Converge Magazine recently put together an article about the factors that K-12 administrators should consider when implementing a tablet initiative. The article is based upon conversations with four K-12 administrators who use tablets as part of their curriculum. 

5 Factors in Starting a Tablet Initiative 

1. Consider your learning goals - teachers need to be involved in establishing goals of what the devices can accomplish before talk of hardware begins
2. Figure out a digital curriculum strategy – lessons first, devices second! This plays into the hardware choice as well as which learning management system to use. As well said by Emily Starr, “As you create your digital curriculum, you’ll need to consider whether your infrastructure will support the kind of digital content you want to use.”
3. Pick your management style – this relates to your MDM strategy
4. Set your price point and refresh cycle
5. Choose your top features - great discussion on this topic of operating systems & apps and who has ultimate control

Tim Williams, director of product management for Absolute Software, has been working closely with school districts across the country to choose and deploy tablet solutions. His comments are integrated into the Converge Magazine article and we are more than happy to help you with your own tablet initiatives. Absolute Software can provide options for both endpoint security as well as endpoint management for your MDM needs in the K-12 segment. Want to know more, contact us!

Zscaler assessed 27,000 websites to come up with their first report, though you can also use the Zulu tool to assess your own website. Based upon the data, 81% of sites were qualified as “benign” while 9.5% were “suspicious” and 9.5% were seen as “malicious.”

The threat report also assesses how people access the web, particularly in the enterprise setting. Facebook is still the most common web application used in the enterprise, followed by Gmail, YouTube and Twitter. In terms of mobile use, 50% of current mobile browser traffic was from Apple iOS devices. Read more here.

The PCI Security Standards Council (PCI SSC) recently issued an updated set of requirements for point-to-point encryption (P2PE) solution providers to implement hardware-based solutions for merchants. The update also includes additional testing procedures to ensure devices meet minimum security requirements. 

This latest update by the PCI SCC shows a growing trend toward clarifying and strengthening security standards in many industries. Though the current P2PE program is voluntary, with no plans to wrap it into PCI DSS, the Council is being proactive in providing security resources for merchants and solution providers. 

Bob Russo, general manager for PCI SSC, says:

“With these updated P2PE requirements and program in place to assess and validate these solutions securely, we’re one step closer to helping merchants take advantage of this technology to simplify PCI DSS validation efforts and mitigate potential breaches.”

The full point-to-point encryption requirements document is available here [PDF]. You can read more about this news and the technology from TechTarget.

“Best Forensics Tool” is a new category for the 2012 awards, recognizing products and services that “provides forensic technologies to assist an enterprise in investigating data breaches or hacking attacks.” We were finalists alongside 4 other great products and are honoured to have been selected by the panel of judges for this award.

Absolute Software was also a finalist for Best Mobile/Portable Device Security from the 2012 SC Awards Canada and was also recently named a finalist in the BC Technology Industry Association (BCTIA) 2012 Technology Impact Awards (TIAs) for “Company of the Year.”

The BC Technology Industry Association (BCTIA) has announced the finalists for the 2012 Technology Impact Awards (TIAs), an award which showcases the innovations happening in British Columbia’s technology sector.

Absolute Software is a finalist for “Company of the Year” for the 2012 TIAs, alongside Avigilon Corporation and Tantalus Systems. Absolute Software is honoured to be recognized alongside this group of innovators. 

The 2012 Company of the Year Award acknowledges a “company that is a recognized leader in the technology industry,” looking at financial performance, strategy / vision, market position and technical and product excellence.

This year’s theme is “BC’s Mark on the World,” with BCTIA President Bill Tam noting: 

“Collectively, the 2012 finalists are serving virtually every market around the world. They represent millions of dollars of investment into British Columbia’s economy and collectively generate tens of millions of dollars in annual export revenues.”

The winners of the 2012 Technology Impact Awards will be announced on June 14th – stay tuned!

As mentioned by Tim Williams, who is interviewed for the article, Absolute Software was recently listed by Gartner in the Visionaries Quadrant for Client Management Tools. Although not specifically listed in the Magic Quadrant for MDM, our entire suite of services and products were considered in naming Absolute Software a Visionary Vendor. 

The interview on Network World highlights why businesses would want an MDM solution, the evolution of the MDM market in the last year, and our expectations for the changes upcoming in the next two years. As Tim noted in the interview, we expect that mobile devices will not always be considered a separate entity in need of new rules but rather an extension of endpoint policies currently in place. 

Here’s how Absolute Manage MDM is differentiated:

“The ability to adapt to a customers existing environment is a big one.  We can implement in weeks instead of months and we do both clients and mobile.  Our Absolute Safe product also differentiates us.  It provides protection of documents and secure distribution of documents (PDF, office, etc.).

Docs are deployed by groups and allow central control for delete per file or group of files in the Safe on the mobile device.  Safe can also allow documents to be available by time, schedule or time-bombed. Safe uses the mobile OS encryption and can perform auto-remediation for jailbroken devices.”

Read the rest of the interview here and head over here to learn more about Absolute Manage MDM.

Every year, SC Magazine Awards recognize professionals, companies and products that help combat business security threats. Now in its 16th year, with over 650 nominations last year in 31 categories, the awards continue to grow.

This year, Absolute Software is a Finalist for Best Mobile/Portable Device Security from the 2012 SC Awards Canada. The other finalists include BlackBerry and Gold Lock Canada.

Growing numbers employees are using smaller and smaller devices – iPhones, iPads, Android devices, BlackBerries, and more – with loads of applications to access corporate data. Security products in this category deal with not only a collapsing perimeter, but also consumer-owned and controlled devices being used to get at corporate resources. At a minimum, these devices likely will require strong endpoint security, point-to-point encryption and more.

The 2012 SC Awards Canada will be announced in Toronto on May 8-9 at the SC Congress Canada event. Good luck to all the other finalists!

The Trustworthy Internet Movement (TIM) released a report this month on the SSL Implementation of the Most Popular Web Sites. This SSL Pulse Report shows that 90% of the 198,216 HTTPS-enabled websites surveyed are vulnerable to SSL attacks. 

Only 10% of websites surveyed had effective SSL security. Effective SSL security was defined as well configured with an A grade and as not vulnerable to the two known attacks against SSL – Insecure Renegotiation and BEAST attack. Many sites lacked complete certificate chains, had weak cipher strength or were otherwise vulnerable. For example, it’s quite troubling to hear that 75% of sites are vulnerable to the BEAST attack which has had a resolution available since 2006. 

For sites that have a large number of users that can be exploited in some way, or have high value sites (banks), the risks from these vulnerabilities can be quite great. 

The SSL Pulse will be continuously updated to show the state of the SSL ecosystem. TIM has released a PDF of the SSL / TLS Deployment Best Practices to help administrators and programmers deploy a secure website or application.

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has recently submitted a document on Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules. 

The revision will modify the HIPAA Rules to implement the privacy, security, enforcement, and breach notification provisions of Subtitle D of the Health Information Technology for Economic and Clinical Health Act (Title XIII of the American Recovery and Reinvestment Act of 2009), and will modify the HIPAA Privacy Rule as required by section 105 of the Genetic Information Nondiscrimination Act of 2008. HIPAA.com has a good overview of what these changes will mean.

The final rules are expected to be published in the Federal Register soon. Expect that, with the final rules, there will be new data breach enforcement and penalty requirements. Additional provisions could govern the use and resale of patient data, the “harm threshold” for data breaches, basic encryption of data, and establish firmer rules regarding associates and subcontractors. 

Given the increased enforcement of HIPAA, and the dire predictions for healthcare data in 2012, we’ll keep you apprised of any further developments with these HIPAA rules and enforcement changes.

Our own study has previously revealed that employees undermine laptop encryption policies, by turning it off or using insecure passwords, so it comes as no surprise to us anytime we see additional statistics about the role employees play in data protection. Either through ignorance, mistakes or neglect, employees are often the cause of lost or stolen data.

As Trend Micro recently noted, “humanity is the weakest link” in business security. Trend Micro recently released a research report with the Ponemon Institute about The Human Factor in Data Protection [PDF]. The study, of 709 IT practitioners, revealed that 81% of organizations have experienced a data breach as a result of negligent or malicious employees or other insiders. The top 3 data breach causes listed were:

1. 35% – Loss of laptops / mobile devices
2. 32% – Third-party mishaps
3. 29% – System glitches

The most common behaviours by employees that lead to data loss are:

• Not changing passwords frequently enough
• Reusing the same passwords / user names
• Leaving a computer unattended
• Using insecure wireless networks
• Failing to delete confidential information
• Password sharing
• Carrying sensitive information on laptops when traveling

According to the study, employees either very frequently (23%) or frequently (46%) carry sensitive data on their laptops, smartphones, tablets or other mobile devices. If that device goes missing, most employees will not report it to the organization; only 19% of employees are self-reporting data breaches.

While it’s obvious that employees do play a role in the loss of data, companies are also negligent in preventing such data loss. According to the report, 65% of respondents believe their organization’s sensitive / confidential business information is not protected (by encryption or other technologies). Small businesses, in particular, did not feel confident that data protection technologies were in place.

Absolute Software would love to help better protect your data – our products can help protect your data without hindering employee productivity or otherwise requiring employee action. Learn more here.