Wednesday 25 March 2015

Twelve Years....

Twelve years in technology

12 years doesn't seem like a long time ago, but in technology terms it's a very long time.

The Nokia 6310 was released in 2001 and its successor the Nokia 6310i was release 12 years ago.  iTunes is 12 years old, although the iPod has been around a little longer.  The iPhone has been with us for eight years and the iPad for five years.  So it doesn't just sound like an Apple-fest, the Blackberrys were in their hard case holsters and Android formed as a company in 2003.

Why is this relevant?  It’s not really, it’s just to put into perspective where technology was 12 years, the same time that Windows 2003 was released.

Windows 2003

Windows 2003 was released 24th April 2003, but as of 14th July 2015, Windows 2003 will no longer receive support from Microsoft.  There is also an IDC whitepaper covering why it’s important to upgrade here

What does no support mean?

When Windows 2003 no longer receives support there will be a number of impacts:

  • No patches, updates and fixes - This means that whether a vulnerability or issue is security related or not, Microsoft are not obliged to patch it or fix it in any fashion.
  • There will be no support from Microsoft - Fairly simple you'd think, but again any issues encountered can not be raised or escalated to Microsoft.
  • Applications support challenges - As Microsoft no longer support the operating system, why would the application manufacturers.  This means that new versions of the application will only be supported on the newer operating systems.
  • Compliance issues - There could be issues meeting compliance in healthcare or with PCI:DSS if an unsupported operating system is in scope.

Upgrade

The obvious answer is the upgrade, but if bespoke applications are being run and depend on specific versions of operating system or supporting applications such as databases running on specific version, upgrading is certainly not straightforward.

Protect

If you can't upgrade, or are unable to upgrade before the 14th July 2015, there is another option.  Trend Micro have solution called Deep Security, which can protect physical, virtual and cloud based servers.  Trend Micro Deep Security offers a number of features including anti-malware, intrusion prevention, host firewall, integrity monitoring, log inspection, application scanning and interestingly virtual patching.

Virtual Patching

Virtual patching or vulnerability shielding, is taking Trend Micro's understanding of the vulnerabilities and create a secure bubble around the Windows 2003 server preventing those vulnerabilities from being able to be used against the server.

Trend Micro Deep Security

Before being forced into a quick migration of your existing Windows 2003 servers, it would worth considering if Trend Micro Deep Security could be the way of keeping your existing environment secure for longer.

Thursday 19 March 2015

How big is your wallet?

I was asked to write a blog piece for work which was originally published here: http://mtibytes.com/post/How-big-is-your-wallet

==========

The average wallet is designed to carry objects of a 3 3⁄8” × 2 1⁄8” form factor, or the size of a standard credit card. I found I was carrying a bit more than that; on some days I might leave the house with a couple of credit cards, a debit card, supermarket loyalty cards, my driving license, Oystercard, and of course, a stack of business cards, requiring an ever-expanding wallet. As I struggled to fit my jumbo wallet and 5” smartphone into my trouser pocket, I decided something needed to be done.

Let me tell you, a few years ago downsizing a wallet would not be for the faint hearted. However, with the rise of mobile payment technologies, getting rid of your wallet for good may not be a fantasy for much longer.

With a few tips (and security considerations, of course) you’ll be well on your way to kicking your plastic to the curb:

Internet payments
I was an early adopter of PayPal, which many were hesitant to join in its early days for fear of leaving their payment details with a third party. Security concerns aside, PayPal is a highly attractive service, making online transactions (namely over eBay) simpler and more convenient. If you’re concerned about the security of internet payments, a simple preventative measure is to use separate banking details for PayPal and other online purchases. This will allow you to monitor online spending apart from your other purchases and, at the same time, keep a watchful eye on fraudulent spending and credit card cloning.

Contactless 
Similarly, I was among the first to purchase the Google Nexus 4 with Near Field Communication (NFC), which I saw as the future of payments (are we sensing a pattern here?). With both mobile and credit card companies adopting the technology, contactless payment seemed like the way forward. Still, I had my reservations about using my phone to buy everything – from petrol to a pint - so I didn’t use the NFC function initially.
That being said, it seems there are more service providers offering NFC for small purchases every month. TFL now accepts contactless credit cards, meaning one less card for me to fumble for on my commute. My mobile phone provider now has a wallet system that is compatible with NFC, as well as offering NFC chips that can be stuck to your phone, offering the contactless payment functionality for any device.

Apps for all 
As an Android enthusiast, I have created a Google Wallet account to use on Google Play. If you can’t bare the thought of parting with your iPhone, don’t despair; Apple Pay is available on all new devices and uses your fingerprint for authentication.
Although both applications are protected by a PIN, keep in mind that these technologies are still in their early stages and possibly more susceptible to fraud as a result. If you’re still hesitant on taking the plunge, I would recommend simply waiting until functionality becomes more conventional.

Say it with me: bin the wallet! 
Mobile is rapidly becoming the hub of our lives, acting as our main communication lifeline, connection to the web, control for our home environment, link for our wearables, and now, primary payment method. As Google and Apple payments join the mainstream, I predict we will do away with our wallets completely and rely solely on our mobile phones.
Although the news is full of high profile security breaches, we needn’t look further than our own pockets for an example of a security risk. These leaps in technology and functionality are impressive, but should only make us more vigilant when it comes to mobile security. So the question remains: how big is your wallet?