By Robbie Forkish as written on techcrunch.com
It seems like a fair trade: Get your favorite mobile apps for free, be shown annoying ads in return.
But that’s not all you’re doing in return. In reality, this trade has you giving up a great deal of personal information. Mobile apps collect a massive amount of personal data — your location, your online history, your contacts, your schedule, your identity and more. And all that data is instantly shared with mobile advertising networks, which use it to determine the best ad for any given user at any given time and place.
So, the trade-off isn’t really ads for apps — it’s intrusive mobile surveillance for apps. By agreeing to free, ad-sponsored mobile apps, we’ve consented to an economic model that entails continuous and comprehensive personal surveillance. It’s what Al Gore accurately characterized as the stalker economy.
Why is our personal, locational and behavioral data so coveted by marketers? Because a smartphone is something that we as consumers carry everywhere we go, and it’s constantly broadcasting personal data of all kinds. If advertisers know who we are, where we are and what we’re doing, they can deliver more effective ads. It’s called proximity marketing. It’s the Rite Aid ad that pings your phone as you walk through the aisles: “Save 10% now on mouthwash.”
Sounds innocuous, if annoying. But it goes much further than this. We’ve now enabled a system where a major retailer can know, for example, that a teenager is pregnant before her parents do simply by correlating her activity, search and purchase data. That retailer can then reach out via mail or email, or target her via phone when she is near a point of sale. This intrusion on our collective privacy isn’t going away anytime soon (if ever), as the economic incentives for app developers and advertisers are too strong.
A compromised smartphone represents a threat not just to the targeted employee but to the entire company.
OK, agreed, this kind of consumer surveillance is intrusive and creepy. But how does it threaten enterprise security? Simple. As more personal mobile devices invade the business world, leaks from those devices are opening the door to corporate hacks, stolen business data and crippling cyberattacks.
For instance, if a company lets its employees sync their corporate calendars and email accounts to their personal mobile devices, this opens up all sorts of risks. Suddenly, employees’ phones contain or can access the contact information of everyone in the organization. Further, any other mobile app that requests access to the employees’ contacts and calendar also gets access to the names and titles of company employees, as well as the dial-in codes for all private conference calls. This information can easily be put to effective use in a spear-phishing attack by a malicious app or hacker.
Worse, many apps monetize their user bases by sharing data with ad networks that share and combine data with other networks, so it’s impossible to know where exactly data is going and whether it’s being handled in a secure fashion by any of the many parties that have access to it. All of this sharing means a malicious hacker doesn’t even have to directly access an employee’s phone to attack a company. He can hack an ad network that has information from millions of users and go from there.
Stolen information can also be used to attack an enterprise through a watering-hole attack. Say a small group of executives have lunch regularly at a local restaurant. An attacker with access to their geolocation data could easily know this. The attacker correctly assumes that some of the execs are accessing the restaurant’s website to make reservations and browse the menu before lunch. By placing malware on the lightly defended site, the attacker is able to compromise the office computer or mobile device of one or more company executives. From there, a successful breach is launched.
A compromised smartphone represents a threat not just to the targeted employee but to the entire company. Information about employees’ activities, both on the job and elsewhere, combined with any company-related emails, documents or sensitive information, can be devastating to an organization if it gets into the wrong hands.
So what should enterprises do to combat the threat?
The first step is to get visibility into your mobile environment. Your organization needs to know which apps employees are using, what those apps are doing and whether or not they comply with corporate security policies. For example, is there a particularly risky file-sharing app you don’t want employees to use? Is it already being used? If you don’t know the apps employees are using for work, you are flying blind and taking a huge risk.
It is imperative that your enterprise include mobile threat protection as part of its overall security strategy.
Second, you’ll need a policy for managing the use of mobile devices. Most organizations already have policies for other platforms, including managing firewalls and sharing data with partners. It’s equally important to create these policies for mobile. For instance, if employees are using free versions of apps that are approved by the company but ad-supported, create a policy that requires employees to upgrade to the paid version to minimize, if not eliminate, unsanctioned data in the form of ads being sent to employees — though it doesn’t eliminate the relentless collection of personal and private data.
Next, your organization should educate employees about the risks of the apps they download. It’s in your best interest to empower users by arming them with tools and training to make better decisions about which apps they download. For instance, coach your employees to question apps that ask for permission. There are lots of apps that want to access location, contacts or camera. Employees don’t have to say yes automatically. Most apps will work fine if the request is denied, and prompt users if a permission is actually needed. If an app does not say why it needs access, that’s a big red flag.
Finally, all of these areas can be addressed with a good mobile security solution. Any enterprise without a mobile threat protection solution is by definition unaware of what information is leaking and from where, and unable to address the risks that exist in its environment. It is therefore imperative that your enterprise include mobile threat protection as part of its overall security strategy in order to protect employee privacy and company data from the ever-growing threat of mobile surveillance and data gathering.
New Microsoft Garage mobile app, Clip Layer, provides easy sharing of information across Android apps
Nowadays, it’s common to use your smartphone to share articles, photos, directions and much more. While some apps make it easy to do that, others don’t. But with a new app released through the Microsoft Garage called Clip Layer, you can easily snip and share almost anything that appears on an Android screen.
Clip Layer applies a universal overlay over any screen that makes it quick and easy to select a snippet of information, copy it and act on it by sharing or including it in an email.
“Like a lot of people, my phone is the center of my life,” says Steve Won, a senior designer with Microsoft’s Office team and creator of Clip Layer. “I like to share what I’ve seen and I noticed a couple of problems unique to consuming on a smartphone.”
For instance, he found it hard on some apps to select anything, and even if there was a way to do that, it was oftentimes cumbersome to press and hold on content and then to drag two grabbers, which was required in order to select. He noticed it was a common problem across apps, and it became the starting point for this project.
This is Won’s second app released through The Garage following Hub Keyboard, which uses an Android keyboard to show a clipboard, pull contact info, get document links from the cloud, translate, show web results and allow rephrasing of sentences through a thesaurus.
“If I take another step back, the root of the issue is similar to Hub Keyboard,” Won says. “Apps being silo’d is a common problem for both, as there is no standard way to share or pull information across apps. There’s been a lot of growth with smartphones and ecosystems, as there are more apps that come into stores, but the same problem keeps persisting: less apps able to talk with each other, as they’re designed to work independent of each other. But while the keyboard is focused on input and only shows up when the app allows input, Clip Layer has more coverage and works on any screen. Hub Keyboard was focused composing, and this one is focused on sharing and re-using what already exists.”
After his team’s success with Hub Keyboard, which confirmed the problem of silos and validated the approach of giving users more to do with keyboards, he turned to consuming and sharing without a keyboard through Clip Layer in April.
Hub Keyboard gave him hands-on coding experience, so he decided to develop Clip Layer by himself, as a design idea, and to provide insights to other teams at Microsoft interested in on-screen captures like this.
“I feel like The Garage gives us a lighter weight process to experiment and share a lot of learnings with other teams too,” Won says. “It’s a win-win for project teams and Microsoft.”
From Clip Layer, he wants to find out if the overlay approach solves the problem of sharing when there isn’t an obvious way of doing so in an app. And, he wants to find out what people do with the information – do they email it or share it on social media? How do they make use of it?
Going through The Garage process with Hub Keyboard helped prepare him better for submitting Clip Layer.
“It’s always smoother the second time around,” Won says. “Your first startup gets you ready for the second one. The first time around, besides product development, all this stuff was new to me – like the release checklist. I was a lot more anxious. This time around, at least I had a better idea of the entire picture. I had peace of mind, knowing what to expect and how to plan for everything.”
[vc_row][vc_column][vc_column_text]
Windows 10 Tip: Use Cortana above your lock screen
Today, we’re going to show you how your personal digital assistant, Cortana*, can help you with all kinds of tasks across your device – even above your lock screen, thanks to the Windows 10 Anniversary Update.
Cortana allows you to perform tasks including set timers, track flights or even check the traffic, just using your voice. And now, with the Windows 10 Anniversary Update, you can talk to Cortana on your PC’s lock screen.
Here’s how to use Cortana above your lock screen:
Start by saying “Hey Cortana,” and ask her what the weather will be like this week, to remind you to do something or to play your favorite songs – without unlocking your device!
Check out Cortana’s Tips and Tricks menu in your taskbar to see what tasks Cortana can help you with, and have a great week!
[/vc_column_text][/vc_column][/vc_row]
[vc_row][vc_column][vc_column_text]
Try the OneDrive app for Windows 10 on your PC to access all your files
By Reuben Krippner as written on blogs.office.com
We’re continually working on making the OneDrive experience on Windows 10 even better. Today, we’re releasing an update that brings the OneDrive app to your Windows 10 PC and the Surface Hub─a top requested feature on our UserVoice forum.
The new OneDrive sync client already comes pre-installed on Windows 10 PCs, allowing users to easily access their synced files through File Explorer. But this new app is a great touch-friendly complement to sync that lets you open, edit and share any of your personal or work files without having to sync them to your device.
Additional features previously only available in the browser experience are also available, such as restoring files from the Recycle Bin, easily dragging and dropping files to the app to upload them, quickly accessing recent documents─which will open directly in the Office applications on your computer─finding files shared with you by others and more.
This update delivers OneDrive experiences to even more devices, and we will bring other capabilities to this platform over time. As we announced last week, this app will also provide an easy and lightweight way to access your company’s SharePoint libraries, and we look forward to sharing additional details on what else we’re working on very soon.
In the meantime, make sure Windows 10 is up-to-date and head on over to the Store to download the app.
[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]
[/vc_column_text][/vc_column][/vc_row][vc_row css=".vc_custom_1496404478627{background-color: #4e8abf !important;}" font_color="#ffffff"][vc_column][vc_column_text]
For More Information on Microsoft and other Cloud Solutions, Contact Us at 800-208-4037
[/vc_column_text][/vc_column][/vc_row]
[vc_row][vc_column][vc_column_text]
Sharepoint is going mobile this year with a new app
By Blair Hanley Frank as written on cio.com
SharePoint is going mobile in a big way. Microsoft announced a new app for its content management and collaboration platform on Tuesday, which will give workers a way to access content from their smartphones and tablets on the go.
The app, called SharePoint Mobile, will be coming to iOS by the end of June, and is one of dozens of new features for the platform that Microsoft announced alongside the general availability of SharePoint Server 2016.
Other capabilities include redesigned team sites that make it easier to see relevant files that people are working on and a hybrid search functionality that works across cloud and on-premises versions of SharePoint.
After 15 years on the market, SharePoint is still going strong. The enterprise content management and collaboration platform software is getting a number of updates over the coming year, to benefit the more than 200,000 companies, 50,000 partners and one million developers working with it today.
The SharePoint Mobile app is aimed at helping people get quick access to four types of information from SharePoint: news from across the company, the sites that people use the most, quick links to important pages and a list of their coworkers. It will work both with SharePoint Online and some on-premises versions of SharePoint Server.
Using information from the machine learning-powered Microsoft Graph, the mobile app will be able to pick out who people work with the most and what SharePoint sites they use most frequently, and make those more readily available than less-used information. That same capability will also power functionality inside the app that shows users files relevant to them.
Microsoft said Android and Windows versions of the SharePoint Mobile app will be coming later this year.
OneDrive is also getting some updates enhanced by machine learning. This quarter, OneDrive mobile app users will be able to access their SharePoint Online document libraries, and get suggestions of useful documents shared with them both through OneDrive and SharePoint.
Those document suggestions are similar to what Microsoft has been doing with its Delve product, which also uses the Microsoft Graph to show users what other people in their organization are working on.
SharePoint's Web incarnation is also getting several major updates including a redesigned sites layout and a new Home page that gives users an at-a-glance look at the team sites they're a part of along with quick updates from those sites.
Companies that are concerned about securing their internal file sharing will also get access to new tools that both help them manage how their employees share data and provide more robust security capabilities that lock down SharePoint in its entirety.
This quarter, Microsoft will release dynamic conditional access policies that let administrators define levels of access based on a person's identity, what app or device they're using and their network location. That means an administrator could prevent users from accessing high-security files stored in SharePoint from a mobile device that the company doesn't control.
Later this year, customers will be able bring their own encryption keys to lock down data stored in SharePoint.
Finally, SharePoint developers will get a new set of tools to help them build on top of the service. This summer, Microsoft is going to release a new SharePoint Framework that lets developers use modern JavaScript and Web tempting frameworks across SharePoint in the cloud and on premises.
Anything that developers build with the Framework will by default integrate with SharePoint Mobile so that users can get access to it on the go. That only scratches the surface of the developer announcements, which also include new APIs and support for Webhooks.
That's only a small segment of what Microsoft has in store for the collaboration platform. There are plenty of more updates in the pipeline for 2016, including integration between Office 365 Groups and SharePoint sites and connections between SharePoint and Microsoft's new PowerApps and Flow citizen development tools.
[/vc_column_text][/vc_column][/vc_row]
[vc_row][vc_column][vc_column_text]
The Future of Mobile App Development
It is incredible how much has happened since Xamarin joined Microsoft just over a month ago, starting with Scott Guthrie’s Build 2016 announcements that Xamarin is now part of all editions of Visual Studio at no additional charge — from Community to Enterprise — and our plans to open source the Xamarin SDK. It is a dream come true for us to be able to put the power of Xamarin into the hands of all developers.
In just the first two weeks since Build alone, we helped nearly 3.5 times more developers get started building great apps with Xamarin than ever in our history as a company.
Now we are at Xamarin Evolve 2016, the world’s largest cross-platform mobile development conference, in Orlando. This morning we open sourced the Xamarin SDK and launched new ways to make Visual Studio the most complete mobile development environment. We also launched new ways to build native, cross-platform apps faster than ever using our popular cross-platform UI framework, Xamarin.Forms.
This is our third Evolve conference, but the first time we are showing the comprehensive developer experience that only Microsoft and Xamarin together can deliver.
Open source Xamarin: Ready for you!
We have officially open sourced and contributed to the .NET Foundation the Xamarin SDK for Android, iOS and Mac under the same MIT license used for the Mono project. This includes native API bindings for iOS, Android and Mac, the command-line tools necessary to build for these platforms, and Xamarin.Forms, our popular cross-platform UI framework.
Watching Xamarin co-founder and open source pioneer Miguel de Icaza announce this onstage was a proud moment for all of us. The future of native cross-platform mobile development is now in the hands of every developer. We look forward to seeing your contributions; go to open.xamarin.com to get involved.
Visual Studio: Your complete mobile development environment
Today we launched new ways to connect Visual Studio to your Mac to make it even easier for C# developers to create native iOS apps, and new ways to auto-generate mobile app test scripts in Visual Studio.
Our iOS Simulator remoting lets you simulate and interact with your iOS apps in Visual Studio — even supporting multi-touch interactions on Windows machines with capable touch screens. We also unveiled our iOS USB remoting, which makes it possible to deploy and debug apps from Visual Studio to an iPad or iPhone plugged into your Windows PC.
In addition, our Test Recorder Visual Studio Plugin now brings Test Recorder’s ability to generate test scripts to Visual Studio users. Simply interact with your app on device or in the simulator and Test Recorder automatically generates scripts that can be run on thousands of devices with Xamarin Test Cloud’s automated app testing.
Xamarin.Forms: Faster and easier mobile app development
We launched Xamarin.Forms a few years ago to help developers build mobile apps faster, maximizing UI code-sharing while still delivering fully native experiences.
Today, we showed three key new features that will be coming to Xamarin.Forms. Data Pages and Themes make it easy to connect apps to common entities and data sources, and create beautiful, native user interfaces with just a few lines of code. The Forms Previewer makes it easy to iterate on your Xamarin.Forms UI designs by providing real-time previewing of Xamarin.Forms user interfaces composed in XAML.
The new, mobile-optimized development lifecycle
We were able to show today the most streamlined mobile lifecycle available anywhere through our combined product lineup, including integrations between Visual Studio Team Services, HockeyApp and Xamarin Test Cloud. Through our combined mobile lifecycle solution, you now have a complete solution to build great mobile apps at scale, tackling the unique challenges of mobile DevOps.
We’ve heard great enthusiasm from our customers. Bryan Hooper, senior director enterprise architecture at Bloomin’ Brands, talked about how they have “paired Xamarin with Microsoft’s Azure technology, and we’re really excited about the new partnership between the two organizations.” Darrell Thompson, vice president of information system services at Coca-Cola Consolidated, says that “Xamarin and Microsoft have been excellent partners and brought our mobile development to a whole new level.”
[/vc_column_text][/vc_column][/vc_row]
Kardashian Website Security Issue Exposes Names, Emails Of Over Half A Million Subscribers, Payment Info Safe
by Sarah Perez (@sarahintampa) as written on TechCrunch.com
Alongside the launch of the Kardashian and Jenner mobile apps, which are now dominating the App Store after seeing hundreds of thousands of downloads apiece in their first days on the market, the celeb sisters also released new websites designed to help them better connect with their fans while offering a more personal look inside their lives.
However, one enterprising young developer dug around those websites and immediately found an issue. Due to a misconfiguration, he was able to access the full names and email addresses of over 600,000 users who signed up for Kylie Jenner’s website as well as pull similar user data from the other websites.
In addition, the developer said he had the ability to create and destroy users, photos, videos and more, though we understand he didn’t actually take those actions.
The developer in question, 19-year-old Alaxic Smith, had some interest in the celebrity biz already. As the co-founder of Communly, he’s been working on a mobile app that lets users connect with others who share their interests, including tracking new information about favorite celebs, for example.
On blogging site Medium, Smith explained how he was able to access the user data from Kylie Jenner’s website. He also noted that his explorations initially began as idle curiosity about what was powering the new sites under the hood, rather than being some malicious hack or even a more focused attempt at uncovering security vulnerabilities.
Writes Smith: I’ll admit I downloaded Kylie’s app just to check it out. I also checked out the website, and just like most developers, I decided to take a look around to see what was powering the site. After I started digging a little bit deeper, I found a JavaScript file namedkylie.min.75c4ceae105ad8689f88270895e77cb0_gz.js. Just for fun, I decided to un-minify this file to see what kind of data they were collecting from users and other metrics they may be tracking. I saw several calls to an API, which of course made sense. I popped one of those endpoints into my browser, and got an error just liked I expected.
Smith then logged into the website with his own user name and password and was directed to a web page that contained the first and last names and email addresses of the 663,270 people who had signed up for the site, he says.
Following this discovery, Smith realized he could perform the same API call across each of the other sisters’ websites and return the same data. Besides being able to access this user data, Smith says he found he was also able to create and destroy users, photos and videos.
Office Mobile apps for #Windows10 are here! Created to work in the cloud and on-the-go, now you can enjoy the Office you love from anywhere. Learn more: http://off365.ms/hW4CXw
