You are currently browsing the category archive for the ‘Security’ category.


Not a lot is said these days about Microsoft when talking about smartphones and tablets. Sure, people know their new products are coming but most people don’t believe they’ll be all that relevant once they arrive (“it’s still not an iPhone” the Apple fanboys will say, as they always do).

I think very differently – I’m extremely bullish on Microsoft smartphones and tablets. The reason? Enterprise.

The consumer market has largely driven smartphone sales in the last couple of years, but people forget the fact that it all began years before with RIM in the enterprise. iPhones and Android smartphones and tablets have started creating all kinds of disruption – so much that an entire trend has been named and fully accepted by industry pundits; the so-called “consumerization of IT”.

While I don’t think this trend is even partially B.S. I do believe it’s overstated. A much more long-winded way to describe what’s been going on is “consumer-focused smartphones and tablets with very useful innovations have been adopted by geeks, receptionists, sales guys, executives – everyone! – and because there aren’t any enterprise-friendly viable alternatives, IT organizations have had to figure out a way to allow the use of them within their so-called secure environments”.

Basically it hasn’t, and still doesn’t seem to be, in either Google’s or Apple’s interests to inject enterprise control-ablity (that’s a word because I just added it to my dictionary!) into their respective mobile platforms. They focus on the consumer market and apparently don’t care to at this point.

From the other side, it’s pretty much a foregone conclusion that RIM has largely failed the enterprise market with its sub-par responses to the iPhone/Andoid and the iPad (I don’t think android tablets are worth talking about in the same light as the iPad just yet, though the latest Samsung tablet looks pretty sweet!), which has left a gaping hole for IT departments in terms of offering some of the same value with enterprise-friendly devices.

Enter Microsoft.

After being late to the party and suffering a few false starts (Windows Mobile), their new generation of smartphones and the certainty of subsequent tablets are looking very promising, and they are in a great position to fill the enterprise niche that’s starving to be served.

Everything I’ve heard so far about the Microsoft phones is good – the screens are great, the O/S is responsive, the phones do what they should (handle phone calls), their app store is already respectable, secure, and most importantly growing with a developer ecosystem that’s well supported.

Combine that with their secret sauce – cloud-based Office apps that you can properly edit with your smartphone/tablet and the ability to provide a premium experience around Exchange and AD (which absolutely owns the enterprise email/calendaring space), and it’s starting to look pretty compelling to IT departments to make Microsoft their preferred vendor for smartphones and tablets…assuming one thing…

Their challenge is going to be opening up (just enough without degrading some of the valuable security principles coming from the iOS/Android models) the underlying O/S to IT admins and security vendors (like Sophos!), enabling IT departments to enforce policies and secure their data more effectively. [DISCLAIMER: I honestly don’t know enough about the platform/APIs to say whether they’ve succeeded or failed at this or whether it’s a work in progress, so unfortunately I’m just speculating on what they should do, not what they are doing or have done.]

Currently iOS and Android suck at this, and it’s causing all sorts of headaches for security vendors (this i can say with certainty!) who can’t give IT admins the control they need, and IT administrators who can’t enforce the policies that the organization wants to enforce, and thus can’t satisfactorily secure their data, which prevents them from more quickly leveraging new technologies that could give them a competitive advance.

So a Microsoft as a compelling alternative makes a ton of sense to me. A couple of more reasons why I think this is inevitable:

  • See my previous post on cloud-based apps and how all the good ones are (or should be) aiming to be platform agnostic, meaning Apple’s advantage here will be degraded over time.
  • People don’t want to buy their own phone, pay their own data bills, and deal with the headache of not aligning with their organization’s IT policies. If a Microsoft phone can give me all of my favourite apps AND my company pays for and supports it because they can control and secure it, that’s a no-brainer to 90% of workers out there./li>
  • In the enterprise most people still live and die in Outlook, Word, and Excel (and OneNote if Microsoft got their sh!t together on that…sorry – tangent). A premium experience delivered on tablets and mobile phones would be much more valued than having an iPhone because it’s an iPhone. Right now the email/calendaring experience on every phone and tablet just sucks compared to sitting in front of Outlook on a PC (ok, fine, or a Mac).

So I suppose this is both a predictive AND hopeful post, because Microsoft can definitely still screw this up.

They need to build up an app store with all of the same relevant apps, and make it easy and profitable for developers to build on their platform.

They need the platform and overall experience to be fast, responsive, and beautiful…and ideally different in a few ways that are meaningful to buyers (ability to upload files from SkyDrive in a mobile browser? Flash? Etc.?).

They need to quickly build up market share by enabling their hardware/provider partners to go after IT departments and sell hundreds or thousands of phones in a single deal to entire organizations who want out of their Blackberry prisons.

But most of all, they need to enable some level of policy enforcement for IT departments.

They could still screw it up. But my hope is that they don’t. If they can manage to execute with even a few stumbles, they could greatly improve their position in the new tech landscape in a variety of ways and give their faithful enterprise customers a whole lot of value.

…and I could get rid of my crappy Torch and have a cool phone and tablet that my company can control…

Hmmm. Ok, so one solution creates a whole different set of challanges. Maybe now’s the time for me to shamelessly plug Sophos Web Protection, which allows organizations to secure their data and protect their users with the flexibility to allow said users to continue to enjoy their favourite websites and services – the best of both worlds!



The Cloud. Notice the capital ‘C’. It’s an entity, a buzzword, a misnomer, and of course, The Future (also capitalized for dramatic effect).

But for me the tipping point has hit, as I’m sure it has for a number of you, where – with only a handful of exceptions – if an app or service does not utilize the cloud I’m now generally considering it incomplete or inferior (consider this the “guilty before innocent” approach if you like).

I’m speaking specifically about the promise of ready access to your data, no matter where you are, coupled with the comfort of knowing that you don’t need to worry about losing said data – it’s replicated and highly available in mysterious and powerful data centers hidden around the world. <insert dramatic music here>

No longer do you need to experience the loss of your entire set of contacts because they lived only in your phone that you just dropped in the toilet. I still see the odd Facebook post from some people asking me to send them my contact information because they’ve recently lost all their contacts, and I wonder how they can still be allowing that to happen when it’s so unnecessary. They are much fewer and far between than even a year ago, however, so there’s hope for those poor saps yet.

But while contacts are certainly one of the more valuable sets of data to people, most everything is increasingly falling into the bucket of “information that should be readily available regardless of location, device, etc.”, including media, articles, preferences, etc.

Note that what I’m talking about doesn’t mean I need everything instantly available everywhere (reports of Apple’s iCloud experience freak me out a little – every blurry picture you take is immediately uploaded and available on your Apple devices everywhere?) – it simply means that the onus should no longer be on the user to have to copy files around and hope they haven’t forgotten or missed anything; synchronization should occur intelligently according to the type of data and the user’s need. Such an idea is seldom well-executed, which is why Dropbox’s implementation of a general purpose cloud storage application is such a hit. It just works, like you’d expect.

The most successful apps moving forward will provide a device- and location-agnostic experience, and that will and should be the norm. There are a plethora of examples already of opportunities lost, like why it’s taken so long for Microsoft to cloud-enable OneNote and their other Office products in general, but I do get the sense that in taking their time they have tried to get it right, and I’m hopeful that their SkyDrive & Office365 services deliver as promised. Still, too many applications, both traditional and the newer Apple style of “apps”, have a lot of work to do in this area.

Privacy is of course still a concern, but the value that these cloud-enabled apps can provide far outweigh the perceived risk…for consumers, at least for now. Enterprises have a much tougher job of reconciling the value against data security fears (which are completely legitimate), but I’m certain the majority of consumers don’t give too much pause to the relinquishing of control they’re unconsciously allowing to occur when it comes to privacy.

While this can and has led to some interesting/frightening stories in isolation, it won’t stem the tide of this trend and like iPads in the enterprise, it will influence organizations into consciously making the trade-offs while at the same time demanding more data security from the service providers.

I do believe that industry-strength data security will eventually become a differentiator for these services, but for now it’s taking a back seat to the convenience and ability NOT to lose your data that leads to a feeling I think of as “Cloud Comfort”.

The bottom line is that if you’re a user, start leveraging this trend and stop losing data and/or not having it when you most need it. This is a strategic advantage for you as a person – you can enrich your experiences and be more efficient in your business and personal life by doing so.

As a developer, enable your application to leverage the cloud…intelligently. Even if you’re writing a simple app, imagine how you might make it stickier, or improve your ability to monetize it, by adding value like the ability to store and sync preferences, data, favorites, whatever. Remember: Data Is King – it’s what drives the use of your application. I appreciate this makes things more complicated, but if you’re serious about building a business around your app or service, this is quickly becoming a necessity.

What I mean is that I see a device-agnostic model to offering services as an absolute necessity – to be legitimate you already need to address the Big 2, Apple and Android. Blackberry is still a serious nice-to-have, and I think Microsoft will play a much greater role moving forward, especially as desktops increasingly adopt the app store model. So to provide continuity of experience, that means sync’ing between devices.

It’s also a great way to avoid getting a 30% hit on your revenue compliments of Apple et al. It’s clear that people aren’t afraid to sign up for services and offer up their credit card over the web these days, so a valid model is to offer the app for free and retain all of the profits for yourself by allowing them to sign up for your service out of band or once you’ve got them hooked on your app/service (think Dropbox, Amazon, Evernote, XMarks, etc.). This is an experience I’m happy to participate in if it means I can use a service from various places and no matter what model your app adheres to re generating profits, you can provide a consistent buying opportunity, advertisement experience, etc. through this approach.

The best example of this that I’ve had recently is with Amazon’s Kindle app. It’s on my iPad, where I do most of my reading, but I’ve also installed it on my laptop and desktop computers because of some books I use for reference while I experiment with learning more about mobile app development. And if I’m ever able to give up my Blackberry for a Microsoft or Android smartphone, I’d expect it to be there too, working the same way and providing the same service to me regardless of where and on what device I’m using it.

When it’s executed properly it’s pretty darn sweet, and can benefit both the providers and consumers of an app/service. I can ignore all of my nagging data security questions for now (depending on the data this can be easier or more difficult), given the fact that I’m able to pull up the information I need wherever I am, and never lose it.

That is cloud comfort to me, and luckily we’re on our way to much more of it in the very near future.

Now if we could just solve all of those data security issues…