Friday Notebook, August 17: Mobile security week at

Also: Fleetsmith and MDM; Intune Hybrid Mode; Windows on Chromebooks; state of Android Enterprise; Fortnite and unknown sources; Pwned Passwords API; mobile phishing; and AutoIT.

This is our weekly log of desktop virtualization, enterprise mobility, and end user computing news. Apparently it was mobile security week!

Our blog posts

Jason Bayton: The state of Android Enterprise in 2018. A lot has changed since Jason’s previous article about the state of Android Enterprise in 2017, including new management features, device admin deprecation, and more.

Jack: Fortnite will require Android users to allow unknown sources. Time to rethink MTD and EMM policies? Fortnite for Android won’t be on the Google Play Store. Could this lead to more apps from unknown sources getting installed, and do we need to re-examine MTD and EMM policies because of that?

Kyle: With Pwned Passwords API, annoying password policies can finally go away. Implementing the 2017 NIST digital identity guidelines, and using Troy Hunt’s Pwned Passwords API can help improve password policies at your organization.

Jack: Mobile threat defense vendors are taking on phishing, a rising concern on mobile devices. Phishing is becoming a threat for mobile users. But, mobile threat defense vendors have responded, even if some challenges with BYOD devices remain.

Kyle: GeekOut 365 video: Create test workloads for REX Analytics with AutoIT. Benny and Kristin wrote AutoIT scripts to help with benchmarking of virtual workloads to determine user experience bottlenecks.

Industry news

It was a lighter week for industry news. Of course, VMware is waiting for VMworld (just 10 days away!) and Microsoft Ignite is not too far off, either. Both shows will be big times for partner announcements, and competitors always like to time their announcements around each others’ shows, so we’ll see what happens.

Fleetsmith released their support for MDM for iOS and tvOS, which was announced in April. I’ve covered this Mac management company several times, including their recent support for Office 365/Azure AD identities.

Microsoft is deprecating hybrid MDM, a mode where you use the SCCM console to administer Intune. By the sound of it, not many customers were using this anymore.

XDA Developers wrote about “Campfire,” a rumored Google project that would allow Chromebooks to dual boot and run Windows 10. There’s no indication that Windows would be able to run at the same time as Chrome OS, so we can probably hold off on thoughts of running local seamless Windows apps on Chromebooks, but I’m sure all of us in the desktop virt space find this news at least mildly interesting. Personally, I think the Pixelbook is the best 2-in-1 hardware I’ve ever seen, so bring it on.

Things we read

We frequently include a few “interesting reads” in the Friday Notebook; this week we have more than usual, thanks to the light news week.

  • How to win (or at least not lose) the war on phishing? Enlist machine learning. (Via Ars Technica.) Really interesting article, including a description of Lookout’s threat intelligence service, created by Jeremy Richards (@PhishingAi). I also referenced it this week in my article about mobile phishing.
  • 24 hours of network traffic analysis from Microsoft Azure, by Marius Sandbu. He researched what types of attacks typically happen on Azure VMs, even before they come online.
  • Kyle noticed this Ars Technica article about new security policies at Las Vegas hotels, and how they went over at DEF CON. (Hint: not very well.) VMworld attendees, take note.
  • And last, but not least, this New York Times article profiled the use of user behavior-based authentication by banks and other businesses. The fear is that biometrics could be used not just for authentication, but also for other privacy-violating purposes, like insurance companies finding out that a user is ill. However, I believe the article was remiss in not mentioning the role of hashing and tokenizing biometric data, along with plenty of other identity best practices. My initial thought on reading this piece was: “Ugh, they’re going to turn consumers off on biometrics and ruin it for the rest of us!”

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.