personal Data from Your Devicee Once your corporate data has been transferred to the new device, remove and save all personal files. This can be accomplished with the native tools and back-up services of the operative system or the manufacture (e.g., Apple's iCloud or Google Drive).</li> <li>Erase all Remaining Personal and Corporate Data Fully decommission the old device by removing all personal and corporate data. Make sure to delete all data. Most devices have an option in the setting menu to perform a factory data reset, which will wipe the data completely. This can also be accomplished remotely by an MDM platform. Note: In some tablets and smartphones, you should manually remove the storage card and use it in your new device or erase the data from it as well.</li>2012-11-30T08:02:00Z911 Centers Not Ready For Mobile App EraSome of the latest public safety apps offer to let you send texts, photos and even videos to 911 centers. There's just one problem: They don't work. According to the National Emergency Number Association, 911 centers still live in the telephone era, not the Internet and smart phone era.http://www.informationweek.com/byte/personal-tech/911-centers-not-ready-for-mobile-app-era/240142891?cid=RSSfeed_IWK_AuthorsIf you tried to contact 911 using a public safety smart phone app during Hurricane Sandy and were unsuccessful, there's a good reason: Most of these apps don't work because many emergency call centers are not equipped to receive certain types of broadband communications. That's the message the <a target="_blank" href="http://www.nena.org/">National Emergency Number Association</a> (NENA), wants to make people aware of as it promotes new guidelines for mobile application developers. According to NENA, although there are several smart phone apps coming to market that are aimed at public safety and communications, and they "are developed with a high degree of creativity and innovation," they still "might not fully consider the impacts on 911 and public safety during the development process." <a target="_blank" href="http://apcointl.org/resources/app-developers.html">The Public Safety Considerations for Smartphone App Developers</a> is a joint venture between NENA and the <a target="_blank" href="http://www.apco911.org/">Association of Public Safety Communications Officials</a> (APCO). The guidelines give developers information on the Enhanced 9-1-1 technical architecture, along with operational limitations that might influence the development of smart phone apps. <img src="http://twimgs.com/informationweek/byte/news/2012-Nov/911-cell.png" /> "If you pick up your smart phone or any other phone and use a native telephony app to dial 9-1-1, that should, assuming there is no outage, get you to 911," said Trey Forgety, director of government affairs at NENA. "What becomes an issue is when a developer tries to build an app that extends the functionality of 911 beyond the functionality it was engineered for." For example, said Forgety, NENA has seen apps that claim to send text messages, photos or video to 911 centers. "The problem is existing 911 systems have no ability to receive those kinds of data. They're part of the telephone age, not the Internet age." He said a case in point was the attempted Times Square car bombing in 2010. The bombing was foiled because a citizen saw a suspicious parked van and called 9-1-1. "In that circumstance it could have aided the police, fire, bomb squad, etc., if the person was able to send a photo of the license plate, which could have been processed by automatic recognition systems," said Forgety. "And it would come up that this was a vehicle that had been flagged to be watched." That's a prime example of the need to provide that capability in order to enhance the richness of the call, he adds. Another compelling reason would be if a caller needed to reach 911 from his cell phone during a medical emergency. "If I call up and am barely able to speak, it would be helpful if the call taker was able to retrieve from the database medical information like, 'I'm allergic to penicillin or have high blood pressure.' Having that ability to retrieve information saves time." There are over 34 million Americans with speech or hearing disabilities and texting is their only or main way of accessing 911 services, according to NENA CEO Brian Fontes. Given that there are over 331 million wireless connections in the U.S. today, "We are now past the majority of these wireless devices being smart phones, and that number is growing exponentially," Fontes said. Users are increasingly moving away from voice as these broadband connections grow: Only one third of the traffic traveling over wireless networks is voice communications; two thirds is data, with people sending texts, videos and pictures. Yet, the technology is not keeping up with the times -- much of it is about 40 years old and primarily voice-centric communications. "In today's world most people communicate in a non-voice context," said Fontes, "so it's essential our 911 systems keep pace with 21st century technology to be able to receive information in the way sender is sending it." According to the guidelines, an improved, IP-based 911 communications system has been designed and is beginning to be implemented in some areas across the United States with the expectation that Canada will soon follow. Although the new "Next Generation 9-1-1 (NG9-1-1)" system has the capabilities to support voice, text, video, and additional data, many regulatory and funding factors are affecting how and when the new system will be available on a large scale, according to NENA. "In addition, standards developed in the Wireless Carrier environment may affect the timing of certain types of text support. As a result, NG9-1-1 will likely take 8-10 years to evolve across most of the USA & Canada," said the organization. Fontes said NENA is in talks with Apple, Google and other major mobile OS providers to discuss these issues. A spokeswoman for Skype said it is "not a replacement for a traditional phone and cannot be used for emergency calling." Forgety added that most app developers don't consider the fact that some 911 centers, also referred to as public safety answering points (PSAPs), do not have broadband data service at all or they are "severely limited" in data services available to their employees. There are examples of cases where app developers didn't understand a call taker would not be able to do something as basic as visit a website to enter a code, said Forgety, because they are restricted from using a browser at their work station inside a 911 call center. Some of those centers are located in police or fire stations. Others are standalone centers, he said. The hope is that developers pay close attention to the guidelines because "most of the apps we're seeing now coming onto the market came on without any input from the public safety community," so they have no relevancy as to how 911 centers operate, Forgety said. "It's a great idea that [they] support public safety, but because these apps were designed without reference to the capabilities and limitations of 911 systems and were designed quite reasonably assuming that a 911 system works like the rest of connected world, they often don't take into account the limitations." Given how the system works now, a very well-written VoIP app could, conceivably, connect a caller to 911. However, it would be very unlikely to convey accurate location information to the 911 system. Consequently, the call might not be routed to the correct 911 center, and even if it was, field responders such as police and fire fighters might not be able to find the caller in time. Some apps purport to allow callers to send text, photos, or video to 911 centers. In an extremely limited set of cases, where the app developer has arranged in advance with one or more 911 centers, this could, perhaps, work. However, current-generation 911 systems do not have interfaces, procedures, or equipment to handle these types of data. App users should be very clear, up front, about where and when an app can extend 911 functions based on this type of pre-arranged scenario. When a user is outside an app's coverage area, users should be aware that using an app could delay or prevent responders from reaching them.2012-10-29T11:01:00ZPhone, Tablet Insurance Set To FlourishWith the launch of the iPad Mini this week and overall tablet sales expected to skyrocket in 2012, industry observers say it's time to consider buying insurance for your devices.http://www.informationweek.com/byte/news/240010622?cid=RSSfeed_IWK_Authors[Correction: Due to miscommunication with Protect Your Bubble some of the numbers originally in this story were in accurate. They have been corrected below. With the launch of the iPad Mini this week and overall tablet sales expected to skyrocket in 2012, industry observers say the time has never been more ripe to consider purchasing insurance for your devices. Worldwide tablet sales are projected to reach 118.9 million units this year, a 98% increase from 2011 sales of 60 million units, according to Gartner. The fact that the Mini is a slender 7.9-inch tablet increases its portability, making it more likely to end up in pockets or purses -- and subjecting it to greater chance of being dropped. "This is going to be a device that doesn't sit at home and it's much more portable than 10-inch tablets so there will be much more risk of dropping it in travels," noted Chris Hazelton, research director of mobile and wireless at 451 Group. "Given that it's smaller and much less likely to be treated like a laptop ... that goes into your laptop bag, it may [instead] go into a purse or jacket pocket and these are not the best places for a device that is expensive." Even though tablets are not subsidized by carriers, the prices to replace them are hefty, especially for the Apple products. With smartphones costing upward of $400 to replace if they are damaged or lost before a consumer's contract with a carrier ends, insuring devices is a must, said Hazelton. The FCC is also doing its part to protect smartphone theft with the launch earlier this year of <a href="http://www.informationweek.com/byte/personal-tech/smart-phones/phone-stolen-fcc-protects-initiative-pro/232900382">its PROTECTS Initiative</a>, a newly-created database that records the International Equipment Identification (MEI) of phones that are reported stolen. Employees who take advantage of their company's BYOD policies and use their own devices at work also should have a contingency plan in place <a href="http://www.informationweek.com/byte/personal-tech/smart-phones/byod-warrior-have-contingency-plans-for/240003956">if it is not covered by their employer's insurance</a>. <img src="http://twimgs.com/informationweek/byte/news/2012-Oct/cracked-iphone.jpg" /> <a target="_blank" href="http://www.protectyourbubble.com">Protect Your Bubble</a>, a company specializing in gadget insurance, says 70% of the policies it writes is for smartphones and 30% is for tablets. The company, which launched in the U.S. earlier this year, won't divulge how many policies it has written, but Stephen Ebbett, president of Protect Your Bubble for Europe and North America, said it is in the "many thousands." The company has sold over 6,000 600,000 policies in the U.K. since it launched in Europe in 2008, he said. The company covers theft, damage, loss or mechanical breakdown and has a 24-hour turnaround to replace devices. Not surprisingly, Apple devices are hugely in demand and are more prone to theft, Ebbett said. In the U.S. "we had about a 400% rise in policies with the launch of the iPhone 5," he said, and he expects to see a huge uptick in policies now that the iPad Mini has launched. Samsung devices are also in demand, he added. Echoing Hazelton, Ebbett said he expects the Mini will create a "significant change in the way insurance for tablets occurs because of its size. We think it will behave more like a smartphone in insurance because it's much smaller and will be carried around a lot more ... therefore we feel it's lot more susceptible than a traditional tablet which lives in your laptop bag as opposed to your pocket, which is where we think the Mini will live." <img src="http://twimgs.com/informationweek/byte/howto/2012-March/razr-in-toilet450.png" /> He noted that the Mini also will be more of a target for theft because it starts at $329, while the Kindle Fire retails for only $199. Protect Your Bubble's price to insure tablets is $137.82 for two years with a deductible of $75. For consumers who opt to pay monthly, the cost is $93 for one year and $182 for two years $9.99 per month for all tablets. Consumers who are planning to insure a device for the first time should be mindful of deductibles, said Hazelton, and take into account where they are in the life of their smartphone contract. "If you're 12 or 18 months into your two-year contract for your smartphone [or] getting a new version of a phone that's a year and a half old, those considerations need to be taken into account," he said. "Paying insurance later in the contract for smartphones may not be worth it." It's worthwhile to insure tablets, he said, because the upgrade cycle is probably longer. Other insurers of mobile devices include <a target="_blank" href="http://www.squaretrade.com/">SquareTrade</a> and <a target="_blank" href="http://www.globalwarrantygroup.com/">Global Warranty Group</a>. According to a survey that Protect Your Bubble conducted in September of 300 people who stood in line to buy the new iPhone 5 in New York, the majority -- 51% -- said they would rather lose their wallet than their smartphone. 2012-10-18T17:32:00ZWill Isis Make Paying With Your Smart Phone Popular?The Isis digital wallet, a joint effort by Verizon Wireless, AT&T, and T-Mobile USA, is almost here, with trials set to begin at stores in Austin and Salt Lake City. Will this be the wallet that finally popularizes paying by smart phone?http://www.informationweek.com/byte/news/240009306?cid=RSSfeed_IWK_AuthorsYour phone might soon be all you need to pay for items at the store. Mobile wallet service Isis will conduct its first trials at several retail stores in Austin, Texas, and Salt Lake City on Oct. 22. <img src="http://twimgs.com/informationweek/byte/commentary/2012-Aug/Isis.png" /> Isis is a joint effort by Verizon Wireless, AT&T, and T-Mobile USA to develop a platform for making payments from mobile devices. Handsets that are enabled with a near-field communications (NFC) chip can communicate with checkout terminals to make payments at partnering merchants. To make a payment, you simply tap your NFC-enabled smart phone against the payment terminal. "By year end, as many as 20 Isis Ready handsets are expected to be [on the] market," Isis spokesperson Jaymee Johnson said in an e-mail, although he declined to name the devices it will be available on. First announced in 2010, Isis was expected to launch the mobile payment service earlier this year but experienced delays. The Isis electronic wallet will store information for credit and debit cards, loyalty cards, account details, and purchase records on the consumer's smart phone. Smart phones containing the NFC chip also have a security element to protect a consumer's credit card information. There are several <a target="_blank" href="http://www.paywithisis.com">merchants</a> in Austin and Salt Lake City that will use the Isis service. For Salt Lake City the website lists as participants several McDonald's, 7 Eleven, Rite Aid, Home Depot, Footlocker, and Macy’s locations. Some phone manufacturers, including Nokia and Samsung, already have begun to sell NFC-enabled handsets, although Apple opted not to include the NFC chip in the just released iPhone 5. Instead, it integrated Passbook, a precursor to a mobile wallet, in its iOS 6 mobile operating system. This has led some industry observers to speculate that mobile payments will not gain widespread adoption in the U.S. for a while yet. Isis also faces competition from several other mobile payment services including Google Wallet, Visa's V.me digital wallet, and Serve from American Express. Also, Discover announced in August that it is working on a deal to equip more than seven million merchants with PayPal in physical stores.2012-10-16T09:05:00ZBeyond BYOD: Enterprises Develop Apps For An AdvantageAccording to a Zenprise study, companies are developing mobile apps more strategically to increase revenue, reduce costs, and gain a competitive advantage.http://www.informationweek.com/byte/news/240009083?cid=RSSfeed_IWK_AuthorsWith BYOD initiatives firmly under their belts, enterprises are shifting their approach and are now focusing on using mobile apps more strategically to increase revenue, reduce costs, and gain a competitive advantage. Eighty-one percent of enterprises are planning to deploy custom enterprise mobile apps and 75 percent are planning to deploy mobile line-of-business apps, all in the next 12 months, according to a new survey by MDM provider <a target="_blank" href="http://www.zenprise.com/">Zenprise</a>. Of those mobile apps deployed, 52 percent will be for mission critical functions, the firm found. <img src="http://twimgs.com/informationweek/byte/commentary/2012-Aug/MDM_software.png" /> "Typically what we've seen in the last couple of years are organizations using MDM solutions to mobilize email and enable BYOD for employees and hook them up to the corporate network in a simpler use case to make employees happy and productive," said Amit Pandey, the CEO and president of Zenprise. Among the other findings, 41 percent of the more than 500 IT professionals surveyed said they will develop custom mobile apps internally, while 40 percent plan to will use a third party to develop them. While currently 57 percent of organizations deploy apps that are downloadable from a third-party apps store that number will drop to 45 percent in the next year. Pandey said examples of companies that have already deployed next-generation mobile apps include an air freight logistics company doing global scheduling on Samsung Galaxy tablets; a restaurant chain that has deployed several apps on iPads to optimizing seating and conduct training; and a home health care company that runs its mobile workforce on Galaxies to capture information about patient visits. In some cases, mobile apps are replacing internal apps. In other cases, they are supplementing traditional software, Pandey said. The survey also revealed that 23 percent of respondents reported generating a return on their investment for their mobile initiatives, according to Zenprise. Of those who said they saw monetary ROI, on average, every dollar spent on mobile returned $1.67, the company said. Competitive differentiation was cited most frequently (almost 32 percent) as the main benefit of mobile initiatives while 19 percent of respondents cited an increase in revenue. "Some of the comments were pointing to the fact that they're using mobile for business benefit; they talk about differentiation in the sales process and bringing the business closer to customers, which I found very telling," Pandey said. Not surprisingly, even while mindsets are shifting toward how mobile initiatives can increase the bottom line, organizations still view security as the most important capability in an app. Other providers in this space include MobileIron, Airwatch, and Symantec. 2012-10-08T11:55:00ZNFC: A Bust Already?Near field communications (NFC) is too expensive for most stores to implement, says one major point-of-sale vendor. Despite the fact that shipments of NFC-enabled devices should reach nearly 100 million this year, analysts are divided over whether retail will use it any time soon, especially now that the iPhone 5 has landed in stores without it.http://www.informationweek.com/byte/news/240008604?cid=RSSfeed_IWK_AuthorsThe head of marketing for one of the world's largest point-of-sale systems providers said he doesn't believe near field communications (NFC) will gain significant traction in the near term and will be just one payment option for consumers. "NFC is very cool and a nice technology, but there are technologies that are a lot cheaper," said Oren Betzaleli, executive VP and head of marketing and products for Israeli-based Retalix, whose retail technology powers POS systems for 10 out of top 30 global retailers and 13 of the world's largest grocery retailers. Special software or payment terminals are needed to communicate with NFC chips in smartphones, something many retailers have been leery to adopt. <img src="http://twimgs.com/informationweek/byte/news/2012-Sep/NFC-HID-1.png" /> Betzaleli's comments come after Apple launched the iPhone 5 without NFC technology and instead opted to promote its Passbook mobile payment app, which is available in the new iOS 6 mobile operating system. "One of the things we've been hearing for quite a while from the larger [retailers] is, although it is nice buzz and a nice gimmick ... to wave your phone in front of something, it's very uneconomical," said Betzaleli. "If a retailer banks on NFC, it needs to accept that a good portion of its customers will have NFC. There needs to be a business case and they are assuming ... the devices that will have them." According to Forrester Research, worldwide shipments of NFC-enabled devices will more than double in 2012 to nearly 100 million, although widespread use of the technology is still three to five years away in many countries. Yankee Group is more bullish on the technology, forecasting NFC-enabled transactions will exceed $355 billion worldwide by 2016. Implementing NFC will be extremely expensive even for the largest retailers, said Betzaleli, because it requires additional hardware in all checkout lanes. That translates to anywhere from $15 to around $50 per lane, and some of them have thousands of stores with 30 to 40 lanes. "The other cost is the cost of implementation, manpower, testing it, going into each store and sending teams in to do the deployment; this is the more expensive part of deploying physical retail apps in stores," said Betzaleli. It makes sense if there is a business case, but, Betzaleli maintains, there are too many less expensive options available for enabling the mobile wallet--options that don't require the user to hold all their sensitive personal information on their device, and which could also prove more lucrative for retailers. "There are so many alternatives to NFC that I'm not sure it will become mandatory," he said. "The world today is going to digital wallets" like Paypal. Another oft-cited example is Starbucks, which offers mobile payment with a swipe of the phone in a bar code format. Betzaleli believes cloud-based digital wallet services also will gain momentum, with credit card information being kept in the cloud rather than on a device. "You just have to identify yourself with a username and password and if you don't need to exchange card information it's more secure," he said. Large retailers might also opt for their own digital wallets, which would also require identifying yourself rather than passing card information along over and over. "The only thing left to communicate is between the phone and the store system, and you don't necessarily need NFC," Betzaleli said, because the information can be transmitted via a phone scanning code or GPS, which would know the store the consumer is in. Retalix has done implementations at a large convenience store chain in Israel and grocery chain in the UK where an iPhone is able to generate a code that is available for several seconds before it is voided, he said. That code is given to a cashier to enter into a POS system and both the phone and POS system communicate with the cloud. Betzaleli said Bluetooth also can be leveraged to connect to any type of payment service a retailer has, to send along a user ID and an authorization code, if the retailer has a digital wallet containing the person's credit card information--although he added that he isn't aware of any specific implementations. The cost difference between digital wallets and NFC can be significant, Betzaleli said, estimating that the latter can be as much as four to five times less for the retailer. "Adoption will be much easier because they won't depend on phones with NFC," he said.2012-09-26T08:00:00ZNFC Smartphones Replace Card Keys In Pilot ProgramSecure identity provider HID Global announced Tuesday it has completed two pilot programs that enable employees to open doors using near field communications (NFC)-enabled Samsung Galaxy S III smart phones. The trials were conducted at the headquarters of Internet subscription service Netflix and enterprise mobility provider Good Technology.http://www.informationweek.com/byte/news/240007950?cid=RSSfeed_IWK_AuthorsSecure identity provider HID Global announced Tuesday it has completed two pilot programs that enable <a target="_blank" href="http://www.hidglobal.com/main/media-center/releases/2012/09/hid-global-completes-worlds-first-series-of-nfc-enabled-smartphone-pilots-that-open-doors-in-the-ent.html">employees to open doors using NFC-enabled smartphones</a>. The pilots were conducted at the headquarters of Internet subscription service Netflix and enterprise mobility provider Good Technology. Good partnered with HID Global on a pilot deployment of digital keys that were provisioned over-the-air to its employees' smartphones and used to open doors in the company's headquarters in Sunnyvale, Calif. The purpose of the pilot was to explore the benefits of mobile access control technology and its potential for enhancing security as compared to Good's use of low-frequency proximity-based photo ID badges, while improving user convenience. <img src="http://twimgs.com/informationweek/byte/news/2012-Sep/NFC-HID-1.png" /> Beginning in August, Good provided 10 employees ranging from C-level executives on down, with Samsung Galaxy S III handsets that were equipped with a microSD card and a range extender from Device Fidelity inside the device. The Galaxy S III and most Android phones have a slot for a microSD card to extend the storage capability of the phone, but "in this case we're using the secure SD card with a secure element to do the heavy lifting to get this to work," said Chris Webber, senior product marketing manager for secure mobile platforms at Good, who was a pilot participant. "We did it this way because U.S. versions of the [Galaxy] S III phones... don't have access to the secure element built into those phones and this was the easiest way to run the pilot with our credentials and make it operate like a regular phone." The goal was to help HID determine whether there were any stumbling blocks to using mobile access control compared with photo ID badges. "The results were definitely positive," said Webber. "The only thing that needed to change was user behavior" to use the phone to get inside Good headquarters. "It did take a little bit of learning for people to unlock their phones." He said swiping a cell phone is more secure than using a badge because it requires two-factor authentication to get inside a building: a PIN to unlock the smartphone and then the HID Mobile Keys app to gain entry. "Any of these folks [remember] the old paradigm with a plastic badge who have forgotten them and have had to turn around and go back and do the embarrassing walk of shame up to IT or tailgate up to someone else," he noted. Because most people are accustomed to carrying their mobile phones with them at all times, Webber said it's one fewer thing to have to remember. Over 80% of the pilot users said the smartphone was more convenient to use than their current access card, and all said the look of the "door unlock" app on their phones was intuitive and easy to use. More than 83% of the participants said physical security at Good was improved by using a smartphone rather than a card to open unlocked doors; and 67% said other people who saw them using their smartphone to access the building expressed interest in learning more about how they could do it, too, according to Good. <div style="margin:0; padding: 0 0 5px 5px; width:210px; float:right; text-align:center;"><img src="http://twimgs.com/informationweek/byte/news/2012-Sep/NFC-HID-2.png" alt="BlackBerry doing NFC" hspace="0" vspace="0" border="0" /></div>At Netflix, the more than 1,000 company employees are not required to wear photo ID badges at corporate headquarters. Instead, the company controls building access using HID's low-frequency ProxKey keyfobs, which offer proximity technology in a pocket size device, according to HID. By enabling Netflix to grant new employees building access by sending digital keys over the air to the employee's smartphone, the employee on-boarding process would be more streamlined, HID said. Netflix also liked the idea of an access control solution that combined improved security with the convenience of opening doors with a smartphone, according to HID. Netflix offered employees the opportunity to affix HID's coin-shaped MicroProx Tags to their current mobile phone to gain entry to the building. The tag was held up to the reader in order to gain secure entry, HID said. During the mobile access pilot, 56% of the respondents were using ProxKeys and the other 44% were using MicroProx Tags. The mobile access pilot was conducted at a Netflix building that houses its data science and engineering facilities, finance, IT operations, and legal teams. Like at Good, employee participants were given Samsung Galaxy S III handsets which were equipped with an NFC-enabled microSD card and a DeviceFidelity range extender to store and emulate user credentials. "I love the idea of mutually authenticated reader-badges," said Bill Burns, director of Netflix IT networking and security, in a statement. "It reduces the threat of badge skimming and replay attacks." According to HID, more than 80% of the 16 participants found the application for unlocking a door to be "intuitive," and almost 90% described it as easy to use. About 75% said they would be willing to load the app onto their own smartphone, and about the same figure said they were questioned by other people who saw them using their device to enter the building and expressed an interest in it. Good's Webber said they are planning to continue the mobile access pilot and are hoping to extend it for other use cases. "What we're working on is figuring out when to leverage this secure technology to provide deeper encryption for corporate data and to leverage that secure element to store credentials to do more things." That might include the ability to store credentials on a mobile device that would provide or deny access to a hotel room and that deactivate the day someone checks out, he said. "It boils down to providing a secure way to protect corporate data and applications," said Webber, and "through our partnership with HID, we see this as extending out to not just protecting data, but physical offices and physical entry."2012-09-21T16:44:00ZAT&T Blocks FaceTime, Net Neutrality Complaint FiledAT&T is not allowing Apple's FaceTime on its network unless mobile users subscribe to the carrier's new Family Share plan. Public advocacy groups say AT&T's decision breaks the FCC's Open Internet rules.http://www.informationweek.com/byte/news/240007796?cid=RSSfeed_IWK_AuthorsAT&T is facing <a target="_blank" href="http://www.freepress.net/press-release/99962/public-interest-groups-file-net-neutrality-complaint-against-att-blocking">a formal complaint by public advocacy groups</a> Free Press, Public Knowledge, and New America Foundation's Open Technology Institute for allegedly violating net neutrality by blocking well-known video chat application FaceTime. The groups informed AT&T they will be filing the complaint with the Federal Communications Commission in the next couple of weeks. Anyone filing a formal complaint is required to give at least 10 days' notice of their intent to file, under the FCC's Open Internet rules, which prohibit companies from blocking these types of applications on their mobile networks. <a target="_blank" href="http://www.fcc.gov/guides/open-internet">The rule</a> allows "...limited exceptions for 'reasonable network management.'" The complaint comes on the heels of Apple releasing its new iOS 6 operating system, which lets customers use FaceTime over mobile networks on the iPhone 4S, iPhone 5, and its third-generation iPad. Use of FaceTime previously was limited to Wi-Fi connections. Unless customers subscribe to one of AT&T's new Family Share plans, they will be unable to use FaceTime via mobile devices. "AT&T's decision to block FaceTime unless a customer pays for voice and text minutes she doesn't need is a clear violation of the FCC's Open Internet rules," said Free Press policy director Matt Wood, in a statement. "It's particularly outrageous that AT&T is requiring this for iPad users, given that this device isn't even capable of making voice calls. AT&T's actions are incredibly harmful to all of its customers." By comparison, AT&T competitors such as Verizon and Sprint allow use of FaceTime and count any data usage toward the allotment in a subscriber's monthly plan. In 2010, the FCC passed rules that AT&T cannot block apps that compete with the carrier's traditional voice-calling service. At the time, AT&T argued that the FCC's neutrality rules don't apply to apps that come pre-loaded on devices. FaceTime has been a part of Apple's iPhones since the iPhone 4 was introduced in 2010. AT&T did not have an immediate response. But the carrier maintains the rules address "whether customers are able to download apps that compete with our voice or video telephony services,'' according to Bob Quinn, AT&T's senior VP of Federal Regulatory and Chief Privacy Office, in a blog post last month. "AT&T does not restrict customers from downloading any such lawful applications, and there are several video chat apps available in the various app stores serving particular operating systems." <img src="http://twimgs.com/informationweek/byte/news/2012-Sep/facetime-logo.png" />2012-08-29T20:19:00ZSamsung Announces Windows 8 Phone, PC and TabletSamsung announced a new line of Windows 8-based devices under the ATIV brand Wednesday, including the first publicly-revealed Windows Phone 8 smartphone. The company said the lineup will include the Samsung ATIV Smart PC and ATIV Smart PC Pro, an ATIV tablet and ATIV S smartphone.http://www.informationweek.com/byte/news/240006499?cid=RSSfeed_IWK_AuthorsSamsung Electronics Co., Ltd., announced a new line of Windows 8-based devices under the ATIV brand Wednesday, including the first publicly-revealed Windows Phone 8 smartphone. The company said the lineup will include an 11.6-inch Samsung ATIV Smart PC and ATIV Smart PC Pro, a 10.1-inch ATIV tablet and ATIV S smartphone weighing 8.7mm, and a 4.8-inch HD Super AMOLED display. <img src="http://twimgs.com/informationweek/byte/news/2012-August/Samsung-ATIV-Smart-PC-Pro.jpg" /> The announcements were made during a webcast at the IFA trade show in Berlin, <a target="_blank" href="http://www.informationweek.com/byte/news/personal-tech/smart-phones/240006486">where the Samsung Galaxy Note II was also unveiled</a>. ATIV is the reverse order of VITA, which means life in Latin, Samsung said. "With our leadership in design and technology and Microsoft's leadership in operating systems, together we are able to provide customers with a full range of ATIV devices for cross-category convergence," said Seong Woo Nam, executive vice president of IT Solutions Business at Samsung Electronics, in a statement. The Intel-based ATIV Smart PC and ATIV Smart PC Pro will feature a detachable keyboard docking system, giving users the ability to switch between a clamshell notebook PC and a tablet PC form factor. Both will also come with a 10-finger multi-touch screen, giving users the ability to do pinch-to-zoom, rotate images and scroll through pages, Samsung said. The devices will also be equipped with front and rear-facing cameras, an S Pen for writing and drawing capabilities and an S Player for playback of images and videos in any format. Both will have an 11.6-inch Full HD LCD display. The ATIV Smart PC is 9.9mm thick and has a battery life of up to 13.5 hours. The Smart PC Pro weighs 11.9mm and has a battery life of up to eight hours. The ATIV Tab is equipped with an 8,200 mAh battery, a 1.5GHz dual-core processor and HSPA+42 connectivity. The ATIV S has a 1.5Ghz dual-core processor, 1GB of onboard RAM, and an 8MP autofocus rear camera and 1.9MP front-facing camera. It will be available with either 16GB or 32GB of storage, a MicroSD slot and a 2300mAh battery. <img src="http://twimgs.com/informationweek/byte/news/2012-August/Samsung-ATIV-S-Windows-8-Phone.jpg" /> Samsung did not reveal pricing information or a release date for the devices, but some rumors suggest T-Mobile may get the initial release due to the HSPA+ support and lack of LTE connectivity. News of more Windows Phone 8 devices is expected next week when Microsoft and Nokia will hold an event in New York where the Finnish phone maker is expected to unveil its first Lumia phones based on the OS. "This is just the first in a big lineup of new hardware that’s coming with Windows Phone 8, but it’s a seriously impressive opening salvo," <a target="_blank" href="http://windowsteamblog.com/windows_phone/b/windowsphone/archive/2012/08/29/this-is-the-samsung-ativ-s-the-first-of-many-amazing-windows-phone-8-devices-coming-this-year.aspx">blogged Ben Rudolph on the Windows Phone website.</a>2012-08-27T13:30:00ZEvernote Smart Notebook Helps Digitize Handwritten NotesThe new Evernote Smart Notebook--the paper kind, not computer--lets you jot notes and sketches, then snap a picture of the page to easily digitize it for use in the Evernote app. At its second annual Trunk Conference Friday Evernote also introduced a new business service that makes the app easier for companies to adopt.http://www.informationweek.com/byte/news/240006225?cid=RSSfeed_IWK_AuthorsEvernote CEO Phil Libin made two key announcements at the company's second annual Trunk Conference on Friday in San Francisco. In the first, he announced that Evernote is partnering with Italian stationery company <a target="_blank" href="http://blog.evernote.com/2012/08/24/the-new-evernote-smart-notebook-by-moleskine/">Moleskine</a> to develop a limited-edition notebook--the paper kind, not the computer kind--called the Evernote Smart Notebook. The notebook's paper is specially designed so that when you take a snapshot of your handwritten notes and sketches with the Evernote iOS app, they are turned in digital files. <img src="http://twimgs.com/informationweek/byte/commentary/2012-Aug/Evernote_moleskine_pagecam3.png" /> The Smart Notebook will be available in both ruled and squared page styles optimized to work with Evernote's new Page Camera feature. "The Page Camera automatically corrects perspective and improves the contrast between the ink or graphite" to create a viewable, searchable, shareable notes, according to the company. The Moleskine notebooks will come with a set of multi-colored, predefined, and customizable Smart Stickers. Users can apply the stickers to pages in the notebook, and when they take a photo of those pages, the app will recognize and associate it with tag, or place it in an Evernote notebook specified in settings. The Evernote Smart Notebook will be available in large and pocket sizes for $29.95 and $24.95, respectively, on Oct. 1. The company also announced that upgrades are available for the iPhone and iPad Evernote apps, including the new Page Camera functionality. Another upgrade: Evernote Clearly, the browser extension that simplifies Web pages for easier reading in Evernote, now has a "related notes" feature that displays links related to that Web page. In another announcement, the company said it will launch <a target="_blank" href="http://blog.evernote.com/2012/08/24/evernote-business-coming-to-your-office-this-december/">Evernote Business</a> to help small- and medium-sized businesses create, collaborate and exchange ideas across their organizations. The service will enable SMBs to easily save, sync, and find Evernote information across desktop, mobile, and tablet devices, the company said. <iframe width="452" height="254" src="http://www.youtube.com/embed/wVIhiIkMzBk" frameborder="0" allowfullscreen></iframe> "As we grew from a small startup into a global, 200-employee business, we realized we needed to develop a product that allowed us to more easily share information with groups, improve the on-boarding process, and ensure that business data ownership was clearly defined,'' said Libin in a statement. Features of the service will include the ability to create a directory of notebooks that can be shared; a centralized console for administrators to review and manage user access and permissions; and full ownership over data in users' personal notebooks. The service will be available in December for $10 per user per month. 2012-08-13T03:30:00ZSophos Mobile Control Upgrade Monitors BYOD, iOS AppsSophos's latest version of Mobile Control secures BYOD as well as corporate-owned devices. Sophos Mobile Control competes against system management vendors such as IBM, BMC and Microsoft; security vendors such as Symantec, Trend Micro and McAfee; pure play MDM vendors such as Mobile Iron and AirWatch; and mobility vendors such as Good Technology, SAP, RIM, and Motorola.http://www.informationweek.com/byte/news/240005340?cid=RSSfeed_IWK_AuthorsSecurity software provider Sophos has introduced an enhanced version of its Mobile Control product, which it says provides improved risk mitigation features, including the ability for IT to remotely wipe a corporate device if an employee leaves a company or does not comply with its security policies. It's no surprise that IT wants to rein in control of consumer devices as the BYOD phenomenon continues to sweep across enterprises. <img src="http://twimgs.com/informationweek/byte/news/2012_June/BYOD_Byte.jpg" /><div style="margin:4px 0 0 0; padding:0; color:#990000; font-weight:bold;font-style: roman; text-align:right;">Image courtesy of <a target="_blank" href="http://www.flickr.com/photos/ajleon/">ajleon on flickr</a></div> The Sophos Mobile Control 2.5 version also provides support for iOS-managed apps to give IT the ability to connect corporate or mandated apps to their MDM product and then push them to the employee's device. "It is no longer enough for businesses to just control their own devices," said Matthias Pankert, VP of product management, mobile data protection, at Sophos, in a statement. "They must now make sure that all devices, regardless of whether they are corporate or personal, are protected and secured and meet the corporation's security standards," he said. The software's admin console enables such apps as well as any related data to be deleted. For example, if an employee becomes non-compliant, the product will alert IT so the administrator can send messages to the user for minor violations, according to Sophos. The administrator can configure a set of tasks for more serious incidents that can be applied automatically, such as wipes or policy changes to avoid any risk to corporate data. The 2.5 version also has optimized workflows so many common tasks can be completed with one click, the company said. Integration with the existing IT infrastructure is simple because the new version supports the use of directories including Microsoft's Active Directory, so newly registered devices can be automatically assigned to existing groups and associated policies can be applied, according to Sophos. Today's MDM products must take BYOD devices into consideration and be able to support multiple OS types. "From a security perspective, BYOD devices present new threats because end users are using them for both corporate use and personal use and some of the things they do as a consumer can have an effect on their company," said Stacy K. Crook, a senior analyst at IDC's Mobile Enterprise Research. For example, an employee who downloads a consumer app containing malware to his device infects not only the device itself but can compromise information in their business applications, Crook said. Therefore, it's critical for MDM products to be able to whitelist or blacklist applications so that end users aren't allowed to download certain apps the company deems as risky, Crook said. "As a company, I need a way to ensure that only devices that are compliant with company policy can connect to the network," said Crook. "Perhaps a jailbroken device is considered out of compliance, so an MDM solution can detect that and block access." Earlier MDM products were more focused on basic features such as asset/inventory management, remote control, configuration management, some software distribution, and remote wipe and lock, Crook said. By comparison, today's MDM products also have those features but add a heavy focus on security. "Things such as compliance management, password/encryption management, identity and access management, and granular application management have become must-haves for Mobile Enterprise Management vendors," said Crook. The mobile enterprise management space is a crowded one, she said. Sophos Mobile Control competes against system management vendors such as IBM, BMC and Microsoft; security vendors such as Symantec, Trend Micro, and McAfee; MDM vendors such as MobileIron and AirWatch; and mobility vendors such as Good Technology, SAP, RIM, and Motorola. 2012-08-06T12:06:00ZTransition From BlackBerry To Multiple OSes Requires PlanningSwitching from Blackberry to multiple OSes including iOS and Android isn't just a matter of buying different phones. Enterprises need to plan for how they're going to manage expenses, security, and applications for multiple mobile platforms.http://www.informationweek.com/byte/news/240004992?cid=RSSfeed_IWK_AuthorsAs if it weren't enough of a challenge dealing with the BYOD phenomenon on top of corporate-issued smartphones in the enterprise, now mobile device management (MDM) plans need to be re-examined as iOS and Android are being widely embraced--while Blackberry use is on the decline. Although Blackberry maker Research in Motion insists the company still has a future, some companies aren't hedging their bets and are setting up contingency plans in event of a RIM collapse. Boston-based Suffolk Construction Co., for example, has been a RIM customer for over a decade but is now <a target="_blank" href="http://articles.latimes.com/2012/jul/20/business/la-fi-blackberry-woes-20120720">planning to switch most of its 700 employees using Blackberry devices to iPhones</a> by year's end. As companies ponder their future MDM plans, there are a number of issues they need to consider, including renegotiating mobile plans, deactivating unused Blackberrys, and securing iOS and Android platforms and policies around app downloads, industry observers said. When companies first began implementing BYOD policies, they were mainly focused on opening up access to corporate email, but now, with employees bringing iPads to work and expecting to be able to download documents on them, the parameters are changing, said Dave Snow, chief marketing officer at <a target="_blank" href="http://www.xigo.com/">Xigo</a>, an enterprise expense management company focused on network communications. "Blackberrys were corporate issued and policies were set... before apps existed," said Snow. "Now what's happening is, as new devices are coming in, it's forcing organizations to look back and reflect on these policies and how they're going to act going forward." With iPhones, iPads, and Android devices starting to be used more frequently, companies need to lay a framework for employees who plan to use personal devices as work tools interchangeably. "We're starting to see a full transition to fully corporate-issued iPhones and iPads and Android devices, and it's a catalyst to get companies to ratify expense and security polices," Snow said, because "the lines are being blurred. They need a consistent set of policies on expense management and security and how they're going to let users use these devices." Tyler Lessard, chief marketing officer at mobile security and risk management provider <a target="_blank" href="http://fixmo.com/">Fixmo</a>, said its customers across vertical markets are planning to support additional device platforms. "If they have 1,000 Blackberrys deployed, they're not ripping them out; they're expecting the next 500 devices to be something else. So it tends to be complementary...they're not decommissioning Blackberrys by any means." Echoing Snow, Lessard said the real change now is that the standard MDM policies that were built around allowing basic things such as access to email is no longer enough, because smartphones are becoming mission-critical business tools, and securing other platforms is trickier than it is on Blackberrys. Snow concurred, noting, "They're transactional devices, they access the network [and they] contain key customer and business information, so they're full-fledged citizens on the corporate network. So in that context [customers] say, 'We can't afford for things to go wrong any more'" when it comes to a lost or stolen device or app that might not work properly, because that could effectively put an employee out of work for that day. There are four areas companies should look at as they transition to supporting additional platforms, said Lessard: expense, security policies, and applications. -- Expense. Companies need to figure out whether they will pay for both data and voice plans on these devices--and, if they are footing the bill, are they going to attempt to separate out personal from work expenses. Will text plans be allowed and will employees be allowed to purchase third-party apps such as ring tones? "With Blackberrys, companies simply picked up the tab for that, but now it's starting to change," said Lessard. "Because they're starting to be phased out and employees are choosing to carry one smartphone as opposed to two, as that happens they're being pushed into this position." Even though some employees have used corporate Blackberrys for personal use, Lessard said it's been perceived as the norm by enterprises. -- Security policies. Whereas security on Blackberrys was "a no-brainer" because end-to-end encryption was included out-of-the-box, Lessard said, automatically ensuring corporate data was encrypted, "Android and iOS don't have that by default. So organizations need to figure out... if they need additional third-party software solutions to provide encryption and compliance." -- Applications. Many of Fixmo's largest customers have invested quite a bit in the past several years on developing apps for Blackberry devices for sales force and business reporting tools, said Lessard. "So the question is, as employees move over to Androids and iPhones, how prepared are organizations to deal with specific apps? Are those apps ready for other platforms if they were built in-house? So you need to plan for that, because some are mission critical, and if a sales rep suddenly moves to Android and their CRM app isn't available, that could be a big issue for their productivity." For enterprises thinking about making changes in platform support, "you can break down the problem to device management, application management, data and security management, and mobile worker support," Snow said. The first step is to recognize that this is a permanent change; all of the enterprise IT infrastructure is using or supporting mobile, he said. "So don't say this is a project I need to deal with this year. This is changing the ball game completely. The last mile for IT is the disconnected network." Also think about how platform support changes will affect the IT infrastructure, as well as employees, and how they will be supported by defining and limiting choices, he advised. Finally, the easiest way to measure progress is to know where your expenses are. "It's what powers the equation. So when thinking about costs associated with procurement plan management, the number of devices, and the types supported, they can be related back to dollars, i.e. the cost to enterprise." If enterprises can't track these costs, they will definitely overspend, Snow said, noting that most organizations overspend by a range of 10% to 20%. Organizations need to act fast, he added. "Smart phones in the enterprise is the fastest change in enterprise IT I have ever seen," he said, "even more than the Internet itself, because it is impacting day-to-day work. It's really taken 20 years for the Internet [in the] enterprise to be as important as it is today. Smartphones have gotten to the same place at absolute light speed."2012-07-28T12:27:00ZWill Olympics Streaming Video Take Your Network Down?If Michael Phelps swims his way toward medal history, people will be able to see it as it happens on their computers. For the first time, NBCUniversal is streaming live all 302 events and all 32 sports of the Olympics. Can your network handle it?http://www.informationweek.com/byte/news/240004518?cid=RSSfeed_IWK_AuthorsIf Michael Phelps swims his way toward medal history during the upcoming Olympic Games, employees will be able to see it as it happens, because for the first time, NBCUniversal is streaming live all 302 events and all 32 sports. That is, if it doesn't wreak havoc on corporate networks. "When it comes to watching the Olympics, it's like watching a point-to-point conversation over the network, so if 500 people in a company are watching the same exact thing, and if one stream takes a few megabytes per second, that's pretty much consuming most of your bandwidth," said Sanjay Castelino, VP of product marketing and strategy at network management tools provider <a target="_blank" href="http://www.solarwinds.com/">Solarwinds</a>. Even before the summer games began, bandwidth consumed by streaming media on corporate networks tripled from 4% in 2011 to 13%, according to <a target="_blank" href="http://media.paloaltonetworks.com/documents/Application-Usage-and-Risk-Report-9th-Edition.pdf">a June 2012 study of over 2,000 organizations worldwide</a> by <a target="_blank" href="http://www.paloaltonetworks.com/">Palo Alto Networks</a>. This "now represents a more significant infrastructure challenge to organizations," the study said. <a target="_blank" href="http://twimgs.com/informationweek/byte/news/2012-July/palo-alto-networks-streaming-media.png"><img src="http://twimgs.com/informationweek/byte/news/2012-July/palo-alto-networks-streaming-media-452.png" /></a><div style="margin:4px 0 0 0; padding:0; color:#990000; font-weight:bold;font-style: roman; font-size: small; text-align:right;">Palo Alto Networks' Application Usage and Risk Report, vol. 9. Streaming video application bandwidth consumption comparison. (Click image for larger version)</div> The increase in streaming video--without any significant events going on --obviously affects work-related applications employees might be using, not to mention operational and productivity costs. What's a network administrator to do? San Francisco-based <a target="_blank" href="http://bleacherreport.com/">Bleacher Report</a> says it's ready. The third most-visited sports media site in the country, Bleacher Report received over 50,000 requests per minute (RPM) at its peak during college basketball's March Madness season, up from its average of 60 million to 70 million visits and over 650 to 700 page views during that period. VP of engineering Sam Parnell said they expect to see an increase in traffic of at least two to three times above the normal amount for the Olympics. As a result, Bleacher Report has already increased its infrastructure by 25% to handle the spike, Parnell said. The site is using Web performance company <a target="_blank" href="http://newrelic.com/">New Relic</a> to monitor traffic spikes in real-time and tweak network performance in order to stay up and running efficiently. It also uses cloud-based <a target="_blank" href="http://aws.amazon.com/ec2/">Amazon EC2</a> servers, "so it's easy to add more on demand." Because the company was in its initial stages four years ago, officials haven't been able to benchmark this year's games on previous Olympics. But the record-breaking traffic they saw during March Madness "...is now normal, day-to-day traffic for us," said Parnell. During the Olympics, he said they will be closely monitoring every aspect of the site, including response time, where bottlenecks might be occurring, and how fast pages are loading. "We can add a significant amount of service to our infrastructure in 15 to 30 minutes," he said, adding, "I hope we won't have to react like that." Corporate networks will be in good shape if IT administrators have been proactive about "white-listing access to third-party cloud apps, like Salesforce," limiting access to certain types of streaming media content, and restricting bandwidth usage by employees, noted Jennifer McClain, senior product manager at <a target="_blank" href="http://www.compuware.com/application-performance-management/compuware-apm.html">Compuware APM</a>, which is working with several media outlets covering the games. Compuware's Gomez Streaming Monitoring tool lets sites "monitor the performance of streaming media and reports both on the availability of that streaming media as well as quality of service as it is experienced by end users," McClain said. Reporting metrics include startup time--how long it takes before the stream is usable--and rebuffering, so a company can understand how frequently users experience the need to preload any streaming media. "Those are two metrics from an end user point of view that play heavily into the overall quality of the user experience." For Castelino, it boils down to two words: prioritize traffic. "If you don't do traffic prioritization and don't monitor how your network capacity is being used you will almost certainly run into issues." That goes for remote offices, too. Even if IT tries blocking NBC's site and other media outlets, chances are employees will find other places to stream content during the games. "So it ends up as a game of cat and mouse where you're trying to block more things that consume bandwidth," Castelino said, "so most network guys will stay away from that and set up priorities instead. "It's easier to keep giving employees access to the Web, but give that access on a best-efforts basis, which says, 'I'm going to give priority to all the key applications for the business, and whatever's left over you can use.'" It's not just corporate IT that needs to think about traffic and bandwidth issues. Off the corporate network, performance is also based on the reliability of local ISPs as well as mobile carriers, McClain noted. And the media sites themselves that are providing the streaming media "need to offer enough of a variety of bit rates for the Olympic streams so users with lower download streams can actually access the streams," she said. "A lower bit rate might sacrifice the overall quality but it significantly reduces the amount of rebuffering individual users' experience." During the Superbowl, for example, McClain said the reviews for NBC, in particular, "were not so great." NBC is now partnering with CDN provider Akamai to provide a better experience in multiple locations. Parnell's focus has already moved beyond the Olympics. "Looking at the next six months we're into NFL preseason, then the regular season and then the NBA. I'll get to breathe again in February, just in time for March Madness." 2012-07-24T16:16:00ZMobile Developers Prefer iOS Over AndroidMobile developers would rather create apps for iOS than Android, according to the Appcelerator/IDC Q2 2012 Mobile Developer Report. Why? Android has done a poor job of courting the enterprise with mobile device management solutions.http://www.informationweek.com/byte/news/240004275?cid=RSSfeed_IWK_AuthorsMobile developers are far more interested in developing apps for iOS than Android, according to a survey of more than 3,600 Appcelerator Titanium developers. <img src="http://twimgs.com/informationweek/byte/news/2012_June/BYTE_appcelerator_developer.png " /> According to the <a href="http://www.appcelerator.com/form/forms/www/survey-2012-q2-download">Appcelerator/IDC Q2 2012 Mobile Developer Report</a>, Apple's mobile platform has a 16% lead over Google's platform. Fifty-three percent of respondents said iOS will win in the enterprise; 37% think Android will. The findings are significant because in the third quarter of 2011 developers put the two platforms in a dead heat at 44% each. "Enterprise mobile app developers are quickly souring on Android," said Scott Ellison, VP of Mobile & Consumer Connected Platforms at IDC, because there is "too much fragmentation, too much malware and a sense that Apple is better suited to the enterprise." "Android has not done a great job at courting the enterprise … whereas Apple has, working with MDM vendors to get better security on devices," said Michael King, director of enterprise strategy at Appcelerator. Apple also has "put a ton of effort into appealing to its enterprise client base" on its website, with things like a step-by-step manual on how to deploy iOS in the enterprise and cases studies on companies that have done so. Other reasons for the increasing strength of Apple in the enterprise include the iPad's popularity, the greater threat of malware attacking Android, and the challenges enterprises face dealing with Android fragmentation, said King. The survey results also showed "remarkable consistency" among both business-app-focused developers and consumer-app-focused developers. Among business app developers, the survey found that 53.3% prefer iOS compared to 35.5% who prefer Android. Among consumer app developers, 53.6% prefer iOS and 37.9% prefer Android. The news for Google was not all bad. The Q2 report notes that "the noticeable erosion of developer interest in Android over the last four quarters … seems to have been arrested." The Appcelerator/IDC survey attributes that to the huge growth of Android device shipments, especially handsets, and the fact that they have more affordable price points, which outweighs the Android ecosystem fragmentation and monetization issues. "They've slowed the fragmentation a little with Ice Cream Sandwich and continuing with Jelly Bean and automated updates of the OS," said King. "So it's a combination of factors; those, plus the fact that Google has made it more consistent and [easier] for developers to monetize apps than in the past." "If they continue to attack the fragmentation problem and they continue to drive the audience of devices" and make apps available across different Android makers, the platform can stage a comeback, said King. Sixty-three percent of respondents cited multiple operating systems as the biggest challenge they face when developing mobile applications, followed by multiple device classes (51%), and learning many languages (49%). Although the Q2 report's findings don't paint a positive picture for Android, the mobile enterprise market remains fluid, and the full effect of Google's recent acquisition of Motorola Mobility has not been fully felt in the market. Looking ahead, there will be particular interest in "enterprise reaction to, and potential adoption of, Windows-based mobile devices," given developers' optimism about Windows 8 tablets and phones, setting up what will be "the next battle among operating systems," said the study. Microsoft needs to do three things to gain the number-two mobile OS slot among enterprises, said Ellison: "make it easy to port PC-based Windows software to Windows tablets and smartphones; sell enough Windows phones and tablets to make an impact in the BYOD (bring your own device) enterprise space; and be much more direct in contrasting the risks/benefits between Android and Windows in the enterprise."2012-07-16T11:31:00ZMobile Devices Raise IT Labor CostsThink BYOD smart phones should lower IT costs? Think again. IT labor costs per user for managing mobile devices are expected to rise from $229 in 2011 to $339 in 2013, according to survey.http://www.informationweek.com/byte/news/240003762?cid=RSSfeed_IWK_AuthorsAn independent study on mobile device management (MDM) finds that although smart phone penetration continues to rise in the workplace, so too does the annual IT labor cost. The study, by Osterman Research, found that IT labor costs per user related to managing mobile devices are on an upward path, from $229 in in 2011 to $294 in 2012, with a projected increase to $339 in 2013. Smart phone penetration in mid-sized and large organizations in North America will reach 50% by 2013, said Scott Gode, VP of product management and marketing, at unified communications provider Azaleos, which sponsored the survey. Forty percent of IT respondents using MDM platforms use Blackberry Enterprise Server (BES), according to the survey. "Obviously that platform doesn't have legs to grow... so [organizations will] have to migrate to some other platforms, so there will be costs associated with the new platforms and new hardware and associated training costs for IT personnel," said Gode, "as well as potentially new hiring to manage and monitor that new MDM platform." Among organizations that have not yet deployed an MDM platform, 32% of respondents said they will in 2013, and another 24% plan to in 2014. The main reason cited for deploying MDM was concern over the loss of intellectual property, he said. Even if organizations standardize on one platform, MDM costs are still expected to rise, due to the increased functionality mobile operating systems bring, he said, and the associated policies IT needs to create in order to manage the device. But one-quarter of organizations noted that they have not had a sufficient number of smartphones in use at work to justify the effort involved in deploying an MDM solution, according to the study. Another 21% indicated that MDM solutions have been too expensive to deploy, and an equal number said there is not enough value in MDM platforms to justify the cost of deploying them, the study found. The biggest MDM challenges, respondents said, are the setup and deployment of mobile devices and training end users on how they are configured, as well as troubleshooting the devices. Tasks associated with security--such as remotely wiping devices that are lost and stolen, adding and removing employees from the system, and making sure the devices weren't jail broken--also were cited as major challenges. There appears to be a trend toward choosing a cloud-based MDM product, Gode said. The top three reasons cited were ease of administration and maintenance (69%); predictable/reduced costs (39%) and not wanting to use internal IT staff resources (21%). "The new MDM vendors have created their products in such a way that there is no feature drop-off if you choose cloud [versus] on premise," he said. The study, conducted in February, was comprised of 117 companies with an average of 7,000 employees using 5,000 or more smartphones.2012-07-12T19:00:00ZEPEAT Customers React to Apple's WithdrawalIt's not clear whether the impact of Apple's decision will affect sales materially. retina, glue, e-recycling, environment, Ford, KPMG, Kaiser Permanente, DOE, Department of Energy, Pennsylvania, BYOD, San Franciscohttp://www.informationweek.com/byte/news/240003646?cid=RSSfeed_IWK_AuthorsReaction has been lukewarm to the news that <a href="http://www.informationweek.com/byte/commentary/personal-tech/notebooks/240003404">Apple has removed its 39 laptops and notebook entries from the Electronic Product Environmental Assessment Tool (EPEAT)</a>, a voluntary registry promoting greener electronics, of which it is a founding member. <a target="_blank" href="http://www.epeat.net/">EPEAT</a> was developed jointly by manufacturers, universities, government agencies and activist groups to certify that electronics products are recyclable and have higher energy efficiency. <img src="http://twimgs.com/informationweek/byte/news/2012-July/epeat-logo.jpg" /> Apple hasn't made its reasons known publicly, but reportedly made the move because it began increasing the use of glues rather than fasteners in assembly. They are also using the high-resolution Retina Display, which provides a much crisper screen but adds more energy consumption to devices. Both make devices <a href="http://www.informationweek.com/byte/commentary/personal-tech/notebooks/240002204">very difficult to repair and recycle</a>. <a target="_blank" href="http://www.epeat.net/purchasers-and-rfps/">Organizations which have policies to require EPEAT compliance</a> include Ford Motor Co., KPMG and Kaiser Permanente, in the private sector, as well as several universities and federal, state and municipal agencies. The U.S. government requires that 95% of the electronics purchased by its agencies be certified by EPEAT. Both Ford and the Department of Energy declined to comment on Apple's decision. According to the DOE, environmental benefits of EPEAT purchasing in FY11 included an energy savings of 50 million kilowatt hours and a projected cost savings of $4.8 million. "That doesn't really have much of an effect on us since we don't use Apple computers or laptops and we're basically a Microsoft shop," said Dan Egan, a spokesperson with the Office of Administration for the Commonwealth of Pennsylvania, which is listed as an EPEAT member. "There are some iPads for some field inspectors and... some used individually under our BYOD policy, but we're not big users of Apple products." In terms of purchasing electronics going forward, Egan said, "the state supports green technology and energy efficient products," and has required that state agencies use energy efficient computer products since 2008. Apple's decision reportedly prompted officials with the San Francisco Department of Environment to state that letters would be sent out in the next couple of weeks informing all 50 of the city's agencies that Apple laptops and desktops can no longer be purchased with city funds. But in the big picture, Apple's move is not expected to have a significant impact on its business, according to David Daoud, research director, PCs and Green IT, at IDC. "EPEAT tends to be a program catered to the federal government and has essentially had a limited... broad commercial impact," he said. "Apple is very strong in the consumer market and EPEAT plays no role there." Yet, there is evidence that Apple has been making headway in the enterprise. Almost half of corporations have issued Macs to some employees, especially managers and executives, and <a target="_blank" href="http://blogs.forrester.com/frank_gillett/12-01-26-apple_infiltrates_the_enterprise_15_of_global_info_workers_use_apple_products_for_work_0">plan a 52% increase in 2012</a>, according to Forrester Research. Daoud said Apple is bound to find some resistance from buyers who aren't happy about the decision, but believes it needs only to have "a PR discussion" as to "why they're not being environmental. If you're Apple you have to look at the implications of certifying every single product. As much as I'd love to say it's a bad move, the financial guys are looking at it differently." 2012-06-22T12:13:00ZTroops' Android Devices Put In Virtual Security 'Bubble'Defense Advanced Research Projects Agency awards $21.4 million contract to security software firm Invincea to protect Android-based smartphones and tablets in the field.http://www.informationweek.com/byte/news/240002499?cid=RSSfeed_IWK_AuthorsThe U.S. Department of Defense's <a target="_blank" href="http://www.darpa.mil/">Defense Advanced Research Projects Agency (DARPA)</a> and the <a target="_blank" href="http://www.arl.army.mil/www/default.cfm">U.S. Army Research Laboratory (ARL)</a> have awarded a $21.4 million contract to security software firm <a target="_blank" href="http://www.invincea.com/">Invincea, Inc.</a>, to secure Android-based smartphones and tablets for the military. "Today, we have 3,000 to 4,000 users in an ongoing program in Afghanistan using a secure, robust Android handheld device," said Dr. Mari Maeda, deputy director, Defense Sciences Office, DARPA," <a target="_blank" href="http://www.army.mil/article/82183/Army_s_top_signal_officer__Everything_is_network_dependent/">in an article on the U.S. Army website</a>. "We roll out new capabilities every three to four months, from new apps to new server capabilities." Invincea's <a href="http://www.invincea.com/">software</a> uses "lightweight virtualization to protect apps from being compromised,'' said Anup Ghosh, Invincea founder and CEO. Currently, security on the desktop in the enterprise is reactive--it protects against threats it knows about ahead of time, he said. The software Invincea is designing for DARPA puts a browser "in a bubble so when it gets compromised, the system does not," without requiring signatures for each threat. Invincea's platform "seamlessly moves the browser, PDF reader, Microsoft Office suite, .zip, and .exe file types from the native operating system into secure virtualized environments without altering the user experience," according to a separate statement. "DARPA is ... clearly signaling they view the mobile device as the new battle field for where threats are going to be coming in the military," said Ghosh. "What we're going to see in the future is exploiting the apps you have already downloaded by taking advantage of the vulnerabilities in them, and the classic example is the browser." Most enterprises are still focused on mobile device management (MDM), which addresses "basic blocking and tackling" by enforcing corporate policies across devices, Ghosh maintained, including the ability to remotely wipe a lost or stolen device, as well as forcing the use of passwords and added encryption to read emails. <img src="http://twimgs.com/informationweek/byte/news/2012_June/soldier-smartphone.jpg" /><div style="margin:4px 0 0 0; padding:0; color:#990000; font-weight:bold;font-style: roman; text-align:right; font-size: small">A soldier from 2nd Brigade, 1st Armored Division, demonstrates a Nett Warrior device during NIE 12.2. As part of Capability Set 13, Nett Warrior is a soldier-worn, smartphone-like mission command system that connects with the JTRS Rifleman Radio to provide dismounted leaders with increased situational awareness and mission-related "apps." (source: <a target="_blank" href="http://www.army.mil/article/81081/">army.mil</a>)</div> "Where we are not, as far as technology development goes, is addressing the mobile malware threats: malware apps and exploiting vulnerabilities in the trusted apps," said Ghosh. "The industry hasn't yet tackled those two problems." MDM is less about security and more about the management aspect of mobile devices, concurred Chris Hazelton, research director of mobile and wireless at The 451 Group. With the contract, DARPA is ensuring that the Android OS on its mobile devices is secure and the browser is siloed when it puts them in the hands of soldiers, he says. <hr style="color: #f00; background-color: #f00; height: 5px;"><blockquote><a href="http://www.informationweek.com/news/security/mobile/232601100">Click here for 7 ways to toughen enterprise mobile device security</a>.</blockquote><hr style="color: #f00; background-color: #f00; height: 5px;"> Besides the browser, another emerging area of attack is when users click on a link sent in SMS texts, Ghosh noted. Hazelton added that downloading malicious apps from websites or app stores are other logical points of entry on mobile devices, as well as when false Wi-Fi access points are created--and even through the use of Bluetooth and NFC. DARPA's mission is to avoid "technology surprise," said Ghosh. "What they're saying by investing in this new technology is, 'We anticipate that the adversary is going to move from desktop-oriented exploits to smart, handled device exploits,' and they're trying to get out in front of a threat before it becomes pervasive and without requiring a signature." He declined to comment on specific features of the software, saying DARPA will not allow the security firm to discuss them in detail. As to why the software is being developed for the Android OS, Ghosh said the military feels strongly about layering in security software on top of the open source platform. "Ironically, for same reason [Android is] targeted so heavily [by malware creators] it's a good operating system to secure,'' he explains. "We will target securing Windows Mobile when it captures enough market share for adversaries to develop exploits for it. Before then it won't make sense." As for the corporate realm, Ghosh doesn't believe enough enterprises are yet overly concerned about their mobile devices becoming compromised. "What we anticipate is the technology being developed under the DARPA contract to protect military phones for military apps will have application for business apps,'' he said. What the military has started to do is a good move, said Hazelton, because the Invincea software will lock down the devices while still providing some freedom for the soldiers who use them. "It lines up with what the next steps are in the enterprise: managing the application, not just the device." 2012-06-12T18:22:00ZVerizon Wireless Reveals 'Share Everything' PlanAs expected, Verizon Wireless will move data customers over to a "family share" plan that offers unlimited voice. Many customers will pay more, but the new plan will encourage the adoption of multiple devices such as iPads that use mobile data plans.http://www.informationweek.com/byte/news/240001944?cid=RSSfeed_IWK_AuthorsIn a move seen as industry changing--if not a surprise--Verizon Wireless subscribers soon will be able to use wireless services on up to 10 devices under a new plan the carrier announced Tuesday. The <a target="_blank" href="http://www.verizonwireless.com/ShareEverything">Share Everything Plan</a> includes unlimited voice minutes, unlimited text, video, and picture messaging, and a single data allowance starting at 1GB for $50 a month, up to 10GB for $100. The plan, which will roll out beginning June 28, also will include mobile hotspot service on all the devices. New and existing customers are eligible to take advantage of the plan with no additional cost or contract extension requirements, Verizon Wireless said. Customers also have the option of keeping their existing plans. "This is obviously a huge shift in the industry overall," said Weston Henderek, principal analyst for wireless services at Current Analysis. He added that "Verizon is essentially commoditizing voice and messaging by saying you have to get... unlimited voice and messaging." Although the new plan will benefit some--mainly families with several devices--Henderek said people who don't need a lot of minutes or use third-party messaging services "will be severely impacted by this." Carriers have been attacked for charging $20 per month for unlimited messaging when there are lots of free messaging apps, he said, but now Verizon is bundling that with voice and spinning the plan to say customers are getting extra value. "So they're trying to solidify that messaging component and unlimited voice as a baseline bucket to get people to spend an absolute minimum with them when they commit to buying a smartphone," he said. After an analyst call with Verizon Wireless, Henderek clarified that "...all new postpaid Verizon Wireless customers who want a smartphone will need to buy the new plan. This means that they will be forced to take unlimited voice and unlimited messaging even if they do not need that many minutes." The lack of any option for new customers to buy a plan that has a small number of voice minutes and no messaging "...will have huge impact across the board on a wide range of customers." Telling customers they will have unlimited voice is a way for Verizon to "justify a higher price point because they're saying you can make as many calls as you want," he added. "By having that as the floor, they start you at a price point that's maybe above what the low-end or mid-range user would have thought of paying in the past." However, <a href="http://www.informationweek.com/byte/news/personal-tech/smart-phones/240001567">the industry is heading in this direction</a> to bring in higher average revenue per user (ARPU), Henderek said. Choosing a plan is becoming more focused on data usage--not voice and messaging--which he called "more simplified and data specific." The underlying value proposition of the new scheme is getting to share data, and make more effective use of what you're buying, as opposed to having to buy separate data plans for every device a customer owns, Henderek noted. "Now you can buy a bucket of data on your device and ... you can have your husband on it, your kids on it, whatever--and you're all sharing from the same data pool." It will also eliminate the pay penalty when a customer goes over his allotted amount of data, he said. "Under the [current] structure... you each have 2GB of data and when you go over you pay a penalty," he said. "Under the new structure all that gets combined and instead of each having two gigs, you have a pool of six. In that way you're making more efficient use of the data you have and that's the best aspect of this new structure." A lot of people will like the flexibility of knowing there is a framework for using their "data bucket" on any device they want, he said. So the winners will be families with shared accounts who currently use a lot of data and spend a lot of money, Henderek said. "People who use a decent amount of voice and data will [spend] roughly the same and people who buy lower-end, basic 450 minutes plans with the lowest end data plan and no messaging--those are likely the people who will likely end up paying more." <img src="http://twimgs.com/informationweek/byte/commentary/2012-May/Verizon-Wireless-Logo.png" /> Although there will "definitely be some uproar" from the news, "eventually, people will swallow it," he said. However, the real surprise is that this didn't happen sooner, because the notion of sharing data with different devices makes sense, he said. "We're in a world where there are so many new categories of devices that need connectivity you want to do what you can to encourage connectivity," he said. The previous plan structure of needing separate data plans was inhibiting growth in the market, because people didn't want to take on different plans for each device. The new plan will be effective from that perspective, said Henderek. Another advantage of the new plan, according to Henderek, is that "... for $4.99 you can add usage controls that let you assign how much data you want each of your lines to have. So if you have 4GB of total data, you could limit one of your kids' lines to only 500MB for example. This is more convenient." Carriers' legacy rate plans have been very voice centric and made up the bulk of a bill, with data messaging tacked on, and now that's been completely flipped, he said. Carriers have been playing it "safe and conservative" on making a change for a while, he added. "It took a long time for carriers to phase in this new pricing reality where data is priority" because there's a psychological component; customers have been used to paying for voice, he said. But now, "People needing data is becoming such an intertwined part of our lives; people see the value of a fast Internet connection on the road and the ability to update Facebook, so there's no longer the fear" customers will balk at paying more for data, he said. As for the other carriers, Sprint to a certain extent already does something similar with its unlimited data plan, Henderek said, and will most likely make tweaks to that. "AT&T generally has moved in lock step with Verizon on most things, so once this launches they will be out of step. The question is, will they offer this model or some form of it or leave some flexibility to let people choose" their smartphone plan, he said. "They're definitely going to respond and move in this direction," since all of the carriers have consistently said they're going to implement shared data relatively soon. "So this won't be just Verizon moving into this new pricing scheme. It will eventually be a widespread thing in the market." 2012-06-07T13:54:00ZNew Technology Adds Keyboard Feel To TouchscreensTactus Technology harnessed microfluidics to create a special new tactile layer in touchscreens. The technology dynamically produces physical bumps on soft keys to approximate the experience of typing on a real keyboard. But will it really make typing on a phone or tablet easier?http://www.informationweek.com/byte/news/240001681?cid=RSSfeed_IWK_AuthorsFor users who want to retain the touch and feel of a traditional keyboard on their touchscreen device, <a target="_blank" href="http://www.tactustechnology.com/">Tactus Technology</a> has unveiled a tactile layer component that creates dynamic physical buttons that rise out of the surface of the screen. The haptic user interface lets users see and feel the buttons for the experience of operating a physical keyboard. <img src="http://twimgs.com/informationweek/byte/news/2012-June/tactus-bumps.jpg" /> The buttons recede back into the touchscreen when no longer needed, leaving no hint of their presence, the Fremont, Calif.-based company said. Microfluidic technology is used to create the physical buttons on the touchscreen. Tactus CEO Craig Ciesla told BYTE he came up with the idea when the iPhone first came out and "I was thinking about how I could do without my Blackberry and keyboard, and at that moment I thought this microfluidic technology could solve the problem and be the solution." No extra thickness is added to standard touchscreens because the tactile layer is a completely flat and transparent surface that "replaces a layer of the already existing display stack," according to <a target="_blank" href="http://www.tactustechnology.com/release_120605.html">a press release</a> announcing the first demonstration of the component on a prototype Google Android tablet. "If you were to take an iPhone, for example, and take apart the display there are three parts: the display, touch sensor and window or cover lens ... we're only changing the third one,'' that a user touches, explained Ciesla. This design makes it possible to add the tactile layer without adding any extra thickness to touchscreens, he said. The technology "is more than the ability to create a QWERTY keyboard," he said. "Our technology is a way of having a dynamic, physical surface that integrates as a touchscreen, and with that capability a number of different user interfaces and experiences can be developed." Although Ciesla declined to comment on where the tactile layer technology will first be deployed, he said the first product will roll out in mid 2013, and that customers have expressed interest in it for gaming controls and navigation. <img src="http://twimgs.com/informationweek/byte/news/2012-June/tactus_slide_mixer.jpg" /><div style="margin:4px 0 0 0; padding:0; color:#990000; font-weight:bold;font-style: roman; text-align:right;">Tactus predicts the invention of various complex touch interfaces using its new tactile layer technology.</div> Chris Hazelton, research director of mobile and wireless at <a target="blank" href="https://www.451research.com/">451 Research</a>, said he questions how flexible the screen will be, whether it will be easy for developers to leverage the technology, and how many different types of applications it can support. He also questioned what the impact will be on battery life. "A large touchscreen already drains the battery significantly, so a screen with constant button adjustment is bound to also," he said. Hazelton called the technology "very interesting, and if it ... is able to replicate a keyboard or any large percentage of user interfaces for all applications on the user device, I think it will be powerful." <iframe src="http://player.vimeo.com/video/43431035?title=0&byline=0" width="400" align="center" height="300" frameborder="0" webkitAllowFullScreen mozallowfullscreen allowFullScreen></iframe><div style="margin:4px 0 0 0; padding:0; color:#990000; font-weight:bold;font-style: roman; text-align:center;"></div> 2012-03-08T12:00:00ZMedical Apps On Tablets Gain PopularityThe medical field, perhaps more than any other, is ripe with opportunities to deploy tablets. Clinicians are clamoring for tablet-compatible electronic health records and other applications.http://www.informationweek.com/byte/news/232601963?cid=RSSfeed_IWK_Authors Move over desktops and laptops. Tablets are making big inroads in the medical profession. Medical support for doctors, nurses, and physical therapists is expected to be one of the top 10 commercial business application categories for tablet devices this year, according to Gartner. Because of their size and portability, tablets are ideal for a number of clinical workflow tasks, industry observers say. Those tasks include entering handwritten notes into electronic health records (EHRs), generating accurate prescriptions, and sharing information with patients, such as x-rays. <a target="_blank" href="http://twimgs.com/informationweek/byte/Features/2012-March/iPad-Meds/3D4Medicalapps.jpg"><img src="http://twimgs.com/informationweek/byte/Features/2012-March/iPad-Meds/sm3D4Medicalapps.jpg"></a> "Medical is actually one of the most obvious use cases for tablets," said Michael Faucette, group vice president for software business solutions at IDC. "The workforce, particularly doctors, [is] mobile, contained in a space that is easily covered by Wi-Fi," he said. Doctors "have heavy information needs and are required to record almost everything that they do." Workstations are a less attractive alternative, Faucette said, because doctors, nurses, and other medical personnel are moving constantly and interacting with patents in short increments during their shifts. Other tasks that are a natural fit for tablets are patient diagnostic/exam activities, training, administration, filling out patient forms, and collaboration between doctors and across different sites. <a target="_blank" href="http://twimgs.com/informationweek/byte/Features/2012-March/iPad-Meds/AirStripPATIENTMONITORING.jpg"><img src="http://twimgs.com/informationweek/byte/Features/2012-March/iPad-Meds/smAirStripPATIENTMONITORING.jpg"></a> More medical providers are turning to tablets as part of the next wave of mobile adoption to increase productivity and improve patient care, according to CompTIA's Third Annual Healthcare IT Insights and Opportunities study, released in November. "As mobile devices and applications have become more user-friendly, affordable and powerful, they appeal to businesses of all types, including healthcare providers, has grown exponentially," said Tim Herbert, vice president of research for CompTIA, in a statement. One-quarter of healthcare providers surveyed report currently using tablets within their practice. Another 21% expect to do so within 12 months. Presently, about 38% of physicians with a mobile device capable of supporting applications use medical-related apps on a daily basis. Over the next 12 months, physicians expect to increase usage of medical apps to the point where 50% are using them daily. The study was based on a survey of 350 doctors, dentists, and other healthcare providers or administrators. In yet another study, more than 80% of physicians said they own a mobile device capable of downloading apps, and 30% own tablets--compared with an adoption rate of 5% for tablets among the U.S. population, according to a May 2011 survey of 3,798 physicians by QuantiaMD, an online learning community for doctors. Although only 19% said they already used a tablet in a clinical setting to help their practice, 35% said they were "extremely likely to," followed by 30% who were "somewhat likely to." The iPad was found to be the tablet of choice by more than half of respondents (59%), with only a fraction of physicians (3%) reporting they used Android tablets. "Physicians' strong interest in tablet devices indicates this technology will soon command the physician market; there is also strong interest in tablets from healthcare institutions,'' according to QuantiaMD. Software vendors are entering the market with a vengeance. Among those who have hit the ground running with medical apps for tablets is AirStrip Technologies, which has deployed an FDA-approved platform to allow doctors and nurses to securely access maternal/fetal waveforms, bedside monitors, and pharmacy and lab systems. <a target="_blank" href="http://twimgs.com/informationweek/byte/Features/2012-March/iPad-Meds/drcrono.png"><img src="http://twimgs.com/informationweek/byte/Features/2012-March/iPad-Meds/smdrcrono.png"></a> Drchrono is an EHR for the iPad that gives doctors access to complete records as well as an electronic billing center and electronic check-in form. Doctors can also share clinical notes, access a template library, print medical claims, do scheduling, integrate speech to text, and send electronic prescriptions to any pharmacy in the U.S. The app is available for free on one iPad with subscriptions for additional devices ranging from $99 to $199 per month. MIM Software, a provider of medical imaging software, offers a mobile MIM diagnostic imaging app for the iPad. The company received FDA clearance in December for diagnostic x-ray and ultrasound viewing, along with radiation treatment plan review and approval. It is available from the Apple App Store. Ideal for biology and medical students are the Nova Series apps from 3D4Medical, which offer 360-degree views of different areas of the human body on the iPad. The apps provide searchable indexing and quiz capabilities for a number of different areas that also include fitness and reference. Subscriptions start at $99 for students and range from $999 to $2,999 for faculty groups of up to 100. <a target="_blank" href="http://twimgs.com/informationweek/byte/Features/2012-March/iPad-Meds/Epocratesdermatologyapp.jpg"><img src="http://twimgs.com/informationweek/byte/Features/2012-March/iPad-Meds/smEpocratesdermatologyapp.jpg"></a> Epocrates offers drug reference, educational, and clinical apps for the iPad, such as a dermatology image collection and interactive image libraries of the human body for reference, training, and education. Calgary Scientific last fall received FDA clearance to market its ResolutionMD medical imaging app on the iPad. It supports HIPPA compliance and offers interactive 2D MIP/MPR and 3D visualization, and interactive use of MR and CT images.2012-01-09T15:45:00Z2012: Year Of The TabletBYOD is not a fad. It's going to be a major productivity motivator, and its going to prove itself out in 2012.http://www.informationweek.com/byte/news/232301441?cid=RSSfeed_IWK_Authors The phenomenon of bringing your own device to work will this year move beyond the initial phase of workflow and personal productivity functions toward using apps that enable a variety of business initiatives. 2011 was the year of "rogue behavior" with employees using consumer devices at work for light functions including email, research and reading reports. Now, vendors are aggressively beginning to create apps specifically for tablets and IT will deploy them, says David Willis, chief of research for communications at Gartner. "This year, IT organizations will embrace [tablets] and finally recognize [their] legitimate business uses," he says. "IT thought this was another hoola-hoop in the beginning and as it turned out [BYOD] is not a fad; it does make people more productive throughout the day." "We're starting to see more vendors building out apps to give [users] ways to...access tablets and form factors...It's a very aggressive program among vendors, so we'll see a much more open approach from the IT perspective," concurs Michael Fauscette, group vice president of software business solutions at IDC. This is very timely. According to Gartner's latest forecast, worldwide media tablet consumer sales totaled 63.6 million units in 2011, a 261.4% increase from 2010 sales of 17.6 million units. Media tablet sales will continue to experience strong growth through the end of 2015 when sales are forecasted to reach 326.3 million units. Combined sales of tablets and smartphones were 44 percent higher than the PC market in 2011, according to Gartner. Although figures from Strategy Analytics are more conservative, the research firm says the global combined shipments of corporate-liable and personal-liable business-use tablets quadrupled to reach 30 million units in 2011, and will increase to over 40 million units in 2012. Willis cautions that while ERP, CRM, and other business application vendors are looking to sell tablet versions of their software, they will only be successful if they redesign the apps, rather than just duplicating the traditional desktop or browser experience. <img src="http://twimgs.com/informationweek/byte/news/Jan-2012/ipad_multitouch450.jpg"> The types of apps companies will deploy for tablets this year are those that are primarily geared for customer-facing roles, says Dan Shey, practice director of mobile services at ABI Research. Applications that fall in this category include vertical-specific line-of-business (LOB) apps, business intelligence (BI) apps, and workflow apps, he says. BI apps typically provide a snapshot view of CRM, ERP, and supply chain data. Workflow apps typically are approval apps for things such as purchase orders and employee leave requests, Shey says. "You will start seeing in 2012 more sales associates with tablets in retail,'' he says. "In 2011, sales associates in car dealerships with tablets was a new trend (design your own car) and I think deployments in this sector will continue. 2012 also will be the year that more field force employees will be given tablets." Fauscette sees a proliferation of apps being designed for tablets to gain access to sales force automation, reports, and dashboards. Salesforce.com, for example, has designed such an app for the iPad, and Workday has built an execute dashboard iPad app to optimize talent and recruitment and manage personnel. Gartner estimates that by 2016, more than 900 million tablets will be sold and will find their way into the workplace. Willis says executives in particular are "redefining processes for 'ready at hand' moments where other computer types are not as well adapted." CEOs often prefer tablets for distributing material for board of directors meetings. Salespeople are using them in client-facing situations. Sales configuration tools help close more business and reduce error rates. Sales and marketing leaders are using them as dashboards to their business; and marketers are designing campaigns around them, according to Willis. Doctors and nurses also are using tablets, he says, and they are finding their way onto the manufacturing floor. Although tablets might be ideal for certain work roles, Fauscette says there are some functions that don't lend themselves to a small form factor, such as entering inventory and creating spreadsheets. "While [a tablet is] OK for doing content creation it's not great,'' he says. "I travel with both a tablet and a MacBook Air. I do short things on the tablet but what I like it for is consumption of content, email, reading articles and documents, doing research and looking at reports." According to Gartner, the top 10 commercial business application categories for tablets are: <ol> <li>Sales automation systems for customer collateral, sales presentations, and ordering systems. <li>Business intelligence: analytical and performance applications with management dashboards. <li>Containerized email to separate corporate messaging environments from personal email. <li>Collaboration applications for meetings. <li>File utilities for document sharing and distribution. <li>General corporate/government enterprise applications for CRM, ERP, SCM, and messaging. <li>Medical support systems for doctors, nurses, and physical therapists. <li>Hosted virtual desktop agents to provide secure remote operations of traditional desktop applications and environments. <li>Social networking applications with intelligent business insight. <li>Board books for secure document and report distribution.</li></ol>2011-11-10T14:43:00ZApple Acquires Wi-Gear, Plans Bluetooth Headset LineDevelopment will center on stereo Bluetooth headphones for future iOS devices and MacBooks, according to report.http://www.informationweek.com/news/228200668?cid=RSSfeed_IWK_Authors <div style="margin:0; padding:0 0 10px 10px; float:right; width:185px; text-align:center;"> <a href="http://www.informationweek.com/news/galleries/hardware/showArticle.jhtml?articleID=227500455&pgno=82"><img src="http://twimgs.com/informationweek/galleries/automated/522/iMuffs_tn.gif" width="175" alt="Wi-Gear's iMuffs Headphone For iPod, iPhone " title="Wi-Gear's iMuffs Headphone For iPod, iPhone " hspace="0" vspace="0" border="0" style="margin:0 0 3px 0; padding:0;" /></a> (click image for larger view) <div style="margin:5px 0 0 0; padding:0;font-weight:bold; font-size:1.2em; color:#990000;">Wi-Gear's iMuffs Headphone For iPod, iPhone </div> </div>  Apple has reportedly bought Bluetooth headset company Wi-Gear, which makes iMuffs headphones for the iPod and iPhone. A source told 9to5 Mac that the company plans to develop its own line of stereo Bluetooth headphones for iPhones, iPads and MacBooks. The products Wi-Gear sold were geared specifically to iOS devices. According to 9to5Mac, "Apple plans to build its own stereo Bluetooth headphones for future iOS devices and MacBooks with technology and expertise from Wi-Gear." Apple launched a headset in 2007 that was later discontinued. A PC Magazine review at the time rated it as fair, saying it hissed over calls, and had "poor performance under noisy conditions." Ars Technica noted that the iPhone used to require the addition of a Bluetooth adapter, since at the time it didn't support A2DP audio streaming. Because Apple has since added A2DP support to the iPhone, iPod Touch, and iPad, the speculation is that Apple is planning to use Wi-Gear's technology and former staff to design a new headphone line under its brand. An Ars Technica review of iMuffs called the accessory "very Apple-like in execution, if not in fit-and-finish. The sound quality and comfort certainly exceeded that of the standard iPhone earbuds." With iMuffs, users could experience "near-CD quality sound" up to 40 feet away. Its built-in microphone gave mobile phone owners the ability to also carry on conversations with the headphones. According to Wi-Gear, iMuffs provided seamless switching between wireless music playback and calls using the same headphones on a Bluetooth-enabled phone. When a user received an incoming call, the phone would connect and ring through the headphones to allow for speaking through the integrated microphone, and then switch back to music when the call had ended. Wi-Gear cofounder and lead engineer Michael Kim began working at Apple two months ago as an iOS Bluetooth engineer, according to his LinkedIn profile. A note on the San Francisco-based Wi-Gear's website says the company "has ceased operations and is no longer in business. We will be unable to respond to any inquiries." No further information was given about when Apple might be releasing a headphone product.2011-10-11T19:48:00ZMicrosoft Fixes 23 Vulnerabilities Including Critical IE FlawsMicrosoft released 8 updates for a variety of products fixing a total of 23 vulnerabilities, many of them critical flaws affecting Internet Explorer. Applying the most urgent patches quickly would be wise.http://www.informationweek.com/byte/news/231900586?cid=RSSfeed_IWK_Authors <a target="_new" href="http://technet.microsoft.com/en-us/security/bulletin/ms11-oct">Microsoft issued its monthly security bulletins today</a>, which include two updates rated as “critical” and which could allow remote code execution. The first, <a target="_new" href="http://technet.microsoft.com/en-us/security/bulletin/ms11-078">MS11-078</a>, is for a vulnerability in .NET Framework and Microsoft Silverlight. The second critical fix is for MS11-081, a cumulative security update for Internet Explorer. There were six other updates issued that were ranked as “important.” Microsoft also issued guidance for prioritization of patching. Click on the image below for a full-size chart. <a href="http://twimgs.com/informationweek/byte/news/Oct2011/1638.October2011Deployment.jpg" alt="Patch Deployment Priority" title="Patch Deployment Priority" target="_blank"><img src="http://twimgs.com/informationweek/byte/news/Oct2011/1638.October2011Deployment.452.jpg" width="452" alt="Patch Deployment Priority - Click For Full Size" title="Patch Deployment Priority - Click For Full Size"></a> MS11-078 resolves what was a privately reported vulnerability in Microsoft .NET Framework and Microsoft Silverlight, that if left unfixed, Microsoft said, could allow remote code execution on a client system if a user views a specially crafted web page using a browser running XAML Browser Applications (XBAPs) or Silverlight applications. The impact will not be as great on systems configured to have fewer user rights as opposed to users whose systems operate with administrative user rights, according to Microsoft. A remote code execution is also possible on a server system running IIS, "if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and then executes the page, as could be the case in a web hosting scenario," because of the vulnerability, Microsoft reported. This vulnerability could also be used by Windows .NET applications to bypass Code Access Security (CAS) restrictions. The update to <a target="_new" href="http://technet.microsoft.com/en-us/security/bulletin/ms11-081">MS11-081</a> resolves eight privately reported critical Internet Explorer vulnerabilities, Microsoft reported. Remote code execution would be the most severe of outcomes if a user views a specially crafted web page using Internet Explorer. If any of these vulnerabilities were successfully exploited, an attacker could gain the same user rights as the local user, according to Microsoft. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. All shipping versions of IE, including IE9, are affected by at least 1 critical vulnerability. A privately reported vulnerability in the Active Accessibility component, <a target="_new" href="http://technet.microsoft.com/en-us/security/bulletin/ms11-075">MS11-075</a>, has also been patched. The vulnerability could allow remote code execution if an attacker convinces a user to open a legitimate file that is located in the same network directory as a specially crafted dynamic link library (DLL) file, Microsoft said. The Microsoft Active Accessibility component could attempt to load the DLL file and execute any code it contained while opening the legitimate file, the firm said. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a document from this location that is then loaded by a vulnerable application.<a target="_new" href="http://technet.microsoft.com/en-us/security/bulletin/ms11-076">MS11-076</a> is an "important"security update to resolve an publicly disclosed vulnerability in Windows Media Center. If an attacker convinces a user to open a legitimate file that is located in the same network directory as a specially crafted dynamic link library (DLL) file, it could allow remote code execution. Then, while opening the legitimate file, Windows Media Center could attempt to load the DLL file and execute any code it contained, according to Microsoft. A user must visit an untrusted remote file system location or WebDAV share and open a legitimate file for an attack to be successful. MS11-075 and MS11-076 are examples of a vulnerability class called "remote binary planting" which has necessitated dozens of fixes by Microsoft and 3rd party application vendors in the last year. An important security update was also issued for <a target="_new" href="http://technet.microsoft.com/en-us/security/bulletin/ms11-077">MS11-077</a>, which resolves four privately reported vulnerabilities in Windows, Microsoft reported. A remote code execution would be the most severe of these vulnerabilities if a user opens a specially crafted font file (such as a .fon file) in a network share, a UNC or WebDAV location, or an e-mail attachment, Microsoft reported. For a remote attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open the specially crafted font file, or open the file as an e-mail attachment. <a target="_new" href="http://technet.microsoft.com/en-us/security/bulletin/ms11-079">MS11-079</a> is a security update for five privately reported vulnerabilities in Forefront Unified Access Gateway (UAG). The most severe of these vulnerabilities could allow remote code execution if a user visits an affected Web site using a specially crafted URL, Microsoft reported. However, an attacker would have no way to force users to visit such a Web site. Instead, an attacker would have to persuade users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker's Web site, the firm said. <a target="_new" href="http://technet.microsoft.com/en-us/security/bulletin/ms11-080">MS11-080</a> is a security update resolving a privately reported vulnerability in the Windows Ancillary Function Driver (AFD). If an attacker logs on to a user's system and runs a specially crafted application, the vulnerability could allow elevation of privilege. An attacker must have valid logon credentials and be able to log on locally to exploit the vulnerability, Microsoft said. The final security update is for <a target="_new" href="http://technet.microsoft.com/en-us/security/bulletin/ms11-082">MS11-082</a>, which resolves two publicly disclosed vulnerabilities in Host Integration Server. The vulnerabilities could allow denial of service if a remote attacker sends specially crafted network packets to a Host Integration Server listening on UDP port 1478 or TCP ports 1477 and 1478, Microsoft said. It recommended firewall best practices and standard default firewall configurations as a way to help protect networks from attacks that originate outside the enterprise perimeter. Another recommendation is that systems connected to the Internet have only a minimal number of ports exposed. In this case, the Host Integration Server ports should be blocked from the Internet, Microsoft advised.