Virtualization Technology News and Information
White Papers
White Papers Search Results
Showing 1 - 6 of 6 white papers, page 1 of 1.
IGEL Delivers Manageability, Scalability and Security for The Auto Club Group
The Auto Club Group realizes cost-savings; increased productivity; and improved time-to-value with IGEL’s software-defined endpoint management solutions.
In 2016, The Auto Club Group was starting to implement a virtual desktop infrastructure (VDI) solution leveraging Citrix XenDesktop on both its static endpoints and laptop computers used in the field by its insurance agents, adjusters and other remote employees. “We were having a difficult time identifying a solution that would enable us to simplify the management of our laptop computers, in particular, while providing us with the flexibility, scalability and security we wanted from an endpoint management perspective,” said James McVicar, IT Architect, The Auto Club Group.

Some of the mobility management solutions The Auto Club has been evaluating relied on Windows CE, a solution that is nearing end-of-life. “We didn’t want to deal with the patches and other management headaches related to a Windows-based solutions, so this was not an attractive option,” said McVicar.

In the search for a mobile endpoint management solution, McVicar and his team came across IGEL and were quickly impressed. McVicar said, “What first drew our attention to IGEL was the ability to leverage the IGEL UDC to quickly and easily convert our existing laptop computers into an IGEL OS-powered desktop computing solution, that we could then manage via the IGEL UMS. Because IGEL is Linux-based, we found that it offered both the functionality and stability we needed within our enterprise.”

As The Auto Club Group continues to expand its operations, it will be rolling out additional IGEL OS-powered endpoints to its remote workers, and expects its deployment to exceed 400 endpoints once the project is complete.

The Auto Club Group is also looking at possibly leveraging the IGEL Cloud Gateway, which will help bring more performance and functionality to those working outside of the corporate WAN.
How Mobile App Protection Fits into a Broader Security Strategy
Mobile app security is a key, but often overlooked aspect of an organization’s broader security plan. Neglecting mobile security leaves organizations vulnerable to security incidents and breaches, even if their servers and networks are protected. In this solution guide, Guardsquare presents a history and overview of various security strategies, the growing importance of mobile app security, and steps that an organization can take to strengthen the security postures of their mobile apps.

Prioritizing Mobile Application Security

Despite the increase of cyberattacks targeting mobile applications, most organizations neglect, or deprioritize mobile application security until it’s too late. The coverage of high-profile breaches and security incidents involving mobile apps in the news tells us that mobile app security should be a high priority in every organization’s broader security strategy. Failing to properly secure your mobile apps can result in the following:

●    Financial loss
●    Reputational damage
●    Customer data loss
●    IP theft
●    And more

This whitepaper shows organizations how to prioritize mobile app security by focusing on building better relationships between development and security teams. This resource also provides a history and overview of software development and steps that an organization can follow to build a concrete strategy to strengthen their overall mobile app security posture.

Download the full report here.

Incorporating Mobile App Security into the Dev Lifecycle Without Friction
Security is an integral part of the mobile application development process. Organizations are beginning to prioritize security in their development process, but often at the end of the lifecycle. In this report, Guardsquare reviews the mobile application development process to demonstrate how to integrate security measures throughout the development lifecycle, not just at the end. In adapting these recommendations, developers can avoid slowdowns and ineffective, reactive security measures.

Mobile app security shouldn’t be left until the end of the development process. It is possible to integrate security measure throughout the entirety of the development process — even if your team is using one of the agile development methods. If an organization pushes security later in the development process, or even waits until the development process is complete, they run the risk of major complications and the consequences from security incidents. These include:

  • Financial loss
  • Reputational damage
  • Data loss (company or customer)
  • IP theft
  • And more
Overall, this makes security more expensive, especially if organizations find vulnerabilities after deployment. Consequently, it is the recommendation of industry experts that developers incorporate security into the lifecycle early via security assurance (SA).

This whitepaper will show your organization how to seamlessly integrate security throughout your mobile app’s development lifecycle, without slowing your app development teams down. Guardsquare covers each step of the secure software development lifecycle (SSDLC) and shows you how security tests can be built into each of the seven phases: inception, requirements analysis, architecture and design, development, testing, deployment, and steady state.

Ready to take your security strategy to the next level? Download the full report to get started!

iOS App Security: Is it really better than Android?
With its tightly controlled iOS ecosystem, Apple insists that its platform is more secure than Android’s. Is this really the case? This infographic explores the myths and misconceptions surrounding iOS security, and how they can affect your mobile app. From ‘fleeceware’ apps to sideloading, each security myth is evaluated and solutions are provided to help iOS apps improve their overall security posture.

Apple paints a rosy picture of of the iOS ecosystem’s security. However, the “walled garden,” or closed platform isn’t as secure as it appears. This myth often leads to developers neglecting security measures when creating apps for the iOS ecosystem, as they believe that Apple’s security is superior to Android’s.

In this infographic, Guardsquare provides an overview of Apple’s security features, like the closed system and code signing. Each is examined for both strengths and weakness. The infographic also looks at some of the system’s largest security concerns, including jailbreaking and sideloading.

Guardsquare’s analysis of the iOS system includes an analysis of over 200 tweaks, or scripts used to modify the behavior of iOS apps. The results yielded surprising insights:

  • 93% of the scripts provide free access within the targeted apps to premium content or features
  • Revenue losses for targeted apps could potentially cost the publisher millions of dollars annually
  • Scam apps found in the Apple Store generate approx. $48M in revenue

As demonstrated in this infographic, it is essential for iOS app developers to strengthen their mobile app’s security in the Apple ecosystem. Guardsquare offers strategic security recommendations to keep your organization’s apps secure, regardless of platform.

The OWASP Mobile Top 10 List and Why it Matters for App Developers
It can be challenging to find reliable information on the web. The Open Web Application Security Project (OWASP) is dedicated to publishing reliable content in the web application space. OWASP’s Mobile Security Project provides resources like the “Mobile Top 10” and Mobile Application Security Verification Standard (MASVS). This report covers these resources in depth to help developers access a reliable framework for identifying, and solving mobile application vulnerabilities.

Mobile applications are a rapidly growing attack surface. With a variety of tools and techniques available to threat actors, mobile application developers need to build a reliable security framework to address the most common security vulnerabilities. In this report, Guardsquare analyzed OWASP’s “Top 10” mobile security risks and mapped them to RASP and code hardening best practices.

The report also examines the Mobile Application Security Verification Standard (MASVS), also produced by OWASP, which details additional risks and resilience guidelines that complement the “Top 10.”

Key insights:
●    A developer-centric overview of OWASP’s “Top 10” & MASVS
●    How resilience layer controls can prevent reverse engineering and tampering
●    Security technique that protect against the OWASP’s “Top 10” mobile vulnerabilities
●    How to build a layered security approach

Download the full report to learn how you can leverage RASP and code hardening to defend your Android and iOS apps against the most common mobile app security threats.

!hooked a technical magazine_
It’s often difficult for developers to get hands-on knowledge and experience in code hardening techniques To help bridge the gap, Guardsquare’s engineers have created a set of fun, practical labs around four code hardening techniques. This technical magazine is the perfect way to improve your security knowledge, regardless of the mobile platform you use. Developers will walk away with a greater understanding of compiler and security concepts.

Application hardening is an important part of mobile app security, and yet, it can feel like a difficult concept to grasp.

Developers often struggle to get hand-on knowledge and experience working with hardening techniques. In this technical magazine, Guardquare’s engineers have created a set of four fun, practical labs to help your organization familiarize itself with application hardening techniques and the security vulnerabilities that each technique thwarts. These four labs include:

•    Code Checksumming
•    Control Flow (non-) Integrity in Android Applications
•    Native Library Encryption
•    Encrypting Objective-C Selectors

Developers will walk away from these labs with a greater understanding of the theory behind each technique, as well illustrations and guided examples to help them implement them in their own application security strategy.

Download the technical manual here and begin building a stronger security posture through application hardening.