Showing posts with label Security. Show all posts
Showing posts with label Security. Show all posts

Tuesday, 31 May 2016

InTune and management of different phones

Hey there all,

So the past wee while has seen me tooling around with some cool things. I have been exploring my musings with InTune a whole lot more, and now I am the proud owner of a couple of different phones. One is an older Apple iPhone 4s, the other is a Samsung Galaxy 4.  iOS and Android! Me! A bona fide Windows Fan Boi.

What can I report?

Adding both the new guys to my InTune management was a piece of cake. Simply adding my domain's email account to the phones was a piece of cake.

After doing that, I started to mess around with the remote wipes, each was done and each of the phones was totally factory reset with little or no surprise.

Once I had that all nice and stabilised, it was time to get into the process of applying apps to each of the devices. This has perhaps been the bigger learning curve for now, and I am still having a play. I'll write more when I have this properly nailed down, but I have learnt that while all free apps in Google Play are free apps, it would appear to not be the same with the Apple Store. In fact, so far (admittedly without much deep investigation) the only app I have deployed was Age of Empire, a game!  AND in order to get the iOS device managed properly, I had to create and import some certificates into InTune to progress. Apparently, I also have to learn about wrapping some apps in App policies (.xml) in order to have them apply.

As for the 'droid, I now have all the necessary tools that I have for my world. Strava, FitBit, and Training Peaks are all loaded against my phone. Plus a few worky things too.

This little post is just a teaser for now, but I am thoroughly enjoying all that InTune can offer.  At this point though, I would add that my current feel is that anyone looking to refresh their phone fleet, with a mind to managing the devices through InTune MDM, I would lean towards Windows Phone and Android.

Cheers,

Malc.

Wednesday, 11 May 2016

A funny couple of things happened recently...


...and I thought that I'd share.  Mainly as I am just now teaching a Network+ course, and one of the topics in here is Security.  And in that, Social Engineering is seen as a risk, as is misdirection of information.

So here's me.

For the last year, I have been receiving email from a medical insurer in South Africa, for, well, me. Not me, me, but a guy there, born in a different month, 6 years before me. Yup, I know LOTS about him.  It's been kind of funny, but there is a very serious side to this misdirection of data. I have his bank details, the South African equivalent of his Social Security number. And I know his health history, and his wife’s.

Today, I wrote him a letter, and attached one of his health statements.  I hope that it reaches him, and that he takes action with his provider. But what's the lesson here? The lesson is, double check your details with any organisation that you have your financials with. Make sure that all those details are correct. I even did a double check of the handful I have today.  This was an innocent enough mistake on the face of it, but with the information that I have, it could have been a lot worse for this guy.

The second funny thing, was Gmail. So there is a lady in the US of A. She lost her job in RIDICULOUS circumstances and rather publically.  And I really felt for her, mainly because I have an innate sense of fairness. She writes rather well, and has a great sense of humour. I have been a Twitter follower of hers, since. We have never had email contact. We have never communicated outside of a few tweets on Twitter. Anyhow, I have her home number, and her personal email account, showing up in my Gmail phone concats. What the? I did a lookup on Google and some crazy Russian website showed me that it is in fact a US based number, down to state and town. The rest of the location I won't say.

Here the lesson is to make sure that whatever tools you're using on the internet, make sure they are locked to hide any private data. Check what services are sharing that information, and be very careful with the apps installed on your phone that say “We need access to your details here, and here.” And, where you can, avoid putting those private details online when registering on a website. It's amazing how much people are will to put online for some app or the other. With the current trend in fitness tracking that seems to be all the rage, through to online shopping, minimal is best. Hell, it might sound obvious, but pseudonyms can help a fair bit.

As a last one, PLEASE STOP using your email/password combo as the login/password combo on this that and every website! It's just plain silly.

Cheers,

Malc.