This article mainly outlines security flaws and options for Android based smartphones. As for all you iPhone users starting to feel smug, please keep reading. It’s one of those posts where there is something for everyone.

In their blog post earlier this month, Avast published some very interesting and somewhat worrying information. According to the blog, they bought 20 used Android phones from eBay and using easily available standard forensic tools, were able to extract personal data of previous owners. They apparently found around 40,000 stored photos including, and as expected, hundreds of naked selfies of women and men. They also found emails, text messages, phone logs, contacts and even google searches.

They claim they found all that data despite a ‘Factory Reset’ done on those phones by their previous owners. While there were no specific details as to which of those phones were reset, they did bring to light some important facts about how data is stored and deleted on most data storage devices.

So essentially when you delete anything on your phone, what you are really deleting is the link to that piece of information on the storage drive. The information remains there until new data is written on top of that. So when you do a factory reset you’re only deleting the index of links to all your data and not the data itself. Therefore using basic data retrieval techniques one can retrieve pretty much most of the information on that phone just before the factory reset.

Before we start worrying though, do note that the phones were all old and Android based. When asked, Google responded by point out that Android version 4.0 and above, used by 85% of the users, did not have the security flaws of the previous versions.

The new versions have an option to encrypt all data on the phone with a cryptographic key that is generated based on the passcode provided by the user. But this option is not turned on by default therefore making new users as vulnerable.

Depending on the exact version and make of your smartphone, the steps to turn on the encryption feature will slightly vary but the following should be a good guide.

Charge Your Phone
Depending on the amount of data on your phone, encryption process can take at least an hour. So make sure your phone is fully charged and for complete peace of mind leave it plugged in. Losing power midway will most likely result in catastrophic data loss.

Backup
It is the golden rule of all IT. Before you do anything and often when you do nothing it is imperative that you always back up all your data. In this case, a backup of all your photos, messages, contacts, emails etc. will save you a lot of time and heartache if thing do hit that fan.

Encrypt
This is where things could be different based on versions, makes and models. Generally speaking on your phone,

1. Go to Settings
   
2. If there are tabs on top, go to either ‘More’ or ‘General’ and find Security
   
3. If there are no tabs scroll down and find Security
   
4. Tap Security
   
5. Tap ‘Encrypt Phone’ or ‘Encrypt Device’
   
6. From here on carefully read and follow on-screen prompts
   

Once the process is complete, you can rest assured all your data and photos no matter what kind are all safely encrypted.

Caveats
The preceding steps will certainly keep your data safe but encryption in Android has its own drawbacks.

1. Slower Performance – Encryption will reduce the performance of your phone. Depending on the version, model and make this effect will vary.
   
2. Irreversible – Once encrypted, the device cannot be reversed back to unencrypted state. The only way back is factory reset.
   
3. Time consuming – This one’s a one-time issue. It does take a long time to encrypt, especially if you have a lot of data.
   

We recommend, if you have the latest whiz bang mobile, a tendency to take photos in front of your mirror, about an hour to kill or simply want everything super secure, certainly go ahead and encrypt you phone. On the other hand if your phone is a bit old or performance is important, encryption is not advisable. In any case before you decide to discard your device for a new one be sure to first encrypt it and then perform a full factory reset before you let that phone go.

iPhone
Apple iPhone and iPad run on iOS which uses AES 256 algorithm with a software key generated by the information users provide. This is a default setting and is always on and cannot be turned off. When an ‘erase all content and settings’ is done on the phone, the data index and the encryption key is deleted and without the key all the encrypted data is effectively rendered unrecoverable.

Now before all you Apple users start to feel smug and relax, a forensic scientist Jonathan Zdziarski presented a very revealing paper at a conference earlier this month. He indicated Apple devices ran up to 44 undisclosed services in the background which cannot be turned off. While previously denied, Apple did later acknowledge their existence and insisted they exist for diagnostic purposes alone. True as that may be, these services which can be broadly classified as backdoors can pose potential threats.

In conclusion, smartphones in general are amazing at what they do but there are always pitfalls. Growing use of technology does come with its own set of risks. The right way to mitigate these risks is not shunning the technologies themselves but by better understanding the way they work.

We invite you to share with us any experience you have had relating to encrypting your Android device or your opinions on Apple security. If you liked this article please share it with your network. You can also subscribe to our monthly newsletter by emailing us at hello@vocatys.com.

References:
https://blog.avast.com/2014/07/09/android-foreniscs-pt-2-how-we-recovered-erased-data/
https://source.android.com/devices/tech/security/index.html#filesystem-encryption
http://www.zdziarski.com/blog/?cat=11
http://www.theguardian.com/technology/2014/jul/11/factory-wipe-on-android-phones-left-naked-selfie-photos-and-worse-researchers-find

Technology is disrupting everything these days. Even things we didn’t think could or should be changed. Bitcoin is disrupting money as we know it.

Like money, Bitcoin is a payment system. Unlike regular currency, which is regulated by a government and comes out of a central bank, it has no single administrator and is not physically stored in any particular location. Payment are made and received electronically using various wallet applications on mobile devices and computers.

Every payment is recorded in a public ledger called Block Chain Ledger. This is maintained by a network of servers that anyone can join. Every single Bitcoin transaction is recorded in this ledger and can be examined by anybody. In return for maintaining these ledgers, owners of those servers forming the network are rewarded with newly created Bitcoins. This only method of creating new bitcoins is called Mining.

Due to its decentralised nature, governments across the world are either treading carefully, hesitant or completely closed to Bitcoin. A currency that cannot be controlled and tracked does pose a number of issues. Australia is among very few countries that is open towards Bitcoin and has released tax guidelines around its use.

What’s awesome about it
Here are a few things we find incredibly amazing about Bitcoin.

What’s scary about it
There is no light without dark and although an evolution, Bitcoin comes with its own set of issues.

In conclusion…
We believe in the future, the very near future, all money will be digital. Bitcoin is among quite a few digital currencies that are pushing their way into our lives. So far Bitcoin has been the most popular and widely accepted yet it is still under development. Technically speaking it is still in Beta. Its exact future is anyone’s guess but for now its advantages far outweigh its disadvantages and we think it’s here to stay.

This article was written by Austin D'Mello, Managing Partner of Vocatys, an emerging technology consulting company. If you liked this article please share it with your network. You can also subscribe to the monthly Vocatys newsletter by emailing us at hello@vocatys.com.

References:

• https://bitcoin.org/en/
  
• http://en.wikipedia.org/wiki/Bitcoin
  
• https://www.kabbage.com/blog/does-accepting-bitcoin-make-sense-as-a-small-business-owner
  
• https://coinreport.net/coin-101/advantages-and-disadvantages-of-bitcoin/
  
• http://finance.yahoo.com/news/bitcoin-pros-cons-consumers-merchants-140041526.html
  
• http://bitcoinembassy.ca/about/what-is-bitcoin/advantages-disadvantages
  
• http://en.wikipedia.org/wiki/Legality_of_Bitcoins_by_country
  
• http://www.abc.net.au/news/2014-06-30/tax-office-delays-ruling-on-bitcoin/5559816

May it be internal or external, the idea of IT operations within any organisation being a fully integrated business partner, has forever been wishful thinking at best. The IT department needs to control all systems for maximum efficiency and security. Whereas, the users need easy and immediate access to various systems to maximise their efficiency and therefore productivity.

Mathematically speaking, the IT department’s efficiency is inversely proportional to the users’ efficiency. Neither can be truly efficient without costing the other its own. But the biggest loser in this scenario is the organisation itself.

Now imagine if users didn’t have to get clearance from the IT department every time they needed access to new programs, remote access to files and emails. And at the same time, IT department didn’t need to worry about day to day upkeep of eternally outdated hardware, never ending security patches and software updates but instead focussing on the very needs of the business and its users that they are there to service.

Imagine if their efficiencies were directly proportional to the users’.

Here are two easy solutions that have started transforming that imagination into reality for many.

Cloud Computing
While the concept and its origins can be traced back to 1950s, it’s only since around 2006 when Amazon.com introduced Elastic Compute Cloud, has it come into popularity. Cloud computing has a wide range of benefits for virtually any organisation of any size, within any industry sector including government, education and not-for-profits.

One of the key benefits is the ability to use computing as a service or utility. This way businesses do not need to buy and maintain expensive hardware and software. They just pay a monthly or yearly fee to access as much or as little computing power and space required.

It creates a major shift in focus for the IT department. Now for the first time instead of worrying about system security and uptime, IT can focus on the actual needs of the users and actually play an intrinsic role in the growth of the business. User on the other hand will have access to updated technology and systems allowing them to do their jobs without having to worry about IT trying to control everything they do.

Mobile Technologies
The dramatic and continual rise of smartphones is a great indicator of the seismic shift in our day to day computing. In the vast majority of the cases we are carrying mobile phones in our pocket that are more capable than the computers we use at work. The software and hardware of these phones and tablets are designed and built with almost surgical focus on user-friendliness and rarely need any tech support. A vast array of enterprise apps, on the other hand, seamlessly convert them into business devices that can be easily used and managed by users themselves.

Its desirability and competitive pricing has resulted in such levels of popularity that according to various reports, by the end of 2015 there would be more internet connected smart devices than people on earth. This fact has also given rise to BYOD (Bring Your Own Device) model, allowing employees to use their own smartphones, tablets and/or computers for work.

Without the need to constantly maintain and troubleshoot ageing computers IT can once again focus on being a true business partner that can leverage emerging technologies to increase user productivity and engagement. Users too, will see increased efficiency due to free and flexible access to a host of services that work effortlessly without the constant need for support.

In conclusion, these emerging technologies are already making their presence felt. The opportunities and threats they present are extreme. Depending on the choices they make, businesses can overthrow their biggest competitors, breakaway from the peloton or succumb to the smallest player in the industry. Strategic use of technologies to eliminate operational inefficiencies will be critical to the success of any organisation.

This article was written by Austin D'Mello, Managing Partner of Vocatys, an emerging technology consulting company. If you liked this article please share it with your network. You can also subscribe to the monthly Vocatys newsletter by emailing us at hello@vocatys.com.

References:

• http://en.wikipedia.org/wiki/Cloud_computing
  
• http://www.itu.int/en/ITU-D/Statistics/Pages/facts/default.aspx
  
• http://www.itu.int/en/ITU-D/Statistics/Documents/facts/ICTFactsFigures2014-e.pdf
  
• http://teqy.co/facts-internet-things-infographic-exigent/
  

What is Internet of Things (IoT)?
Even though according to McKinsey Global Institute, the Internet of Things has the potential to create an economic impact of $2.7 trillion to $6.2 trillion annually by 2025, a vast majority of us still have none or at best very little understanding of it.

First proposed by Kevin Ashton in 1999, IoT can be best described as a structure or scenario where objects, both living and non-living, are assigned a unique identifier and using that they independently communicate with each other over a network. In this case, the Internet.

Imagine your car could automatically send messages to your mechanic’s computer. So when you take your car for a service, the mechanic already knows everything that needs to be fixed. Or imagine if your refrigerator knew the next time you walked into a supermarket and displayed to you on your smart glasses that you were running out of eggs.

Only a few years ago this was Sci-Fi movie stuff but it is catching on faster than we think. According to Cisco, 25 billion devices will be connected to the Internet by 2015 and 50 billion by 2020. IoT is already an integral part of our lives; think smartphones, smart watches, smart glasses, smart TVs and for that matter smart anything. The following 5 factors influenced by IoT could critically blindside SMBs.

Security
This one is the most obvious yet most glaring. Almost every employee or colleague you know carries a smartphone. Some if not all connect to the company Wi-Fi and/or access business emails and files using those devices. This is already a security concern. Now as devices such as watches, glasses, office printers, landline phones etc. start connecting and communicating independently to each other, the data and network security can get scarily vulnerable.

Privacy
Organisations and companies that handle personal information of their employees and customers are under increasing pressure to ensure its protection. Company policies pertaining to collection, storage, access and use of personal information will need to revised and kept up-to-date to avoid potentially expensive legal battles.

Employees
The phones we carry these days are almost always far more powerful and capable than the ageing pc’s and macs we use at work. The business software systems are similarly clunky. IoT, with its well-connected and intuitive ways, is becoming a norm for most of us. In order to increase or at least maintain creativity, productivity and engagement among employees, businesses will need to be adaptable to constantly evolving technology.

Customers
IoT will have the biggest impact on our discovery, purchase and consumption of products and services, with a conservative market value estimated to be $8.9 trillion by 2020. Businesses, no matter how traditional and seemingly secure, will urgently need to ensure their products or service are offered, delivered and supported through the right channels.

Competition
An unprepared business could rapidly leak information, data, employee and its customers. A seemingly unshakable competitive advantage could be lost quickly. Depending on the point of view, IoT’s biggest advantage and disadvantage is its ability to level the playing field. It’s not the size of the organisation, market share or capability that would count but it’s what you do with it that would make the difference.

A vast number of traditional industries are being constantly disrupted using technology as the main weapon. With willingness to adapt, the only main barrier to entry, small and medium sized businesses will need to make new technology awareness and adoption key priority to survive.

This article was written by Austin D'Mello, Managing Partner of Vocatys, an emerging technology consulting company. If you liked this article please share it with your network. You can also subscribe to the exclusive monthly newsletter by emailing us at hello@vocatys.com.

References:

• http://en.wikipedia.org/wiki/Internet_of_Things
  
• http://whatis.techtarget.com/definition/Internet-of-Things
  
• http://blogs.starcio.com/2013/06/20-reasons-why-internet-of-things-will.html
  
• http://teqy.co/facts-internet-things-infographic-exigent/
  
• http://mobilefuture.org/issues/internet-of-things/
  
• http://heavy.com/tech/2014/02/what-is-the-internet-of-things-definition-examples/
  
• http://www.baselinemag.com/innovation/slideshows/fascinating-facts-about-the-internet-of-things.html
  
• http://www.fastcompany.com/most-innovative-companies/2014/industry/the-internet-of-things
  
• http://www.informationweek.com/strategic-cio/executive-insights-and-innovation/internet-of-things-done-wrong-stifles-innovation/a/d-id/1279157
  
• http://www.mckinsey.com/insights/business_technology/disruptive_technologies
  
• http://newsroom.mastercard.com/news-briefs/new-research-finds-gaps-between-small-businesses-and-technology-adoption/
  
• http://blogs.office.com/2014/05/15/survey-finds-technology-is-critical-for-small-business-owners-but-many-have-yet-to-adopt-cloud-solutions/
  

When it comes to cloud, there are 2 kinds of businesses out there. Ones that have adopted cloud and ones that don’t yet know they have. A plethora of services from emails, media and file storage to various mobile apps are cloud based in some form.

From a business point of view these services bring great deal of advantages at shockingly affordable prices. These advantages, however, come with their own perils. We have complied a list of top 5 pitfalls of using cloud that should be actively avoided.

Don’t go cheap
With global price wars between industry giants and smaller players, going cheap should not be an option. In the end only the fittest will survive. Given the relatively low differentiation in product offerings it would certainly be wiser to choose a well-established service provider irrespective of the price. Ultimately you will get what you pay for.

Don’t lock yourself in a contract
Small and medium sized organisation should avoid contracts where ever possible as a general rule. Cloud services is a rapidly changing industry. Even a 2 year contract could become very restrictive and stop you harnessing the full advantages of ongoing innovations.

Don’t allow free access
One of the biggest advantages of cloud computing is its ease of use and accessibility. It opens up a range of possibilities like accessing emails on your smartphones and files on multiple devices anywhere, any time. While it may have been main reason to go cloud, without a well formed IT governance policy and security strategy, it will quickly and easily turn into a nightmare.

Don’t ignore ongoing monitoring
Another huge selling point of cloud services is that need for maintenance is little to none. While there may not be any need to maintenance, ongoing monitoring of services should not be overlooked. Every service has its own variables, thresholds and limitations. They need to be monitored regularly to ensure optimal usage, avoid cost blow-outs and in some cases service outages.

Don’t forgo local backups
Most cloud services run from multiple data-centres with multiple backups and fail-safe technologies which ensure that you will have your service up and running even if one of the data-centres were to go down. Some offer additional backup services as well. Which is all well and great until you suddenly lose your internet connection or in a worst case scenario the service provider’s entire operation is hacked and rendered inaccessible. Always work on the philosophy that there can never be too many backups. Having a local backup solution will keep you and your team going no matter what.

While innovative technologies bring a great deal of improvements in our live and businesses, they do come with their own pitfalls. What other pitfalls have you come across while adopting cloud technologies? Feel free to leave us a comment below.