Skip Links

Security roundup for Oct. 14: BlackBerry blows up; Moxie's moxie on SSL certificates; Vint Cerf on Google's privacy policies

Can China overcome security questions?

By , Network World
October 14, 2011 01:45 PM ET

Network World - Confidentiality, integrity and availability are oft-mentioned goals of security, and that being the case, this week's lack of service globally for the BlackBerry constitutes a profound security collapse.

RIM executives have profusely apologized for the BlackBerry outage problem, that lasted Monday to Thursday, blaming the widespread outage on a "cascade failure" of RIM data systems around the world due to a core switch failure and a backup that simply wasn't much of a backup after all. The company was busy dispelling suspicions of some disastrous hacking incident ...

MORE ON SECURITY: The SSL certificate industry can and should be replaced

Do BlackBerry users, and the companies that buy the devices, care about this outage and will it influence their decisions on smartphones and mobile devices in the future?

I asked that question of Jon Martin, vice president of information technology at Digirad, the Poway, Calif.-based maker of solid-state gamma camera equipment for the medical field. He replied that right now the company is sticking with BlackBerry because it runs a specialized app the company needs, but the RIM outage is troubling and could mean rethinking buying them in the future.

'Dual-persona' mobile devices

Other news last week about mobile devices included two product and service announcements -- one from Verizon and VMware, the other from AT&T -- that could have a significant impact down the road.

At issue is the trend that companies are increasingly willing to say yes to demands from employees that want to use their own smartphones or tablets, such as the iPad, for business.

There are a lot of security questions that go along with this, and one of them is whether there can be a way to separate the personal data from the business data. It's starting to be referred to as the "dual-persona" question. There are a few software mobile-management products for this today, but AT&T stepped into the limelight last week, saying it will offer a new service called Toggle that will use an application (developed by Enterproid) that will separate personal from corporate data on Android phones. Verizon and VMware happened to take up a similar theme in announcing dual-persona software last week that will be available for more than one mobile operating system that will be commercially launched later this year. Verizon was already taking a few digs at AT&T on this one ...

In related news, Dell this week also said it would be shifting its focus to the "work and play" issue.

The RSA break-in: More just keeps coming

Since disclosing the horrendous break-in in which sensitive information about SecurID was stolen earlier this year, RSA has taken to turning this calamity into the equivalent of a morality play. The latest chapter of this slowly unfolding drama last week saw RSA President Tom Heiser in London telling attendees at an RSA-led conference that investigation work with the FBI, the Department of Homeland Security, the U.K. law enforcement and other agencies has led to the belief that two groups were responsible for the attack. EMC Executive Chairman Art Coviello declined to identify the groups, but is saying that "we can only conclude it was a nation-state sponsored attack." And that attack was clearly designed, according to Heiser, to gain access to U.S. defense-related technology.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News