innovation, technology

virtual smart card

… for desktop/laptop a physical smartcard inserted in the device provides additional security, user just need to unlock the smartcard with a pin, without the need to know their password – in times of mobile devices it is possible to attach those smartcard with adapters, but with bad user experience

derived credentials ensure compliance with HSPD12 / FIPS 201 personal identity verification (piv) requirements


derived credentials provider, e.g. entrust, provides an overview about the integration in the infrastructure and enrollment of trusted certificate with modern emm system


citrix provides an easy way to secure authenticate at workspace app for emm trusted devices, better usability and higher security

download NCCoE released second draft version of NIST cybersecurity practice guide SP 1800-12, derived piv credentials attached:

technology

authenticator usability matrix

security is important and 2fa should mandatory …

 read more: multi factor authentication

… while more and more services offer this capability – how to handle all those tokens, here are my analyse of some authenticator apps

appaccount app lockbackup
google
authenticator
microsoft
authenticator
optionalscreenlock
authyphone & emailcloud
andotppin,
password
local encrypted
lastpass
authenticator
optionalpin,
fingerprint
cloud
1passswordprice starts $2.99pin,
fingerprint
cloud, local, wlan

… this is neither comlete market analyse nor evaluate all available features, like enterprise grade rights management

stay tuned about secure authentication with virtual smart card 

apple

apple services from non apple devices

apple provide it’s appstore for all apple devices, but from webbrowser or windows devices it’s hard to browse apple services

you can use the ios appstore search from the folling webservices that utilize apple api – search for app’s and bungle id’s – https://theappstore.org or https://fnd.io


This image has an empty alt attribute; its file name is apple_music_logo_by_mattroxzworld-d982zrj.png

also apple music is designed to be used from app for ios and even android, this webservice offers capabilitys direct from the web – https://musi.sh



while icould.com is a well designed service to work from every webbrowser, from mobile it’s not supported, you may have to switch to desktop mode



think different

general, technology

digital detox

christmas time, family time – decide for a smartphone diet, focus to the really important things

  • turn you device in airplane/fight mode
  • configure do not disturbe

  • remove unneccesary notifications
  • clean desk, delete apps

  • work profile could turned off for android enterprise

or

  • reactivate your old school watch
  • buy an classic alarm clock
  • shut down your smartphone
innovation, technology

progressive web apps

progressive web apps (pwa) getting more popular due to their ability to send push notifications – provide offline content and add to homescreen – no need to install pwa, improve functionallity above browsers with less costs compared to apps – load faster than web – enhanced conversion – scroll 60 frames per second

@google developers training

test your browser online, the featureset differs a lot between mobile platform and browser-  compatibility estimated by appswithlove.com

https://whatwebcando.today

2015 a chrome developer coined progressive web app, adopted by apple and even windows 10 joined as well


Some good examples what pwa’s can do and how already using it:

how to deal with acceleated mobile pages (amp) in times of pwa, how to choose between faster loading or offline functionality, it’s possible to combine both like washington post

read more: acceleated mobile pages


in an enterprise perspective it is about how to deploy applications, with mdm it is quite easy to push an app to a device, even silent installation is possible with android enterprise or apple vpp…

…but pwa’s aren’t that apps anymore and there is no api to remote set homescreen icon 

general, technology

mirroring, casting, streaming, etc.

let’s check the main differences, possiblities, describe examples and how business utilize mirroring, select term:

streaming – casting – mirroring – miracastairplaychromecastamazondlnamirrorsharesamsung – clicksharechromecastappletv


streaming

is the technology to get to your data, data needs to be transfered and could directly viewed while transfering, other that simply copy and paste between to places

casting

the content from internet (netflix) goes direct to your tv, optional initiat the connection from your smartphone, you could leave the network without interrupting the stream

casting.png

mirroring

to display the exact same content at another display, in fact if you leave the wifi the transmissing is broken

mirroring.png

miracast

despite from it’s name, miracast is also a screen-mirroring protocol @wikipedia, miracast is vendor independant, integrated in tv or seperate hdmi stick, even windows10 device could mirrored

airplay

is a streaming protocol between apple devices, your able to stream music but also mirror your device screen to an apple tv, other remote controller could “learned” to control apple tv, offer access to apple’s appstore

streaming_appletv

update: simulate airplay to stream from ios devices to android tv with airreceiver app

chromecast

google offers a lot streaming devices with this name, integrated in every android device, it’s the largest framework, more smart with integration of speakers, similar setup with amazon’s alexa possible, integrated in many apps to watch live tv, stream from you synology nas and for sure in every google app, example in medialibary below

2018-12-02 19_16_23-streaming-mirroring.pptx - PowerPoint.png

arrow read also: how to configure your synology nas

amazon
offer it’s own devices (fire tv stick) to display it’s own contect (amazon music, prime video), but current device doesn’t support miracast anymore, amazon’s fling as chromecast pendant discontinued, see some fire tv app screens attached below, but with android apps quite powerful to customize

dlna
alliance founded by ease sharing digtal media, handling often not that userfriendly, local app render content to be displayed at a supported dlna device (tv) e.g. allcast app, not mirroring supported

dlna.png

mirrorshare
huawei’s native feature to mirror your device to a connected tv, but mirrorshare support miracast, for chromecast you need to install dedicated google home app

samsung

also samsung got it’s own sharing option – allshare, now called smartview to easily share between samsung camera, samsung laptop, samsung phones, samsung tabs, samsung …

smartcast

vizio updated it’s tv’s with smartcast 3.0, able to stream from any mobile device, native ios support with airplay 2.0, no additional device or dongle needed @blog.vizio


business …

…even more got the challange to guarantee the usability and  functionallity

barco-clickshare-cse-200
clickshare

is an enterprise solution, stable and expensive, needs to be connected to the device, multiple device can mirror to a tv

chromecast

do not support wpn2 enterprise, no device management possiblities, perfect for private use – no enterprise grade

appletv

enrolled with apple’s device enrol lment program, managed with an emm system, connected to 802.1x wifi networks and restricted with buildin policies, perfect for enterprise with apple devices


apple, google, innovation, technology

qr code & share wifi

qr code in business it is quite common to use qr code to optimize processes – in private this feature is rarely adopted, but …

arrow read more: enterprise features of android pie

 

qr code

often used to link webpages, promote sales offers or share contacts – different styles, colors or even logos are possible …

2018-09-09 11_37_59-QR Code Generator - Create QR codes here     2018-09-09 11_40_44-QR Code Generator - Create QR codes here

 

… but it gets complicated if you don’t know how to scan the code, first need to download a qr code reader app – since ios11 apple added the native function to scan qr code with camera app – some android device got a qr code reader pre-installed, other need to download it from app store

 

wifi qr code

enterprise facing other challenges to secure authenticate and trust devices

arrowread more: wifi security today and attack vectors

friends often request to join private wifi – tell the password ? no – enter your 12diget&complex$pezialC4ract3r password ? maybe not

create a qr code of your wifi incl. password, with services like qifi, your friends needs to “simply” scan the code

tested: for ios since ios11 it is working pretty easy, android devices with pre-installed qr code reader need to find the right app, but even my huawei ai powered camera is unable to recognize the qr code

update: since ios12 it is possible to add qr code scanner to control center to access from lockscreen and qr codes  highlighted in camera while scanning

qr12-e1537271073765.jpg

 

ios share wifi

even since ios11 apple added a feature to share wifi password between two ios devices, unless you have an ios device, the are some requirements to be meet

  • both ios devices need ios11 or newer installed
  • both ios devices need wifi and bluetooth enabled
  • your ios device must be actively connected to the wifi that the other device wants to join
  • both ios devices need physical proximity to each other
  • you must have each other in contacts list

 

be aware

  1. that trusted devices are inside your network, may access your private services (sonos) or unsecured storages (nas) – better setup a separate guest wifi, with just access to the internet
  2. shared passwords synced to google backup or icloud backupScreenshot_20180909-120209
google, technology

evolution of android security updates

android has a huge diversity in os versions, for enterpise is mandatory to provide high security …

arrowread more: mobile os version spread

samsung

launched it’s own EFOTA service to control software update remote to your managed samsung device @samsung

android enterprise recommended

android devices must satisfy numerous requirements, including regular security updates: at least every 90 days, with monthly updates strongly recommended. @google

 

android one

designed by google. smart, secure and simply amazing

devices that run the unmodified android to provide best compatibility and support @google

project treble

restructued android os framework since android 8 to make it easier, faster, and less costly for manufacturers to provide updates @google

 

update: what enterprise devices already got, will privided to all android devices – google mandates two years of security updates for popular phones in new android contract

 

android
be aware of malware