Bring your own application (BYOA)

Are Australian Businesses Aware of BYOA?

Are Australian Businesses Aware of BYOA? 1000 667 Greenlight Managed IT Support Services | Sydney | Melbourne

Australia is at the forefront of bring-your-own-application (BYOA) adoption, according to a survey from Edge Strategies and LogMeIn. With 44 percent of companies implementing BYOA, Australia has surpassed the United States, which only had a 25 percent adoption rate.

But does this mean Australian ITs are ready for BYOA?

First of All, What Is BYOA?

Simply put, BYOA, or bring-your-own-application, is the use of third party apps for work. These consumer applications are commonly used by employees to do their jobs quicker and more effectively. Applications like these offer employees flexibility, which is one of the main motivations for using personal apps for work, even if they’re not regulated by their company’s IT department.

That’s the simple truth: Employees use personal apps for work because they are more convenient. It helps them get more work done in less time since they’ve become comfortable with them (after all, they also use apps like these for personal banking, social networking, etc.). They don’t need to undergo training to learn how to use data storage and collaboration apps, which is what typically happens with company-issued applications.

Another reason is that companies don’t offer them enough options. Andy Farquharson, Vice President of LogMeIn Asia Pacific, said that because what current app companies provide can’t answer their employees’ needs, the latter resort to finding and using their own apps. For those companies that offer multiple sets of apps, the scheme may backfire. Employees may find them to be complicated and difficult to use. In the end, they default to what they already know: Third party applications.

The Changing Landscape of Company Applications in Numbers

Survey showed that 73 percent of companies here and in New Zealand have employee-introduced apps that are actively used at work. Most of these are cloud file sync and share apps like Google Drive and Dropbox. Two thirds of businesses have employees that use BYOA despite the fact that companies have existing IT solutions in place. Another survey results from research firm Telsyte found that employees continue to use personal apps even though their companies prohibit them from doing so.

The quest for better productivity means Australians disregard company policies about using personal apps. The Telsyte survey, which involved 460 CIOs and ICT decision-makers, found that although 48 percent of companies ban the use of these apps for work, 14 percent admit that their employees still do it anyway. Only 34 percent actively enforce the rule.

That doesn’t mean, however, that enterprises do not see the potential benefits of BYOA. In fact, 27 percent of Australian companies do not force restrictions when it comes to apps use, and 25 percent have a catalogue of approved apps for employees to choose from. The report cited communications, project and task management, storage, and productivity apps like Skype, GoToMeeting, Evernote, Basecamp, iCloud, and QuickOffice are popular among users.

Still, almost 80 percent of companies have no plan to officially support BYOA. That could mean enterprises miss out on opportunities because using personal apps for work has significant effects on productivity. By letting employees manage their own IT requirements, they also discover ways to innovate and accomplish work quicker and become more efficient.

Telsyte analyst Rodney Gedda says that using personal apps for work is the new form of shadow IT. Unless companies find ways to properly manage the use of these third party applications, more and more people are going to access data through unsecured means. The numbers show that employees are not slowing down when it comes to BYOA and it’s up to the organisations to rise up to the challenge.

The Challenges for IT Departments

Sadly, based on the figures, businesses are not yet ready for this emerging trend. The Telsyte survey found that only 20 percent of companies have concrete plans to embrace BYOA. Even with such a plan, IT departments face some tough challenges in order to accommodate this approach. First, they need to offer multiple set of apps so they can monitor the way employees use data. Second, the study conducted by LogMeIn and Edge Strategies found that there are actually seven times more apps being used in the workplace compared to what IT respondents say. Farquharson believes this is the biggest challenge for businesses and that they need to bridge that gap to get the most out of BYOA and avoid security risks.

They need to listen to employees to come up with better solutions in enhancing productivity while still having some level of control to protect critical information. Implementing mobile device management strategies can help them prevent employees from bypassing IT policies without obstructing productivity and flexibility.

Furthermore, just like BYOD (bring your own device) BYOA comes with some risks. Although it helps improve productivity, its very nature makes it susceptible to security risks. Employee-owned devices that run these apps are not necessarily monitored by your IT department, making BYOA a little scary. The lack of regulation can pave the way for security breaches, since most employees are less likely to think about how they’re accessing critical company data when working outside the office. They’ll connect to public Wi-Fi connections to send emails, download, upload, and share files, unaware that the data they transmit through unsecure networks is visible to everyone. As always, the cornerstone of any BYOA program should always be individual competence and education.

Heart bleed bug Scare: Are YOU Protected?

Heart bleed bug Scare: Are YOU Protected? 150 150 Greenlight Managed IT Support Services | Sydney | Melbourne

Over the past few weeks, you may have heard some chatter about a security vulnerability named “Heart Bleed.” Not surprising.

According to the Sydney Morning Herald, the Heart Bleed security flaw has exposed tens of thousands of businesses to attacks by malicious hackers.

And as with any security scare hitting the web, businesses want to know “should we be worried?”

The short answer? Yes. The long answer? Read on to find out how Heart bleed can harm your business, and what you should do about it.

What is the Heart bleed bug, and How Does it Work?

Heart Bleed is software vulnerability that allows malicious hackers to access a range of network-connected devices and illegally gather passwords, usernames, encryption keys and personal information.

The vulnerability exists in OpenSSL software used by tens of thousands of businesses running open source web servers including Apache and nginx. The attackers’ goals are to gather sensitive information to gain unauthorized access to websites and networks. This data can then be sold to third parties.

Furthermore, malicious parties are able to:

  • Impersonate a website while suppressing alerts about invalid certificates
  • Decrypt all communication between your computer, tablet, phones and any online service 

How do I know if I’m vulnerable?

The fact the websites that you probably use on a daily basis have reacted very quickly to the bug is great, but because the Heart Bleed bug has been around for close to two years, there is a reasonable risk that your usernames and passwords may have been previously compromised without your knowledge.

You may have noticed that some sites you’re registered to may have logged you out as a security measure.

What are some services that have been affected?

Fortunately for many businesses, Microsoft products do not utilise the OpenSSL encryption mechanism. As such, it is extremely unlikely that your computer usernames and passwords were compromised when logging onto your company’s webmail, computer or virtual private networks.

The major Australian Banks have also released statements indicating that there exists no risk to their financial software and databases.

The bad news is that approximately two-thirds of the Internet runs systems using OpenSSL, and the likelihood of you having an exposed account is high.

A few of these are:

  • Google, including Gmail
  • Pinterest
  • Tumblr
  • Yahoo
  • GoDaddy
  • GitHub

Unconfirmed, but likely:

  • Twitter
  • Facebook
  • Apple
  • eBay

Mashable have also put together a fairly comprehensive list of web services that have been affected by Heart Bleed. Check out the Mashable Heart Bleed article here.

How can I protect my business from the Heart Bleed bug?

As with most wide-spread security vulnerabilities, the developer community has mobilized to educate and address the bug to minimize the extent of its damage.

It’s extremely important that you contact your IT service provider (or department) and ensure that your network is protected from the Heart Bleed vulnerability. In the majority of cases, service providers have proactively patched the vulnerability, but a phone call is a clever precaution.

A further step would be to revisit your business password policies. Passwords like “password123” are not going to cut it, and we strongly recommend mandatory password changes every 30 days.

For web-accessed software (think Gmail, MailChimp, your Sydney Morning Herald account, etc), we recommend using password management software such as LastPass.  LastPass enables users to use a single Master Password to protect the tens (or hundreds) of website user credentials.

The added benefit to using LastPass is that their software can identify websites you use that have been compromised by the Heart Bleed virus, making it easier for you to know whether your data is at risk.

If you re-use the same passwords across multiple websites, you may still be vulnerable. If you don’t routinely change your websites’ passwords, it’s possible that even your customers’ information may have been accessed.

Make sure that you select a new, secure password, and that you don’t re-use the same password across multiple websites. If you think your network may have been compromised by the Heart Bleed bug, get in touch with us today for a free consultation and simply call (02) 8412 0000.

Find Your Keys With Your iPhone

Find Your Keys With Your iPhone 150 150 Greenlight Managed IT Support Services | Sydney | Melbourne

When your computer breaks, you call IT Support. When you lose your keys, you call a locksmith.

Or do you?

Have you ever wished there were a way to find your keys with your iPhone? Or maybe your wallet? Maybe you’re like me, and occasionally forget where you parked. Well, US start-up Tile has come up with a clever piece of technology to help, and it works exactly like that.

Tile started out with $200k in seed funding, then moving on to raise a massive $2.6m dollars via their own crowd-funding website (powered by the open-source Selfstarter) and they are available for pre-order order for USD$18.95 per piece, or 4 for just over USD$50.

Unfortunately for us in Australia & NZ (we always seem to be paying more for goods– it irks me, and I’ve actually written some tips on this here) there is also a USD$14 shipping fee. But hey, if it locates your lost or stolen bag or wallet, it will pay for itself a few times!

There are some really cool features to Tile that leverages its Bluetooth connectivity.  Tiles themselves have a Bluetooth range of about 15-50 metres, and the Tile app on your phone will remember where it last ‘saw’ it, as well as letting you know via a little bar graph how close you’re getting to the location.

Individual Tiles last a year before needing to be replaced– there is no need to replace batteries for a whole year, which makes it pretty convenient. The company actually contact each user after about 11 months to arrange for the device to be recycled.

This is just another example of how simple marketing for (seemingly) simple products are delivering unprecedented growth. How does your business audit your services and marketing to ensure it is simple and effective?