Tuesday, April 15, 2014

M2M News Weekly – Week of April 13, 2014

Welcome to M2M News Weekly, an online newsletter that consists of the most interesting news and articles related to M2M (machine to machine) and embedded mobile devices.  I aggregate the information, include the original links and add a synopsis of each article.  I also search for the latest market numbers such as market size, growth and trends in and around the M2M market.

Also read Enterprise Mobility Asia News Weekly
Also read Field Mobility News Weekly
Also read Mobile Commerce News Weekly
Also read Mobile Cyber Security News Weekly
Also read Mobile Health News Weekly
Also read Mobility News Weekly

Looking for an enterprise mobility solution?  Read the Mobile Solution Directory Here!

According to a new research report from the analyst firm Berg Insight, the number of devices with cellular or satellite connectivity deployed in oil & gas applications worldwide was 423,000 at the end of 2013. Growing at a compound annual growth rate of 21.4 percent, this number is expected to reach 1.12 million by 2018. Read Original Content

According to a recent report from Navigant Research, cumulative utility spending on IT systems for the smart grid will total $139.3 billion from 2014 through 2022. Read Original Content

Cisco Systems has announced a $1 billion investment in what it calls its Intercloud, a linked chain of datacenters providing services designed to capitalize on the Internet of Things. Read Original Content

The problem today is that “mobilizing” enterprise applications using MEAPs and MADPs can cost hundreds of thousands to millions of dollars, and can take months or years to implement. StarMobile is a cloud-based enterprise mobility solution that dynamically transforms any packaged on-premise or cloud-based application, or custom-built system, into a mobile application. We deliver enterprise mobility at 5 percent to 20 percent of the cost and time of any other solution on the planet, typically $5 per user per month for unlimited mobile apps. Learn More http://starmobileinc.com/unlimitedmobileapps

According to Research and Markets the global connected home M2M market in the U.S. is set to grow at a CAGR of 35.61 percent over the period 2013-2018. Read Original Content

Analysts forecast the M2M market in India to grow at a CAGR of 33.81 percent over the period 2012-2016. The new income opportunities generated through the adoption of M2M technology constitute one of the key factors for this market growth. The M2M market in India has also been witnessing a shift from voice services to data services. Read Original Content

By 2020, 50 billion machines will be connected to the Internet and will be able to communicate with each other. That's a prediction the CEO of GE Australia, Steve Sargent, is backing, adding there’s a lot of untapped opportunity that infrastructure and technology organizations can take advantage of. Read Original Content
Analysts forecast the Global Connected Health M2M Services Market to grow at a CAGR of 30.08 percent over the period 2013-2018. One of the key factors contributing to this market growth is an increase in aging population. Read Original Content

A Markets and Markets study reports that the global M2M Satellite Communication Market is expected to grow from $2,983.4 million in 2014 to $4,763.4 million by 2019, at an estimated compound annual growth rate of 9.8 percent from 2014 to 2019. Read Original Content

The analysts forecast the Global Smart Grid Managed Services market to grow at a CAGR of 51.29 percent over the period 2012-2016. One of the key factors contributing to this market growth is the emergence of smart grids. Read Original Content

According to Frost and Sullivan the smart grid market worldwide is forecast to witness a compound annual growth rate of 26.6 percent, reaching $125 billion by 2017, with 75 percent of Europe anticipated to be smart grid-enabled by 2018, the report said. Read Original Content

Latest Articles on http://mobileenterprisestrategies.blogspot.com

IoT Devices and Apps for both Industry and Consumers
Digital and Innovation Expert Interview: Sean Middleton
The Definitive Guide to Heartbleed and Enterprise Mobility
Could Mobile Devices and the Internet have Prevented the Rwandan Genocide?
HTML5 and the Future of PhoneGap and WebView+
Increasing Productivity and Getting Strategic with Geospatial Information Systems

Webinars of Note (Recorded)

BYOD Security Battle: No Data at Rest vs. Containers
Cloud Middleware: The Key to Scalable Enterprise Mobility
Lean Manufacturing and Mobile Tech: On-Site Opportunities
Rapidly extend any enterprise application to mobile devices without coding, APIs, or integration.
Retail and Mobile Tech: In-Store Opportunities
Top 5 Mobile Apps for Sales Success

Whitepapers of Note

Don't Get SMACked - How Social, Mobile, Analytics and Cloud are Reshaping the Enterprise
Making BYOD Work for Your Organization
Managing BYOD and Legacy Systems
The Secret to Enterprise Mobile Application Adoption
Secure BYOD Apps in a Mobile World
Solving The Mobile Developer Scarcity Problem
The True Cost of Mobility

************************************************************************
Kevin Benedict
Senior Analyst, Digital Transformation, EBA, Center for the Future of Work Cognizant
View my profile on LinkedIn
Learn about mobile strategies at MobileEnterpriseStrategies.com
Follow me on Twitter @krbenedict
Join the Linkedin Group Strategic Enterprise Mobility
Join the Google+ Community Mobile Enterprise Strategies
Recommended Strategy Book Code Halos
Recommended iPad App Code Halos for iPads

***Full Disclosure: These are my personal opinions. No company is silly enough to claim them. I am a mobility and digital transformation analyst, consultant and writer. I work with and have worked with many of the companies mentioned in my articles.

Mobile Health News Weekly – Week of Week of April 13, 2014

The Mobile Health News Weekly is an online newsletter made up of the most interesting news and articles related to mobile health that I run across each week.  I am specifically targeting information that reflects market data and trends.

Also read Enterprise Mobility Asia News Weekly
Also read Field Mobility News Weekly
Also read M2M News Weekly
Also read Mobile Commerce News Weekly
Also read Mobility News Weekly

Looking for an enterprise mobility solution?  Read the Mobile Solution Directory Here!

Biomeme’s Smartphone-enabled lab has mobile qPCR thermocycler, which is designed to amplify trace amounts of DNA to identify particular strains of pathogens by their DNA signature. It’s also designed to do real-time disease tracking at the point of care.  Read Original Content

The European Commission has announced a consultation that asks digital health companies and others for help in identifying ways to encourage and regulate mobile health, which the Commission defines as “ways to enhance the health of Europeans with the use of mobile devices.”  Read Original Content

So far the FDA has approved only about 100 mobile medical devices, which leaves thousands of consumer-oriented health applications without government oversight.  Read Original Content

Catavolt is the most secure way to rapidly build mobile apps that work with all enterprise systems and all mobile devices. IT departments rest easy with Catavolt’s industry-leading “No Data at Rest” security platform, and a no-coding app creation approach that efficiently addresses the backlog of business requests for mobile apps. Business users receive apps that are custom-tailored to their business process, and a high-performance, native user experience that fully utilizes the devices they carry today. This newsletter is sponsored in part by Catavolt.

According to MedData Group, at least two-thirds of American doctors surveyed use mobile health apps on the job. But about two-thirds also think a truly connected healthcare system in the U.S. is more than five years away—or won’t happen at all.  Read Original Content

Mobile messaging as part of medical recovery treatment proves mHealth efforts can boost rehabilitation efforts for injured military personnel and help soldiers re-integrate following service, as shown in a recent pilot through mCare and the University of Pittsburg.  Read Original Content
The Global Remote Patient Monitoring market will grow at a compound annual growth rate of 15.44 percent over the period 2013-2018, according to ResearchandMarkets.com.  Read Original Content

A developer has created a neuroimaging app designed to work with Google Glass.  Created by Personal Neuro Devices. The technology, called Introspect, is designed to enable Google Glass to give neuro-feedback to clinicians and caregivers. The head-mounted, voice-activated tool could help passively monitor brain activity.  Read Original Content

While the global mHealth market is expected to hit $21.5 billion in four years, with an annual grow rate of 54.9 percent, a new analysis also reveals North America's days as the biggest market may be numbered.  Read Original Content

By 2015 an estimated 500 million people worldwide will use a health app, turning the industry into a $26 billion business by 2017. The sheer number of health apps is staggering, with more than 40,000 apps categorized as "health and fitness" or "medical" in Apple's app store alone.  Read Original Content

Some healthcare professionals may view telehealth as threatening and as a result, organizations should work to minimize potential disruptions, according to a new study published in BMC Health Services Research.  Read Original Content

Latest Articles on http://mobileenterprisestrategies.blogspot.com

IoT Devices and Apps for both Industry and Consumers
Digital and Innovation Expert Interview: Sean Middleton
The Definitive Guide to Heartbleed and Enterprise Mobility
Could Mobile Devices and the Internet have Prevented the Rwandan Genocide?
HTML5 and the Future of PhoneGap and WebView+
Increasing Productivity and Getting Strategic with Geospatial Information Systems

Webinars of Note (Recorded)

BYOD Security Battle: No Data at Rest vs. Containers
Cloud Middleware: The Key to Scalable Enterprise Mobility
Lean Manufacturing and Mobile Tech: On-Site Opportunities
Rapidly extend any enterprise application to mobile devices without coding, APIs, or integration.
Retail and Mobile Tech: In-Store Opportunities
Top 5 Mobile Apps for Sales Success

Whitepapers of Note

Don't Get SMACked - How Social, Mobile, Analytics and Cloud are Reshaping the Enterprise
Making BYOD Work for Your Organization
Managing BYOD and Legacy Systems
The Secret to Enterprise Mobile Application Adoption
Secure BYOD Apps in a Mobile World
Solving The Mobile Developer Scarcity Problem
The True Cost of Mobility

************************************************************************
Kevin Benedict
Senior Analyst, Digital Transformation, EBA, Center for the Future of Work Cognizant
View my profile on LinkedIn
Learn about mobile strategies at MobileEnterpriseStrategies.com
Follow me on Twitter @krbenedict
Join the Linkedin Group Strategic Enterprise Mobility
Join the Google+ Community Mobile Enterprise Strategies
Recommended Strategy Book Code Halos
Recommended iPad App Code Halos for iPads

***Full Disclosure: These are my personal opinions. No company is silly enough to claim them. I am a mobility and digital transformation analyst, consultant and writer. I work with and have worked with many of the companies mentioned in my articles.

Monday, April 14, 2014

IoT Devices and Apps for both Industry and Consumers

By Caleb Benedict, Research Analyst, GIS/IoT


Recently Google acquired the home automation company Nest. Nest is a company that sells IoT (Internet of Things) enabled devices that allow homeowners to control the temperature of their homes through their smartphones, plus it sends notifications if it detects dangerous levels of smoke or carbon monoxide. This company is a great example of how IoT is expanding beyond its industrial roots.

Why would Google get involved in home automation systems?  Because their real goal is to collect, analyze and utilize data to provide more personalized online and mobile experiences. Cognizant calls this strategy "Code Halos" strategies.  Nest will provide Google with a much deeper understanding of consumers' "patterns of life."

In the next few years we will see widespread adoption of IoT technologies for consumers. This will include a range of applications such as smartphone controlled appliances, home irrigation systems, alarm systems, home automation systems, smart-watches that monitor vital signs, Internet connected vehicles and new applications that we haven't even heard of yet. There is and will be massive expansion of the IoT for personal use.

IoT is growing quickly and is expanding into new industries. IoT strategies are currently being used in vehicle fleets, home automation and management, healthcare, manufacturing, smart grids, ATMs and much more. Not only are IoT applications being embraced by industry, but also by consumers.  In 2014 we are seeing many new Internet connected devices such as Google Glass, smart watches and smart appliances appear.

Some examples of IoT applications today:

Tracking vehicle fleets for increased accountability
Monitoring vehicle performance to maximize efficiency and reduce operating costs
Viewing electricity usage through smart meters
Managing production lines through M2M sensors
Internet connected-alarm systems
Monitoring vitals for hospital patients
Home management-systems that control thermostats, appliances, irrigation systems, etc.

Recent IoT market forecasts:

IDTechEx research has found that the wireless sensor market will grow to $1.8 billion by 2024. (http://bit.ly/1i5Q29P)

Gartner predicts the “internet of things” will hit 26 billion devices by 2020, up from 900 million five years ago, and this will increase the amount of information available to supply chain professionals, as well as exposure to cyber risks. (http://bit.ly/1e57GG6)

According to a recent report from Navigant Research, cumulative utility spending on IT systems for the smart grid will total $139.3 billion from 2014 through 2022. (http://bit.ly/1ka16DL)

************************************************************************
Kevin Benedict
Senior Analyst, Digital Transformation, EBA, Center for the Future of Work Cognizant
View my profile on LinkedIn
Learn about mobile strategies at MobileEnterpriseStrategies.com
Follow me on Twitter @krbenedict
Join the Linkedin Group Strategic Enterprise Mobility
Join the Google+ Community Mobile Enterprise Strategies
Recommended Strategy Book Code Halos
Recommended iPad App Code Halos for iPads

***Full Disclosure: These are my personal opinions. No company is silly enough to claim them. I am a mobility and digital transformation analyst, consultant and writer. I work with and have worked with many of the companies mentioned in my articles.

Enterprise Mobility Asia News Weekly – Week of April 13, 2014

Welcome to Enterprise Mobility Asia News Weekly, an online newsletter that consists of the most interesting news and articles related to enterprise mobility in Asia.  Asia is predicted to be the fastest area of growth for enterprise mobility between now and 2016.

Also read Field Mobility News Weekly
Also read M2M News Weekly
Also read Mobile Commerce News Weekly
Also read Mobile Cyber Security News Weekly
Also read Mobile Health News Weekly
Also read Mobility News Weekly

Looking for an enterprise mobility solution?  Read the Mobile Solution Directory Here!

Australian firm Cuscal has announced the launch of the initial trial of a host card emulation-based mobile payment capability in Australia and the Asia Pacific region.  The mobile payment solution will turn an NFC-enabled phone into a contactless payment device.  Read Original Content

The Japanese Fire and Disaster Management Agency is implementing a new system that will automatically send out emergency email alerts to mobile phones regarding any terror attacks or disasters.  Beginning April 1, the emergency emails will be sent to mobile phones in the area affected by the emergency.  Read Original Content

Brightstar has completed its acquisition of the Commerce and Services division of Japan’s SoftBank BB Corp.  The new company will remain headquartered in Tokyo, and Brightstar will become the primary worldwide distributor for SoftBank Selection brand mobile products.  Read Original Content

The True Cost of Mobility - Companies are under tremendous pressure to develop and deploy mobile apps for their business systems, yet the traditional approach to mobile app development typically costs $250K+ and takes 6+ months for a single app. Today IT professionals are exploring platforms that radically reduce costs and time-to-market for their mobile initiatives, especially around complex applications such as SAP, Oracle, or custom applications. Download the whitepaper - https://www.capriza.com/resources/whitepapers/?resource=true-cost-of-enterprise-mobility&adgroup=MES

Asian hotel booking website Agoda.com conducted an online survey during February 2014 regarding travel habits and behaviors.  The study showed that people from Asian countries feel mobile technology is the most important thing to remember when on vacation.  Read Original Content

A new Aruba Networks Survey of over 5,500 respondents in the Asia Pacific region reveals Japan (49.5 percent), China (42 percent) and Hong Kong (39 percent) respondents are among the users most attached to their connected devices. More than half (68 percent) prefer to connect to the Internet on their devices via Wi-Fi.  Read Original Content
A survey conducted by Strategy Analytics targeting more than 3,000 mobile users in the United States, China, the U.K., France, Germany and Spain, showed residents of China are the heaviest consumers of mobile video, with 59 percent watching mobile video every week vs. 40 percent of Americans.  Read Original Content

According to an analysis commissioned by the Australian Communications and Media Authority, mobile broadband has saved businesses time and money and made consumers more productive.  Businesses interviewed as part of the analysis reported the technology had reduced their costs by an average of 1.4 percent.  Read Original Content

Chip manufacturer Intel announced plans for a new innovation center based in Shenzhen, China, that will focus on helping Chinese hardware vendors build PCs and mobile devices with Intel chips.  Read Original Content

China-based Lenovo introduced four new Android tablets with prices ranging from $166 to $283 (in the U.K.), and displays measuring between 7 and 10 inches.  Read Original Content

Taiwan’s Science and Technology Minister Simon Chang recently stated the 5G mobile broadband network will become a vital driver of the country’s economy in 10 years.  The 4G network is scheduled to launch in the fourth quarter of 2014, and Chang pledged efforts toward propelling 5G technology toward full commercialization by 2025.  Read Original Content

India’s Tata Consulting Services has been designated a global leader in enterprise mobility services by International Data Corporation in the “IDC MarketScape: Worldwide Mobile Application Development, Testing, Management and Infrastructure Services 2014 Vendor Assessment”.  Read Original Content

Malaysia's internet traffic consumption increased by more than 50 percent in 2013 compared to 2012, the biggest percentage jump in over 10 years.  According to the Malaysian Internet Exchange, one of the contributing factors is the rapid growth of the number of smartphone users.  Read Original Content

Latest Articles on http://mobileenterprisestrategies.blogspot.com

Digital and Innovation Expert Interview: Sean Middleton
The Definitive Guide to Heartbleed and Enterprise Mobility
Could Mobile Devices and the Internet have Prevented the Rwandan Genocide?
HTML5 and the Future of PhoneGap and WebView+
Increasing Productivity and Getting Strategic with Geospatial Information Systems

Webinars of Note (Recorded)

BYOD Security Battle: No Data at Rest vs. Containers
Cloud Middleware: The Key to Scalable Enterprise Mobility
Lean Manufacturing and Mobile Tech: On-Site Opportunities
Rapidly extend any enterprise application to mobile devices without coding, APIs, or integration.
Retail and Mobile Tech: In-Store Opportunities
Top 5 Mobile Apps for Sales Success

Whitepapers of Note

Don't Get SMACked - How Social, Mobile, Analytics and Cloud are Reshaping the Enterprise
Making BYOD Work for Your Organization
Managing BYOD and Legacy Systems
The Secret to Enterprise Mobile Application Adoption
Secure BYOD Apps in a Mobile World
Solving The Mobile Developer Scarcity Problem
The True Cost of Mobility

************************************************************************
Kevin Benedict
Senior Analyst, Digital Transformation, EBA, Center for the Future of Work Cognizant
View my profile on LinkedIn
Learn about mobile strategies at MobileEnterpriseStrategies.com
Follow me on Twitter @krbenedict
Join the Linkedin Group Strategic Enterprise Mobility
Join the Google+ Community Mobile Enterprise Strategies
Recommended Strategy Book Code Halos
Recommended iPad App Code Halos for iPads

***Full Disclosure: These are my personal opinions. No company is silly enough to claim them. I am a mobility and digital transformation analyst, consultant and writer. I work with and have worked with many of the companies mentioned in my articles.

Digital and Innovation Expert Interview: Sean Middleton

Something new, this way comes!  Over the past couple of years, in increasing frequency, companies I am working with on digital and mobile strategies are asking advice on how to set-up an environment that encourages internal innovation.  Some have set-up innovation contests (think Someplace has Talent for those that can't sing), and others teach internal workshops.  Why bother?  Often the people closest to problems are those on the frontlines with innovative ideas, but no obvious path or budget to implement them.  These innovative ideas may be the right formulas for competitive advantages and success!

With this subject in mind, I arranged to interview digital and innovation expert, Sean Middleton, COO of the EBA (Emerging Business Accelerators), at Cognizant.  He runs the EBA which is the venture arm of Cognizant.  A place where innovative ideas receive an audience, get peer reviewed, funded and matured.  Enjoy!

Video Link: http://www.youtube.com/watch?v=ltSXl84_z5U&list=UUGizQCw2Zbs3eTLwp7icoqw&feature=share

************************************************************************
Kevin Benedict
Senior Analyst, Digital Transformation, EBA, Center for the Future of Work Cognizant
View my profile on LinkedIn
Learn about mobile strategies at MobileEnterpriseStrategies.com
Follow me on Twitter @krbenedict
Join the Linkedin Group Strategic Enterprise Mobility
Join the Google+ Community Mobile Enterprise Strategies
Recommended Strategy Book Code Halos
Recommended iPad App Code Halos for iPads

***Full Disclosure: These are my personal opinions. No company is silly enough to claim them. I am a mobility and digital transformation analyst, consultant and writer. I work with and have worked with many of the companies mentioned in my articles.

The Definitive Guide to Heartbleed and Enterprise Mobility

By Peter Rogers, Principal Mobility Architect, Cognizant
Peter Rogers

There has been a lot of media attention on Heartbleed and as always that means a lot of bizarre and often conflicting advice.  I sat down (for a very long time) to find the truth of the matter and bring it together in one single article for those involved in enterprise mobility.

What is Heartbleed?

“The [Heartbleed] bug is in the OpenSSL's implementation of the TLS/DTLS (transport layer security protocols) heartbeat extension (RFC6520). When it is exploited it leads to the leak of memory contents from the server to the client, and from the client to the server. The bug was introduced to OpenSSL in December 2011 and has been out in the wild since OpenSSL release 1.0.1 on 14th of March 2012. OpenSSL 1.0.1g released on 7th of April 2014 fixes the bug.”
[http://www.heartbeat.com/]

“An attacker can retrieve a block of memory of the server up to 64kb. There is no limit on the number of attacks that can be performed. The attacker has no control over the memory region where the block is read from. Sensitive information that can be obtained is: SSL private keys; Basic authorization strings (username / password combinations); and source code [most important also cookies]. This bug affects both sides of the connection. Not only will client certificates not save you from having to update your server certificate, they can be read from the client (along with your username, password etc.) by any server you connect to.”
[http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/]

“The Heartbleed bug is an example of Buffer Over-Read and that means that the offending OpenSSL heartbeat code does not check that this length is the actual length sent in the heartbeat request, allowing the request to ask for more data than it should be able to retrieve. The code then copies the amount of data indicated by the length from the incoming message to the outgoing message. If the length is longer than the incoming message, the software just keeps copying data past the end of the message. Since the length variable is 16 bits, you can request up to 65,535 bytes from memory. The data that lives past the end of the incoming message is from a kind of no-man’s land that the program should not be accessing and may contain data left behind from other parts of OpenSSL.”
[http://blog.cloudflare.com/answering-the-critical-question-can-you-get-private-ssl-keys-using-heartbleed]

The non-technical explanation from XKCD is slightly easier to follow (http://xkcd.com/1354/).

Here is a very good FAQ (http://www.mysqlperformanceblog.com/2014/04/09/heartbleed-separating-faq-from-fud/) and an actual screen shot of a Heartbleed attack from Fox-IT (http://foxitsecurity.files.wordpress.com/2014/04/heartbleed-example.png).

The important thing to note is that not only can a client potentially read data from a server but the converse is also true. This impacts mobile clients too and although Apple claim they are safe there were allegedly concerns around Android 4.1.1. If a client application is vulnerable on a mobile or desktop device then equally the server can act as a honey trap to steal information from the client. Web browser software and IM clients are the biggest concern, so please make sure you don't use obscure and vulnerable software.

Who is stealing what and why?

The important question is how we got into this mess. The first thing to point out is that this is not a floor in SSL/TSP, instead it is an implementation problem in the open source OpenSSL library.  A major contributing factor has been that TLS versions 1.2 came with OpenSSL 1.0.1 and after the BEAST attack everyone rushed to implement TLS 1.2. The current theory doing the rounds is that the NSA had already ‘found ways around’ SSL some time ago and this could have been by taking advantage of the Heartbleed bug. It is however noted that Man in the Middle (MITM) techniques are far easier, especially as some large companies act as their own Certificate Authority (CA). Edward Snowden leaked the existence of BULLRUN (a highly classified decryption program run by the NSA) and subsequently Edgehill (a similar program run by GCHQ) which subsequently prompted Google to double the size of their encryptions keys. We know that a number of companies knew about the vulnerability before it went public because they stated they had applied the patches at least a week ago. If you think about it a minute then OpenSSL is open source code which meant anybody could have worked it out and kept it a secret.

They say the exploit leaves no trace and so nobody actually knows if they have been targeted. Actually that statement isn't strictly true. A single heartbeat can potentially grab 64K of memory however an attacker can either keep reconnecting or during an active TLS connection keep requesting arbitrary number of 64 kilobyte chunks of memory content. There are now companies who are configuring their network monitoring software to watch for abnormal behaviour such as Fox-IT, who have developed a set of Snort signatures to detect successful exploitation of the bug.

The most important thing is what happens next and most hackers will be after what Heartbleed.com classes as primary key material.

“These are the crown jewels, the encryption keys themselves. Leaked secret keys allows the attacker to decrypt any past and future traffic to the protected services and to impersonate the service at will. Any protection given by the encryption and the signatures in the X.509 certificates can be bypassed. Recovery from this leak requires patching the vulnerability, revocation of the compromised keys and reissuing and redistributing new keys. Even doing all this will still leave any traffic intercepted by the attacker in the past still vulnerable to decryption. All this has to be done by the owners of the services.”
[http://www.heartbeat.com/]

Let’s imagine that a service provider has been using a vulnerable version of Open SSL 1.0.1 and the types of hacker that may target them based on time ranges:

1.       Soon after the vulnerability was released (14th of March 2012)
2.       Two or three weeks before the announcement was made public but was still being discussed in hushed circles
3.       Ever since the announcement (April 7th)
4.       Ever since the Heartbleed proof of concepts went live (April 8th)

The first group are likely to be very serious hackers or even possibly Government sponsored activities which are nothing to worry about unless you are of significant danger to anyone. The second group are likely to be serious hackers or service providers testing out vulnerabilities in their systems (and potentially partner solutions) after they learn of the issues. The third group is the rest of the world and depends on the general availability of OpenSSL vulnerability scanning software at that date. The fourth group covers hobbyist hackers because the proof of concepts are open source and highly available.

Unfortunately as of April 8th then anyone in the world can now test for this vulnerability using this widely shared Python Script (https://gist.github.com/takeshixx/10107280) and that puts it in the domain of hobbyists. Anyone can now dump a bit of RAM from a vulnerable server. It would definitely take a professional who can write their own script to make repeated heartbeats attacks and then got lucky with the timing of a server restart on a vulnerable operating system to be able to pull out a private encryption key. However, even an amateur can use Session Hijacking which means you look for cookies containing session IDs. In a single grab of memory then you are equally as likely to obtain a session ID or a username and password combination, and this is slightly harder to track for abnormal behaviour.

An example of which is running the Python proof of concept against a vulnerable JIRA ticketing system and pulling out a JSESSIONID (which is JIRA’s way of tracking your HTTP session). If the system requires authentication then you can just insert the stolen cookie into the browser and become that user on the JIRA installation. (https://www.mattslifebytes.com/?p=533)

Can you actually steal a private key?

The Heartbleed bug is an example of buffer over-read and here is the offending code for the programmers amongst us:

p = &s->s3->rrec.data[0]

[...]

hbtype = *p++;
n2s(p, payload);
pl = p;

[...]

buffer = OPENSSL_malloc(1 + 2 + payload + padding);
bp = buffer;

[...]

memcpy(bp, pl, payload);

In NGINX, the keys are loaded immediately when the process is started, which puts the keys very low in the memory space. This makes it unlikely that incoming requests will be allocated with a lower address space. If NGINX is reloaded, it starts a new process and loads the keys right away, putting them at a low address. On NGINX you can therefore retrieve user credentials, cookies and even public parts of the certificate but so far not the private part. It all depends therefore on the operating system and how often the servers are restarted. CloudFlare have even issued a challenge by leaving a server running nginx-1.5.13 linked against OpenSSL 1.0.1.f on Ubuntu 13.10 x86_64 (https://www.cloudflarechallenge.com/heartbleed)

That said there appears to be a proof of concept working on Apache for a first request which corresponds with the server being rebooted (https://twitter.com/kennwhite/status/453944475459805184).

The Certificate Revocation Tsunami

There is a genuine importance to the CloudFlare challenge and that is that if private keys can be stolen then there will be a whole lot of companies requesting certificates all at once leading to a so called Certificate Revocation Tsunami. Certificate Authorities are supposed to revoke certificates within 24 hours if there is any evidence of a key compromise. However, even if all of the affected certificates were to be revoked, contemporary web browser software handles certificate revocation poorly. For example, some browsers only perform OCSP revocation checks for Extended Validation certificates, while others ignore certificate revocation lists completely (http://news.netcraft.com/archives/2013/05/13/how-certificate-revocation-doesnt-work-in-practice.html). The other concern is the rush to create new certificates will lead to incorrect certificates being generated which in turn leads to Man In The Middle (MITM) exploits down the line.

"The certificate authority infrastructure was never built to do a mass revocation of this many certificates and because of the way the infrastructure is built, if you did do a mass revocation of millions of certificates it would significantly slow down the performance of the Internet itself, which is potentially very, very bad."
[http://www.washingtonpost.com/blogs/the-switch/wp/2014/04/11/no-joke-this-company-wants-to-be-hacked-with-heartbleed/]

“Such is the haste to fix the fallout of the Heartbleed bug, some certificate authorities and website administrators have been making careless mistakes. PayPal's Hosted Message Applications, such as the one at https://view.paypal-communication.com, are now using Extended Validation certificates issued by VeriSign on 10 April 2014. The CAB Forum requires certificate authorities to adhere to a stringent set of guidelines [pdf] when issuing EV certificates, and it is the CA's responsibility to verify the accuracy of the information in the certificate. In particular, they must verify that the legal name of the subject in an EV certificate matches the name which appears on official government records. However, this verification does not appear to have been performed correctly in the case of these certificates."
[http://news.netcraft.com/archives/2014/04/11/heartbleed-certificate-revocation-tsunami-yet-to-arrive.html]

How can I protect myself?

Here is a list of all the password changing advice from the various companies (http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/) and the results of a vulnerable scan performed on April 8, 12:00 UTC (https://github.com/musalbas/heartbleed-masstest/blob/master/top1000.txt ).

“Only 30,000 of the 500,000+ SSL certificates affected by the Heartbleed bug have been reissued up until today, and even fewer certificates have been revoked. Some of the first sites to deploy newly issued certificates in response to the OpenSSL vulnerability included Yahoo, Adobe, CloudFlare, DuckDuckGo, GitHub, Reddit , Launchpad, PayPal, Netflix and Amazon's CloudFront content delivery network.”
[http://news.netcraft.com/archives/2014/04/11/heartbleed-certificate-revocation-tsunami-yet-to-arrive.html]

Fox-IT have actually listed a set of vulnerability tests, along with advice of the next steps and have developed a set of Snort signatures to detect successful exploitation of the bug.

·         http://filippo.io/Heartbleed/ - a web based test
·         http://s3.jspenguin.org/ssltest.py- a python script to test for the vulnerability from the command line
·         (https://chrome.google.com/webstore/detail/chromebleed/eeoekjnjgppnaegdjbcafdggilajhpic) - for Chrome you can install the Chromebleed checker that alerts you when visiting a vulnerable site

Vendors are recommended to perform the following operations:

·         Upgrade the OpenSSL version to 1.0.1g (you can also recompile your OpenSSL 1.0.1 with the compile time option -DOPENSSL_NO_HEARTBEATS)
·         Request revocation of the current SSL certificate
·         Regenerate your private key
·         Request and replace the SSL certificate
·         Restart your services

Upgrading to OpenSSL 1.0.1g  does not automatically restart your services and likewise certificate revocation and replacement is a whole different step from ‘patching your server’.

·         If a vendor does not restart their services then their sessions are still vulnerable
·         Even if a vendor does revoke their certificates then some web browsers ignore the revocation
·         If a vendor does not replace their certificates then if their private key was stolen then they are wide open

If we look at the situation with WordPress then it appears they applied the patches but may not have replaced their certificates yet. I can also see smaller companies forgetting to restart their services after apply the OpenSSL 1.0.1g upgrade.

Should I change my password?

If you look at this list of vendors and their statements (http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/) then the following rules apply:

·         You are safe if a vendor never used OpenSSL (remember SSL isn’t broken itself, just one implementation of it including heartbeats)
·         You are safe if a vendor used an earlier version of OpenSSL (0.9.8 / 1.0.0)
·         You are moderately safe if a vendor upgraded to OpenSSL 1.0.1g, restarted their services and issued new certificates, before the public announcement on April 7th (apart from in the case of serious hackers)
·         You are at risk if a vendor upgraded to OpenSSL 1.0.1g, restarted their services and issued new certificates, sometime after April 7th (the longer the gap the higher the risk) and should change your passwords
·         You are at risk if a vendor upgraded to OpenSSL 1.0.1g, restarted their services and has not issued new certificates. You have a personal decision to make regarding changing passwords.
o   There is a small risk a private key could have been stolen and so even if you change your password then the site could still be vulnerable and you just gave your new password away
o   That said if the key did not get stolen then changing passwords prevents a hacker using your stolen details in the future.
·         You are at risk if a vendor either did not upgrade to OpenSSL 1.0.1g across all their services or forgot to restart their server. It is probably pretty pointless doing anything yet if that is the case.
·         You are at risk if a vendor made a nebulous statement like “We patched our servers” but was not drawn about restarting their services or issuing new certificates and should look to Internet forums
·         You are risk if a vendor has revoked their certificate but not issues a new certificate yet. Your web browser may ignore the certificate revocation and be open to MITM attacks.
·         You are at risk if you used client side software using a vulnerable version of OpenSSL and could have leaked confidential information from your desktop or mobile device
o   Double check the application that you use on Internet forums especially web browsers and IM clients
·         Most vendors are going to tell you to change your passwords anyway but check the details as above
·         Making your password really long is good practise but is no deterrent whatsoever from Heartbleed and you run the obvious risk of forgetting it or revealing it to hackers waiting for all the password resets


Imagine a hacker did target Vendor X, based on watching the charts of companies requesting new certificates and targeting those who haven't yet. Let us presume they were running Operating System X (all we know is that NGINX probably isn't vulnerable and Apache potentially is - but it would require specific timing) and just as a server rebooted the private key was added to the top of the OpenSSL memory stack and at that precise moment a hacker somehow managed to make a first request with an OpenSSL heartbeat and steal the private key. If we imagine that Vendor X are rebooting their servers regularly and maybe there was an insider involved then it becomes all the more probable. Let us now imagine the servers have been upgraded to OpenSSL 1.0.1g and all the services restarted but that the old certificates are still up there. That means if you reset your passwords then it makes no difference whatsoever because the hacker can decrypt all the traffic using their stolen private key. Changing your password actually means that the hacker now has your new password and you think you are actually safe. The hacker may have already decrypted everything on the site using their private key and have all your confidential information but let’s assume they haven’t. Vendor X then issue new certificates and does not bother going back through the last two years of logs to look for Heartbleed attacks. You have absolutely no idea that the hacker stole your new password and you carry on using the service and update it with your new credit card details…you are completely surprised that your account has been hacked even though Vendor X patched their servers.

That said, I would actually be more worried by the news that the majority of the traffic performing heartbeat vulnerability scans is apparently coming from various Government (thankfully not ours) sponsored cybercrime activity around the world.

I would like to end by thanking all the Blogs that I have referenced in bringing together this hopefully definitive guide to Heartbleed. I am happy to hear your views on the matter so please feel free to email me.

Peter


************************************************************************
Kevin Benedict
Senior Analyst, Digital Transformation, EBA, Center for the Future of Work Cognizant
View my profile on LinkedIn
Learn about mobile strategies at MobileEnterpriseStrategies.com
Follow me on Twitter @krbenedict
Join the Linkedin Group Strategic Enterprise Mobility
Join the Google+ Community Mobile Enterprise Strategies
Recommended Strategy Book Code Halos
Recommended iPad App Code Halos for iPads

***Full Disclosure: These are my personal opinions. No company is silly enough to claim them. I am a mobility and digital transformation analyst, consultant and writer. I work with and have worked with many of the companies mentioned in my articles.

Field Mobility News Weekly – Week of April 13, 2014

The Field Mobility News Weekly is an online newsletter made up of the most interesting news and articles related to field mobility that I run across each week.  I am specifically targeting information that reflects market data and trends.

Also read Enterprise Mobility Asia News Weekly
Also read M2M News Weekly
Also read Mobile Commerce News Weekly
Also read Mobile Cyber Security News Weekly
Also read Mobile Health News Weekly
Also read Mobility News Weekly

Looking for an enterprise mobility solution?  Read the Mobile Solution Directory Here!

According to a recent report from Navigant Research, cumulative utility spending on IT systems for the smart grid will total $139.3 billion from 2014 through 2022. Read Original Content

IDTechEx research has found the WSN market will grow to $1.8 billion by 2024. These figures refer to WSN defined as wireless mesh networks, i.e. self-healing and self-organizing. Read Original Content

The Global Fleet Management System market will grow at a CAGR of 25 percent to 2018. The Global Fleet Management System market is driven by several factors, of which increasing demand for this system from the BRIC countries is one of the main drivers. Read Original Content

Catavolt is the most secure way to rapidly build mobile apps that work with all enterprise systems and all mobile devices. IT departments rest easy with Catavolt’s industry-leading “No Data at Rest” security platform, and a no-coding app creation approach that efficiently addresses the backlog of business requests for mobile apps. Business users receive apps that are custom-tailored to their business process, and a high-performance, native user experience that fully utilizes the devices they carry today. This newsletter is sponsored in part by Catavolt.

Next month’s Fleet World Fleet Show will see Quattro Telematics officially launch its portfolio of black box technology to fleets, as well as offering the chance to win a fully installed Geotab GO6 tracking unit or a Garmin navigation device. Read Original Content

Utilities are expected to spend nearly $140 billion between 2014 and 2022 on the deployment of IT systems needed to support new smart-grid infrastructure, according to a new study from Navigant Research. Read Original Content

After the acquisition of the Automotive Telematics On-board unit Platform business from NXP, Telit Wireless Solutions has utilized the platform, which is now named as the Telit Automotive Solutions, to deliver telematics services for automotive OEM and tier ones markets. Read Original Content

The rugged tablet segment increased 22 percent year-over-year in 2013, growth that is expected to continue this year. In addition, greater availability of rugged Android devices along with first-generation rugged Windows 8.1 embedded handheld devices will create increased opportunities this year, judges VDC. Read Original Content

DriveLogik says its new product can provide fleets with up to a 10 percent fuel savings per vehicle and reduced maintenance costs.  A hardware package and monthly subscription-based software reporting includes driver performance reports to help identify driver performance. Customized instant alerts via mobile devices also identify major driving events. Read Original Content

Latest Articles on http://mobileenterprisestrategies.blogspot.com

Could Mobile Devices and the Internet have Prevented the Rwandan Genocide?
HTML5 and the Future of PhoneGap and WebView+
Increasing Productivity and Getting Strategic with Geospatial Information Systems
The Latest on Microsoft's Windows Phone 8.1 for Enterprise Mobility and IoT
In Defense of Mobile Platforms - Guest Blogger David Akka
Notes on the Location Based Services Market

Webinars of Note (Recorded)

BYOD Security Battle: No Data at Rest vs. Containers
Cloud Middleware: The Key to Scalable Enterprise Mobility
Lean Manufacturing and Mobile Tech: On-Site Opportunities
Rapidly extend any enterprise application to mobile devices without coding, APIs, or integration.
Retail and Mobile Tech: In-Store Opportunities
Top 5 Mobile Apps for Sales Success

Whitepapers of Note

Don't Get SMACked - How Social, Mobile, Analytics and Cloud are Reshaping the Enterprise
Making BYOD Work for Your Organization
Managing BYOD and Legacy Systems
The Secret to Enterprise Mobile Application Adoption
Secure BYOD Apps in a Mobile World
Solving The Mobile Developer Scarcity Problem
The True Cost of Mobility

************************************************************************
Kevin Benedict
Senior Analyst, Digital Transformation, EBA, Center for the Future of Work Cognizant
View my profile on LinkedIn
Learn about mobile strategies at MobileEnterpriseStrategies.com
Follow me on Twitter @krbenedict
Join the Linkedin Group Strategic Enterprise Mobility
Join the Google+ Community Mobile Enterprise Strategies
Recommended Strategy Book Code Halos
Recommended iPad App Code Halos for iPads

***Full Disclosure: These are my personal opinions. No company is silly enough to claim them. I am a mobility and digital transformation analyst, consultant and writer. I work with and have worked with many of the companies mentioned in my articles.

Thursday, April 10, 2014

Could Mobile Devices and the Internet have Prevented the Rwandan Genocide?

This week marks the tragic 20-year anniversary of the Rwandan Genocide.  On April 7, 1994, the Hutu majority, which was in power at the time, began an organized effort to wipe out the minority Tutsis living in Rwanda and other neighboring countries.  During an approximate 100-day period nearly 800,000 Tutsis and sympathizers were massacred, most by machete.

The genocide was only stopped when an exiled Tutsi rebel group marched into Rwanda and overthrew the Hutu government.  No outside international forces intervened to stop this massacre.  The UN peacekeeping soldiers, lacking authorization to intervene and protect, stood by as the massacres happened within sight of their forces.  This was and is to this day a great international shame.

In Boise, Idaho we have a fast growing Congolese and Rwandan population of refugees that were forever impacted by this event.  Many have spent the last 15 years living under plastic tarps on mud floors in refugee camps.  The tragedy of these events is personal to me.  It hits home nearly every day as our home is often filled with newly arrived Rwandan refugee families and friends.  Many of my close friends suffer nightmares to this day from the mental and physical scars of these events.

I often wonder if mobile devices with broadband Internet could have prevented or limited the Rwandan Genocide.  In 1994 letters were sent through the postal service from fearful Tutsi families and churches begging for protection.  Here is an excerpt from just one letter sent by a pastor to his church leadership, “We wish to inform you that tomorrow we will be killed with our families.”  Tragically, the pastor’s words went silent and his predictions came true.  His entire family and congregation was massacred.  These letters were sent through the postal service.  The world was not aware, informed or alerted in a manner that rose above the noise.  These letters are now archived for us to read, remember and learn from.

There was no instantaneous access to social media sites, online forums, blogs, Facebook, Twitter, Instagram, or places where citizen journalists with iPhones and broadband Internet could upload photos, videos and articles.  There was no YouTube or widely used public news websites to spark immediate worldwide outrage.

In 1994 the news of the massacres leaked out slowly and the rumors were too horrific to be believed.  Facts were hard to come by. The scope and scale of the tragedy was difficult to measure.  News crews found it dangerous to venture out into remote areas.  It took weeks for the world to begin to learn the full scale of the violence and genocide and by then the tragedy had nearly run its course.

I ask again, could mobile devices with cameras, broadband Internet connectivity and access to social media sites have stopped or limited this tragedy? In 1994, the world had limited news, limited understanding of events, limited perspective of the scale and scope of this tragedy, and limited interest.  These challenges limited international outrage and prevented UN intervention and humanitarian responses.

In the absence of news crews and photojournalists, the Hutu government, militia and instigators of violence felt immune from personal accountability, scrutiny and retribution.  They gave into a mad, uncontrollable and unexplainable bloodlust.  The violence continued unabated for 100 days.

In 1994, the ruling Hutu party controlled most of the radio stations and newspapers in Rwanda. Propaganda ruled the airwaves calling for violence against the Tutsis.  Many of the Rwandan news agencies and broadcasters themselves were later found by International courts to have been guilty of instigating and organizing the violence.

I hope and pray that the ubiquity of mobile devices would make keeping genocide a secret far more difficult today.  Every person with a mobile phone has the potential to be a citizen journalist.  Every act of violence has the potential of being documented and the location and perpetrators identified.

There are models today that demonstrate how mobile devices can be used to help prevent future genocides.  In Kenya, a small group of volunteer programmers have developed a website and mapping solution called Ushahidi, http://en.wikipedia.org/wiki/Ushahidi, where people with mobile phones can report violence and document the location of incidences on a map.  This information is instantly projected to a map on a website for the world to visualize, study and understand.

Today, freedom of speech and the ability to widely communicate news, knowledge and ideas has the opportunity to transform societies and peoples as never before.  Evil does not like the exposure and light of public scrutiny and debate.

In some circles, it is popular to cast disparaging remarks at technology, mobile devices, the Internet and social media, but I for one appreciate the value of information transparency afforded by these technological advancements.  I will celebrate the opportunity and freedom to know, and pray for the strength and courage to react with immediacy.

*************************************************************
Kevin Benedict
Senior Analyst, Digital Transformation Cognizant
View my profile on LinkedIn
Learn about mobile strategies at MobileEnterpriseStrategies.com
Follow me on Twitter @krbenedict
Join the Linkedin Group Strategic Enterprise Mobility
Join the Google+ Community Mobile Enterprise Strategies

***Full Disclosure: These are my personal opinions. No company is silly enough to claim them. I am a mobility and digital transformation analyst, consultant and writer. I work with and have worked with many of the companies mentioned in my articles.

Mobility News Weekly – Week of April 6, 2014

The Mobility News Weekly is an online newsletter made up of the most interesting news and articles related to enterprise mobility that I run across each week.  I am specifically targeting information that reflects market data and trends.

Also read Enterprise Mobility Asia News Weekly
Also read Field Mobility News Weekly
Also read M2M News Weekly
Also read Mobile Commerce News Weekly
Also read Mobile Cyber Security News Weekly
Also read Mobile Health News Weekly

Looking for an enterprise mobility solution?  Read the Mobile Solution Directory Here!

ComScore released its February smartphone survey results for the U.S. and it shows Apple shares continues to hover around 40 percent to 41 percent which it has been doing since July last year.  Read Original Content

Samsung Electronics warned it would post a drop in operating profit during the first quarter of 2014. The largest smartphone maker said consolidated operating profit would be an estimated $7.9 billion, down 4.3 percent.  Read Original Content

Well-known tech analyst Ming-Chi Kuo of KGI Securities says an Amazon smartphone is in the works, confirming rumors that have been circulating for years about the Kindle maker. The smartphone is expected to be released within the next three to six months, reports BGR.  Read Original Content

Catavolt is the most secure way to rapidly build mobile apps that work with all enterprise systems and all mobile devices. IT departments rest easy with Catavolt’s industry-leading “No Data at Rest” security platform, and a no-coding app creation approach that efficiently addresses the backlog of business requests for mobile apps. Business users receive apps that are custom-tailored to their business process, and a high-performance, native user experience that fully utilizes the devices they carry today. This newsletter is sponsored in part by Catavolt.

The smartphone chip market is expected to grow by over 10 percent in the next five years, pushed by the success of 4G LTE and 64-bit technologies to reach $30 billion revenue, analyst firm Strategy Analytics has claimed. Read Original Content

Almost all Canadian enterprise respondents (85 percent) have effectively adopted and deployed mobile technologies, markedly higher than the average global response of 69 percent among 14 other countries surveyed, according to the Accenture Mobility Insights Report 2014.  Read Original Content
In BlackBerry’s home country, the company’s market share has dropped to around 15 percent, according to a new comScore report.  This is comparable to an estimated 20 percent in December 2012.  Read Original Content

According to a report released by Canaccord Genuity, the perennially popular smartphone iPhone 5s still remains in the lead in the United States smartphone market, nearly six months after it first arrived.  Read Original Content

The report "Bring Your Own Device & Enterprise Mobility Market 2019", published by MarketsandMarkets, predicts these markets will grow from $72.34 billion in 2013 to $284.70 billion in 2019.  Read Original Content

In what would be the highest jury award ever in a patent case, Apple is seeking more than $2 billion in damages from Samsung for allegedly infringing phones.  Read Original Content

According to a new market research report of "Augmented Reality & Virtual Reality Market by Sensors 2018", published by MarketsandMarkets, these markets are expected to grow at a compound annual growth rate of 15.18 percent from 2013 to 2018.  Read Original Content

An average smartphone user is said to spend 2 hrs and 42 minutes per day up from 2 hrs and 38 minutes per day in March of 2013. App usage accounted for a massive 86 percent of this time. Gaming apps dominated as far time spent is concerned, accounting for nearly a third of it, according to Flurry Analytics.  Read Original Content

HTC Corp posted a first-quarter loss that was wider than analyst estimates, after ineffective marketing resulted in weak sales of its former flagship model.  Read Original Content

BlackBerry Ltd. won’t renew its contract with T-Mobile US Inc. when it expires this month following a spat over the carrier’s promotions for Apple Inc.’s iPhones.  T-Mobile will no longer be able to sell new BlackBerry products when the contract ends April 25, BlackBerry said in a statement.  Read Original Content

A battery that uses nanotechnology to charge your smartphone in 30 seconds may sound like something out of a sci-fi movie but an Israeli startup claims to have created just that.  StoreDot unveiled its battery charging prototype at Microsoft's Think Next conference in Tel Aviv.  Read Original Content

The advent of LTE Advanced networks and the further introduction of 64-bit chips and semiconductor process technology improv├čements are all expected to drive the global smartphone applications processor market to $30 billion in revenue in 2018, according to a new forecast from research firm Strategy Analytics.  Read Original Content

Recent Articles by Kevin Benedict

Increasing Productivity and Getting Strategic with Geospatial Information Systems
The Latest on Microsoft's Windows Phone 8.1 for Enterprise Mobility and IoT
In Defense of Mobile Platforms - Guest Blogger David Akka
Notes on the Location Based Services Market
Wake Up! Your Business Has Changed!
The Growing Importance of GIS to Organizations, Industries and Municipalities in 2014

Webinars of Note (Recorded)

BYOD Security Battle: No Data at Rest vs. Containers
Cloud Middleware: The Key to Scalable Enterprise Mobility
Lean Manufacturing and Mobile Tech: On-Site Opportunities
Rapidly extend any enterprise application to mobile devices without coding, APIs, or integration.
Retail and Mobile Tech: In-Store Opportunities
Top 5 Mobile Apps for Sales Success

Whitepapers of Note

Don't Get SMACked - How Social, Mobile, Analytics and Cloud are Reshaping the Enterprise
Making BYOD Work for Your Organization
Managing BYOD and Legacy Systems
The Secret to Enterprise Mobile Application Adoption
Secure BYOD Apps in a Mobile World
Solving The Mobile Developer Scarcity Problem
The True Cost of Mobility

*************************************************************
Kevin Benedict
Senior Analyst, Digital Transformation Cognizant
View my profile on LinkedIn
Learn about mobile strategies at MobileEnterpriseStrategies.com
Follow me on Twitter @krbenedict
Join the Linkedin Group Strategic Enterprise Mobility
Join the Google+ Community Mobile Enterprise Strategies

***Full Disclosure: These are my personal opinions. No company is silly enough to claim them. I am a mobility and digital transformation analyst, consultant and writer. I work with and have worked with many of the companies mentioned in my articles.

Wednesday, April 09, 2014

Mobile Expert Interview: Dave Akka on Mobile Platform Strategies

I had the privilege today of interviewing mobility expert and Managing Director for Magic Software UK, Dave Akka.  In this interview we dig deep into mobile platform and mobile app development strategies.  Enjoy!

Video Link: http://www.youtube.com/watch?v=Jwm5ig7ARc4&feature=share&list=UUGizQCw2Zbs3eTLwp7icoqw



Read the article by Dave Akka, In Defense of Mobile Platforms for Enterprise Mobility.

Code Halos (the data that surrounds people, organizations and objects) are important to us as individuals - most of us generate and share digital information every day. What's critical is that Code Halos are also vital to future business success. Research conducted by the Center for the Future of Work reveals that companies that understand how important this data is and how to find business meaning from it are best positioned to win their markets.

My colleagues at Cognizant's Center for the Future of Work have just published a new book that is now available everywhere on this subject, http://www.unevenlydistributed.com/codehalos.  This is a very important topic as it defines a strategy for utilizing big data and everyday data to beat your competition.

*************************************************************
Kevin Benedict
Senior Analyst, Digital Transformation Cognizant
View my profile on LinkedIn
Learn about mobile strategies at MobileEnterpriseStrategies.com
Follow me on Twitter @krbenedict
Join the Linkedin Group Strategic Enterprise Mobility
Join the Google+ Community Mobile Enterprise Strategies

***Full Disclosure: These are my personal opinions. No company is silly enough to claim them. I am a mobility and digital transformation analyst, consultant and writer. I work with and have worked with many of the companies mentioned in my articles.