Do you like football? Beware of APPs!

Do you like football? Beware of APPs!

As football fever sweeps across Europe due to the 2016 UEFA European Championship, the SmartWire Labs Team at Wandera has been analyzing the mobile data traffic patterns across our network of enterprise customers in the European countries that make up this year’s tournament. By investigating the billions of daily data inputs that are scanned by our Secure Mobile Gateway, we’ve made some startling discoveries about data security and mobile phone usage in the lead up to and during the tournament (Research period 25 May to 24 June 2016).

MALICIOUS WEBSITES AND DATA LEAKS

With the tournament in full swing, users are becoming more active on their mobile devices, by exploring new content and being exposed to an increasing number of online ads. As a result of this spike in activity, SmartWire Labs discovered an increase in the number of malicious websites being accessed by smartphones. Worryingly, it seems that the host country has been actively targeted by hackers with 72% of malicious websites and 41% of exposed passwords being detected on smartphones in France.

During our research period, the number of data leaks observed by our research team increased. We predict this number will continue to rise as the tournament goes on as a result of more people travelling across Europe and using unfamiliar apps and websites to access match information. Our research suggests that data leaks will peak in late June towards the end of Euro 2016 before going back to normal levels in late July.

 

UEFA APP FOR FANS IS LEAKING DATA

One of the most startling discoveries by our researchers relates to the ‘UEFA EURO 2016 Fan Guide’ App. It’s one of the official UEFA mobile applications for Euro 2016, designed to provide practical tourist information for fans that are travelling to France for the tournament.

We have discovered that user credentials (including username, password, address and phone number) submitted to the online UEFA store website, are being transferred by both the iOS and Android versions of the app, over an insecure connection. The app itself has over 100,000 downloads on the google play store alone, and a very high rating. The implications of this are huge with potentially thousands of people having their personally identifiable information exposed and possibly stolen.

CONCLUSION

Overall, the increased data usage during the beginning of Euro 2016 will come as no surprise to anyone. The risks associated with this increase in traffic however have huge implications. With more people traveling across Europe, using unfamiliar websites and apps, as well as the shocking discovery that the official UEFA app is leaking data could all lead to serious security breaches with thousands of fans’ data being put at risk.

UEFA’S RESPONSE

Since SmartWire Labs exposed the treat UEFA have acknowledged the problem and fixed the issue. A UEFA spokesperson confirmed:

It is correct that there is an issue with the fan app, concerning a third party component in the myfanzone section, where the contact details of around 4,000 users (name, email and phone number) were not fully protected.

Within a few days UEFA made the following statement:

All security vulnerabilities have been solved. Data exchange between the mobile App and the server are now encrypted.

Download report

Download “Euro_Paper.pdf” Euro_Paper.pdf – Downloaded 391 times – 778 KB

Enterprise Mobile Device Management

Enterprise Mobile Device Management

Security & Application Management for your Mobile

Enterprise Mobility Management (EMM) is the set of people, processes and technology focused on managing mobile devices, wireless networks, and other mobile computing services in a business context. EMM typically includes all of MDM Standard functions, but with the security services and additional tools create a more comprehensive solution.

C.H. Ostfeld sells VMWare Workspace ONE, world market leader in this kind of solution.
The sale and technical support staff are certified by VMware.

In addition we offer Wandera  solution for the management and security of mobile devices. The solution enables deep integration with  AirWatch.

The solutions provided are:

Workspace ONE
Wandera

 

VMware Workspace ONE

VMware Workspace ONE

VMware has grown from five technologists working in a small apartment, to a leading innovator in enterprise software. Today the company’s compute, cloud, mobility, networking, and security offerings provide a dynamic and efficient digital foundation to over 500,000 customers globally. VMware technologies have fundamentally changed IT, and with it, the possibilities open to business. Now VMware and its customers have the freedom to build their own digital futures.

Digital Workspace
Make it easy for employees to work anywhere, any time, on any device, without compromising security.

Open/Close all the descriptions
>

Workspace ONE

Intelligence-driven digital workspace platform that delivers and manages any app on any device

Deliver an Engaging Employee Experience with an Intelligence-driven Digital Workspace Platform
Simply and securely deliver and manage any app on any device with VMware Workspace ONE, an intelligence-driven digital workspace platform. Workspace ONE integrates access control, application management and multi-platform endpoint management into a single platform and is available as a cloud service or on-premises deployment.

What Workspace ONE Delivers

Engaging Employee Experiences From Onboarding to Offboarding
Enables enterprises to maximize employee engagement and productivity by empowering employees with a personalized experience and Day One access to any app on any device.
Unified Endpoint Management
Consolidate management silos across mobile devices, desktops (including Windows 10 and macOS), rugged devices and “things”. Reduce costs and improve security with real-time, over-the-air modern management across all use cases (including BYO).
Intelligence Across the Digital Workspace
Aggregate and correlate data across your entire digital workspace to drive insights, analytics and powerful automation of common IT tasks that improve user experience, strengthen security and reduce IT cost.
Virtual Desktops and Apps
Radically transform traditional VDI and published apps with integrated VMware Horizon and VMware Horizon Cloud, which provides unprecedented simplicity, flexibility, speed and scale – all at a lower cost. A common control plane across the “multi-cloud” enables an architecture and cost model to meet your requirements.
Secure and Simple Application Access
Boost productivity and delight employees with secure, password-free single sign-on (SSO) to SaaS, mobile, Windows, virtual and web apps on any phone, tablet or laptop — all through a single app catalog.
Simplify Zero Trust Security
Combine intrinsic security across device, users, and apps to simplify the enablement of Zero Trust access control. Industry-leading modern management of all devices and access management across all applications makes zero trust access models a reality.

Workspace ONE UEM Powered by AirWatch

Unified endpoint management (UEM) technology that powers Workspace ONE

Manage Every Device and Every Use Case with Unified Endpoint Management
Reduce costs and improve security with modern, over-the-air management of every endpoint – including desktops, mobile, rugged, and IoT – and ensure enterprise security at every layer with Workspace ONE UEM, powered by AirWatch technology.

What Workspace ONE Unified Endpoint Management (UEM) Does
Unifies Endpoint Management
Manage the full lifecycle of any endpoint – mobile (Android, iOS), desktop (Windows 10, macOS, Chrome OS), rugged and even IoT (Linux and others) – in a single management console. Support all your mobility use cases: corporate-owned, BYOD, purpose-built or shared devices.
Modernizes Desktop Management
Optimize desktop OS (Windows 10, macOS, Chrome OS) lifecycle management for a mobile world. The most complete, modern management technology simplifies deployment, provides 100% cloud policy management, streamlines app delivery, automates patching and ensures security.
Automates Processes and Delivers Intelligent Insights
Leverage powerful insights and rules-based automation to optimize employee digital experience, ease the strain on IT and get to a proactive management and security model. Learn more about our intelligence-driven digital workspace platform.
Protects Corporate Apps and Data on Any Network
Provide an intrinsic and comprehensive security approach that encompasses the user, endpoint, app, data and network. Conditional access and granular compliance policies protect company data and ensure hands-free, instant remediation against modern day security threats.
Improves Employee Productivity
Deliver frictionless and secure access to all your business apps – mobile, desktop, SaaS, virtual. The apps include VMware Workspace ONE secure mobile productivity apps – catalog, email, calendar, contacts, web browser, notes, content and more.
Powers Your Digital Workspace
Unified Endpoint Management technology is an essential element in delivering on the promise of a complete digital workspace that reduces IT costs, bolsters security and proactively improves employees’ digital experience.

Workspace ONE UEM Key Highlights

  • Cloud-first, multitenant model to support and better control growing business requirements
  • Real-time desktop modern management from cloud, enhanced with Intelligence automation
  • Automate Windows 10 modern management migration with Workspace ONE AirLift
  • Special purpose mobility with support for ruggedized devices, wearables and IoT
  • Secure Microsoft Office 365 with MAM and conditional access policies across all OS
  • Remote wipe compromised devices instantly to remove sensitive company data
  • Enterprise-grade security fit for government agencies and regulated industries
  • Unified app catalog for one-touch, secure access to any app across any device
  • Robust API framework to support enterprise systems, services, identity, apps, content
I Dispositivi mobili e la gestione del traffico dati

I Dispositivi mobili e la gestione del traffico dati

Gestire i dispositivi mobili e’ ormai prassi comune in tutte le realta’ che hanno visto proliferare nelle aziende, in questi ultimi anni, l’utilizzo di smartphone, tablet, etc.
Fino a qualche tempo fa si riteneva anche che IOS fosse una piattaforma molto sicura mentre Android fosse piu’ vulnerabile.
Tutti gli sforzi dei produttori di MDM in particolare AirWatch erano quindi orientati nel rendere piu’ “blindata” la piattaforma Android in modo da utilizzarla con maggior tranquillita’ in azienda. In questo senso AirWatch ha collaborato strettamente con Samsung e con gli altri produttori hardware su piattaforma Android per fornire garanzie di sicurezza alle aziende che adottavano questa piattaforma.
Un aspetto meno in evidenza e’ invece stato quello relativo alla sicurezza e alla gestione del traffico dati.
In questo campo si evidenziano parecchie brecce di sicurezza anche su piattaforme considerate sicure come Apple.
Alla gestione del traffico dati si dedica Wandera una soluzione integrata in AirWatch che affronta proprio il campo del traffico dati, la cui crescita esponenziale pone nuove sfide ai reparti IT, Security e Governance.
Wandera si occupa anche di contenere i costi del traffico affrontando la questione del roaming ma anche della riduzione tramite compressione dei dati stessi in transito.

Scarica il documento

Download “Wandera_Overview_Datasheet.pdf” Wandera_Overview_Datasheet.pdf – Downloaded 457 times – 3 MB