Tag Archives: security

Wireless communication network concept. IoT(Internet of Things). ICT(Information Communication Technology).

A Smarter World Part 4: Securing the Smart City and the Technology Within

In the last installment of our blog series on smart cities, we examined how smart transportation will make for a more efficient society. This week, we’ll examine how urban security stands to evolve with the implementation of smart technology.

Smart security in the modern era is a controversial issue for informed citizens. Many science fiction stories have dramatized the evolution of technology, and how every advance increases the danger of reaching a totalitarian state—particularly when it comes to surveillance. However, as a society, it would be foolish to refrain from using the technical power afforded to us to protect our cities.

Here are the top applications for smart security in the smart cities of the future:

Surveillance

minority-report-iris-scan-blog-hero-778x391

Surveillance has been a political point of contention and paranoia since the Watergate scandal in the early 1970s. Whistleblower Edward Snowden became a martyr or traitor depending on your point of view when he exposed vast surveillance powers used by the NSA. As technology has rapidly evolved, the potential for governments to abuse their technological power has evolved with it.

Camera technology has evolved to the point where everyone has a tiny camera on them at all time via their phones. While monitoring entire cities with surveillance feeds is feasible, the amount of manpower necessary to monitor the footage and act in a timely manner rendered this mass surveillance ineffective. However, deep learning-driven AI video analytics tools can analyze real-time footage and identify anomalies, such as foreboding indicators of violence, and notify nearby law enforcement instantly.

In China, police forces use smart devices allied to a private broadband network to discover crimes. Huawei’s eLTE system allows officers to swap incident details securely and coordinate responses between central command and local patrols. In Shanghai, sophisticated security systems have seen crime rates drop by 30% and the amount of time for police to arrive at crime scenes drop to 3 minutes.

In Boston, to curb gun violence, the Boston police force has deployed an IoT sensor-based gunfire detection system that notifies officers to crime scenes within seconds.

Disaster Prevention

shutterstock_457990045-e1550674981237

One of the major applications of IoT-based security system involves disaster prevention and effective use of smart communication and alert systems.

When disasters strike, governments require a streamlined method of coordinating strategy, accessing data, and managing a skilled workforce to enact the response. IoT devices and smart alert systems work together to sense impending disasters and give advance warning to the public about evacuations and security lockdown alerts.

Cybersecurity

The more smart applications present in city infrastructure, the more a city becomes susceptible to cyber attack. Unsecured devices, gateways, and networks each represent a potential vulnerability for a data breach. The average cost of a data breach according to IBM and the Poneman Institute is estimated at $3.86 million dollars. Thus, one of the major components of securing the smart city is the ramping up of cybersecurity to prevent hacking.

smart-city-1 graphic

The Industrial Internet Consortium are helping establish frameworks across technologies to safely accelerate the Industrial Internet of Things (IIot) for transformational outcomes. GlobalSign works to move secure IoT deployments forward on a world-wide basis.

One of the first and most important steps toward cybersecurity is adopting standards and recommended guidelines to help address the smart city challenges of today. The Cybersecurity Framework is a voluntary framework consisting of standards, guidelines, and best practices to manage cybersecurity-related risk published by the National Institute of Standards and Technology (NIST), a non-regulatory agency in the US Department of Commerce. Gartner projects that 50% of U.S. businesses, critical infrastructure operators, and countries around the globe will use the framework as they develop and deploy smart city technology.

Conclusion

The Smart City will yield a technological revolution, begetting a bevy of potential applications in different fields, and with every application comes potential for hacker exploitation. Deployment of new technologies will require not only data standardization, but new security standardizations to ensure that these vulnerabilities are protected from cybersecurity threats. However, don’t expect cybersecurity to slow the evolution of the smart city too much as it’s expected to grow into a $135 billion dollar industry by 2021 according to TechRepublic.

This concludes our blog series on Smart Cities, we hope you enjoyed and learned from it! In case you missed it, check out our past entries for a full picture of the future of smart cities:

A Smarter World Part 1: How the Future of Smart Cities Will Change the World

A Smarter World Part 2: How Smart Infrastructure Will Reshape Your City

A Smarter World Part 3: How Smart Transportation Will Accelerate Your Business

Blog Cover Security

Protect Your Enterprise with the Top Mobile App Security Tips of 2019

A recent study conducted by AppKnox concluded that out of 100 top E-commerce apps, 95% failed basic security testing, 68% had four or more loopholes present in them, and 68% of apps were diagnosed with high severity threats.

Some of the most popular applications, including WhatsApp, Pokemon Go, and Facebook Messenger, are among the most frequently blacklisted among top enterprises due to the security risks they pose.

As a mobile app developer, security can lead to disaster for both your business and your consumers. Here are our top security tips for 2019:

TESTING AND CODE OPTIMIZATION

The two most important processes for building a secure app are extensive testing and constant refinement of code.

Disorganized code often causes data security risks. Minify code to ensure it is clean and concise and does not burden the application. When coding, think like an attacker and address any vulnerability a hacker could use to penetrate your application. Use libraries that show coding errors to ensure you catch security risks.

By budgeting for a rigorous testing and quality assurance process from the outset of the application development process, software developers ensure their applications will be thoroughly secure. Do not allow time-constraints getting a product to market to interfere with this crucial step. Test for functionality, usability, and security. Test, test, and test some more.

SECURE YOUR APIs

Enterprise developers are relying on application programming interfaces (APIs) more than ever, posing additional security requirements. API development and mobile app development share security considerations. Any vulnerability in an API is a vulnerability in the applications that the API connects. Solve potential headaches with the following tips:

  • Ensure all APIs integrated in your app are optimized for security.
  • Monitor all add-on software carefully to ensure that they do not present any system vulnerabilities.
  • Budget time to test the security of your APIs as well.

Check out TechBeacon’s 8 essential best practices for API security for additional reading.

LIMIT DATA COLLECTION AND PERMISSIONS

By collecting as little data as possible and minimizing permissions, app developers limit vulnerable attack points on their app. If the app does not require access to the camera or contacts, don’t request it. The same sentiment can be applied to data: make sure  users are aware of what data your application is collecting from them and only collect user data that is vital to the application’s functionality.

INTEGRATE A SECURITY TEAM FROM DAY ONE

Incorporating a dedicated security team from the inception of the development process on will ensure that the application has a cohesive security strategy intertwined with app functionality. Bringing the security team in from day one will minimize vulnerabilities that otherwise may slip through the cracks if they are brought on later in the process.

PROTECT CONSUMER DATA

Consumer data is generally the most vulnerable element for any app. The higher the volume of consumer data, the more there is for hackers to steal. In addition to limiting data collections, app developers should look into new data encryption technologies and biometric authentication. Decentralized database technology like the blockchain cryptology are among the most high-tech data protection measures tech companies can undertake.

Learn more about the Blockchain for mobile development via Application Development Trends.

CONCLUSION

In order to maintain secure environments, app developers must stay constantly stay up-to-date on the latest security technologies. Reading tech publications and maintaining awareness of the latest trends will ensure your enterprise is ready to integrate with tomorrow’s tech.

bitcoin-mobile-wallets-cryptocurrency

Secure Your Cryptocurrency with the Right Wallet

While blockchain technology ensures that cryptocurrency transactions are immutable, irreversible, and secure, where cryptocurrency is stored is a determining factor in how secure it is. Having a vulnerable cryptocurrency wallet is like storing money at a suspicious bank: it’s unsafe and it behooves the investor to do enough research to sleep at night knowing their assets are safe.

WHAT IS A CRYPTOCURRENCY WALLET?

Every transaction in the blockchain shared record is signed by a private key linked to the user’s account. As we covered in the first blog in our cryptocurrency series, the blockchain is the decentralized mechanism that prevents double spending and validates transactions. Cryptocurrency wallets store the private keys. Although cryptocurrencies are not stored within the wallet, they are protected by the address created and stored by the wallet. Deciding on the right wallet for your cryptocurrency is one of the most important decisions since it will make or break the security of your assets.

There are five different types of wallets to choose from: mobile wallets, desktop wallets, hardware wallets, paper wallets and online wallets.

PAPER WALLETS

Paper wallets are the most basic form of wallet. They are an offline wallet consisting of two QR Codes. One of the codes is the cryptocurrency address and the other is the associated encrypted private key.

The benefit of a paper wallet is that it cannot be hacked. It is essentially a piece of paper that is stored in a safe place like a safe or safety deposit box. Unfortunately, while paper wallets may be exceptionally safe since they are unhackable, they are not exceptionally nimble. If you are looking to buy and sell cryptocurrencies frequently, this may not be the option for you.

ONLINE WALLETS

If you are new to cryptocurrency and have recently invested, chances are you are currently using an online wallet like Coinbase, Blockchain, or Xapo. Online wallets are run by third-party providers, so the security of currency is dependent on the company running the show. As the hack of NiceHash proves, this is not always the best thing. CoinBase insures their client’s investments and stores the majority of their cryptocurrency offline. While Online Wallets provide an easy avenue for buying and selling cryptocurrencies, storing cryptocurrency offline is significantly safer.

MOBILE WALLETS

Mobile cryptocurrency wallets are software wallets that make cryptocurrency available through mobile devices. One of the benefits of a mobile wallet is that merchants that accept cryptocurrency can use NFC technology to sync with their apps and provide wireless payments.

The most popular mobile wallets include Copay, breadwallet, and for Android users: Bitcoin Wallet. While mobile wallets make cryptocurrencies nimble, they are only as secure as the smartphone on which they are being used. Storing large amounts of cryptocurrency on mobile devices is not recommended, but they can be a good tool for investors who are buying and selling cryptocurrency on the go.

DESKTOP WALLETS

Like mobile wallets, desktop wallets are software designed for desktop computers. They are more secure than mobile wallets, but less nimble. Still, for those who want to secure their cryptocurrency and don’t mind being limited to their computer, desktop wallets are a great option.

Bitcoin Core is the original Bitcoin wallet, but it is somewhat techy and precarious to install as it requires downloading the entire blockchain.

Electrum is one of the most popular desktop bitcoin wallets. It’s easy to use and it can be configured for advanced features like TOR and cold storage, making it accessible to newbies with higher functionality for high-tech users.

Exodus features one of the best UIs available for a wallet. It allows users to instantly trade currencies stored within the exchange between themselves and it is partially open source.

HARDWARE WALLETS

Aside from paper wallets, hardware wallets are the most secure method of securing cryptocurrency. Hardware wallets are small computers, smartcards, or dongles created to generate private keys offline, securely signing transactions in the offline environment. Like paper wallets, hardware wallets cannot be hacked remotely and are as secure as the place in which they are stored. The only difference is that hardware wallets, like all technology, can lose functionality with age and improper upkeep.

The best hardware wallets are Ledger Nano and Trezor. Ledger Nano is a smartcard-based hardware wallet that can be used on any computer or Android phones with Mycelium or Greenbits mobile wallets. Trezor is a tiny computer, rather than a smartcard, but both upon set-up generate a random 24-word seed that backs-up the funds and can be used to recover all funds within the wallet. It is best to have a hardware wallet with its own screen, like Trezor, since hardware wallets that plug into the computer expose themselves to the security vulnerabilities of the computer.

TAKEAWAY

There are many ways to store cryptocurrency with varying levels of security. For those who are looking for the most secure method, hardware and paper wallets are the best route. For those who are looking to trade on the go, mobile and online wallets provide the best flexibility. Desktop wallets are the happy medium. So long as wallet options have been researched, cryptocurrency investors can rest easy knowing they made the informed decision.

Next week, for the next installment of our blog series on cryptocurrencies, we will explore the revolutionary mechanics of the Blockchain. Stay tuned!

Securing Your IoT Devices Must Become a Top Priority

The Internet of Things has seen unprecedented growth the past few years. With an explosion of commercial products arriving on the marketplace, the Internet of Things has entered the public lexicon. However,  companies rushing to provide IoT devices to consumers often cut corners with regard to security, causing major IoT security issues nationwide.

In 2015, hackers proved to Wired they could remotely hack a smartcar on the highway, kill the engine and control key functions. Dick Cheney’s cardiologist disabled WiFi capabilities on his pacemaker, fearing an attack by a hacker.  Most recently, the October 21st cyber attack on Dyn brought internet browsing to a halt for hours while Dyn struggled to restore service.

Although the attack on Dyn seems to be independent of a nation-state, it has caused a ruckus in the tech community. A millions-strong army of IoT devices, including webcams and DVRs, were conscripted with a botnet which launched the historically large denial-of-service attack. Little effort has been made to make common consumers aware of the security threats posed by IoT devices. A toy Barbie can become the back door to the home network, providing access to PCs, televisions, refrigerators and more. Given the disturbing frequency of hacks in the past year, IoT security has come to the forefront of top concerns for IoT developers.

SECURING CURRENT DEVICES

The amount of insecure devices already in the market complicates the Internet of Things security problem. IoT hacks will continue to happen until the industry can shrink vulnerable devices. Securing current devices is a top priority for app developers. Apple has made an effort to combat this problem by creating very rigorous security requirements for HomeKit compatible apps.

The European Union is currently considering laws to force compliance with security standards. The plan would be for secure devices to have a label which ensures consumers the internet-connected device complies with security standards. The current EU labeling system which rates devices based on energy consumption could prove an effective template for this new cybersecurity rating system.

ISPs COULD BE THE KEY

Internet service providers could be a major part of the solution when it comes to IoT Security. Providers can block or filter malicious traffic driven by malware through recognizing patterns. Many ISPs use BCP38, a standard which reduces the process hackers use to transmit network packets with fake sender addresses.

ISPs can also notify customers, both corporate and individuals, if they find a device on their network sending or receiving malicious traffic. ISPs already comply with the Digital Millennium Copyright Act which requires internet providers to warn customers if they detect possible illegal file sharing.

With the smarthome and over 1.9 billion devices predicted to be shipped in 2019, IoT security has never been a more important issue. Cyber attacks within the US frequently claim the front page of the mainstream media. CIO describes the Dyn attacks as a wake-up call for retailers. The combination of a mass adoption of IoT and an environment fraught with security concerns means there will be big money in IoT security R & D and a potential slow-down in time-to-market pipeline for IoT products.

Will the federal government get involved in instituting security regulations on IoT devices, or will it be up to tech companies and consumers to demand security? Whatever the outcome, this past year has proved IoT security should be a major concern for developers.

Safety First: Mobile Security Is More Than Worth the Investment

Having established the top mobile app trends for 2016 with our blog App to the Future, the Mystic Media blog is currently exploring each of the top trends in greater detail with a five-part series. This week, in Part 3 of our Top Mobile App Development Trends series, we will be examining security.

2015 saw several major data breaches, including 87 million patient records from Anthem and 21.5 million security clearance apps from the U.S. Office of Personnel Management. The European Union is currently crafting a General Data Protection Regulation designed to strengthen and unify data protection.

Gartner correctly predicted that over 75% of mobile applications would fail basic security tests in 2015. Many mobile companies are sacrificing security to attain quicker turn-around on smaller budgets, and the result has been disastrous for many. Even Apple hasn’t been safe from mobile app hacks.

Mobile application security is an integral part of the app development process worthy of the same level of attention as app creators give to design, marketing and functionality. With that in mind, here are some of the top app security trends for 2016:

DevOps Protocol on the Rise

In a recent RackSpace Survey of 700 IT manager and business leaders, 66% of respondents had implemented DevOps practices and 79% of those who had yet to implement DevOps planned to by the end of 2015.

DevOps is an approach to app development that emphasizes collaboration between software development, IT operations, security and quality assurance through all stages of the app development process under one automated umbrella. Utilizing a DevOps protocol improves app security by bringing the IT security team in at an early stage to guide the development process away from potential security threats. App Developers gravitate toward DevOps since it speeds up the time to market while increasing innovation. Like a conveyer belt, DevOps puts a system of checks and balances in place at all stages to ensure that the product will be sufficient for delivery.

By opening up the app development process, security team members can inject security into the code early in the development process and eliminate vulnerabilities before they become threats.

Security Risks In Wearable Tech

Wearable technology is on the rise not only in the marketplace, but as a major security vulnerability for businesses. With the technology in nascent stages, developers have been more concerned with creating a functional strategy for the wearable platform than they have been with improving security. Health and Fitness apps leave users the most vulnerable by constantly monitoring the user’s heartbeat, movement and location. With limited UI and an emphasis on usability, wearables severely lack in security features. App developers looking to create safe apps for this platform will have to innovate and dictate the trends in order to create apps that don’t put the user at risk.

IoT (Internet of Things) & BYOD (Bring-Your-Own-Device)

With the workplace increasingly becoming virtual, malicious hackers acting through the Internet of Things are targeting personal mobile devices in order to find vulnerabilities in businesses.

Bring-Your-Own-Device (BYOD) has increased in popularity in work cultures, each of which represents a potential vulnerability . Smartphone owners generally don’t invest in security on their personal devices with the same thoroughness as a business would when issuing work devices. Due to the boon of mobile work apps, many app developers are cutting corners to meet demand by sacrificing security in service of quicker turnover.

Wise and experienced app developers know you can’t put a price on safety, and they take the necessary precautions to protect the integrity of the app for its users and the app owner.

Major organizations must understand IoT and how it can improve or threaten their business through their employees’ mobile devices. By encouraging a culture of collaboration and welcoming unique expertise into the app development process at an early stage, DevOps practices help ingrain necessary knowledge about IoT and mobile security into organizations.

That’s it for app security! Be on the lookout for part 4 of our series on the top mobile app development trends for 2016 next week when we explore the Internet of Things.

App to the Future: Top 5 App Development Trends for 2016

Over the next five weeks, the Mystic Media Blog will be launching a series exploring the top app development trends for 2016 and featuring apps that demonstrate the ways in which each trend can be creatively applied. While this article will introduce you to each of the top trends, be on the lookout in the coming weeks for our in-depth expansion upon each individual trend.

With apps having amassed significant popularity over the past few years, many businesses are looking to enter the arena and develop their own app. Some apps are designed to generate revenue on their own, while others are built to support internal or eCommerce business processes. One would be hard-pressed to find a business which wouldn’t receive a boost by a well-developed app.

As we embark on 2016, it’s vital to consider the future of app development when investing in the creation of an app. Here are the top app development trends to look out for in 2016:

1. Cross-Platform Development

A business cannot control the devices which its customers and employees utilize. Between smartphones, tablets, computers, and now wearable devices, it’s vital to create apps with cross-platform functionality to ensure they are accessible by the widest range of users.

2. Cloud Integration

The cloud represents a major technological advancement over the past few years. With Apple, Google, and Amazon all monetizing clouds for consumer use, expect cloud integration to rise in popularity in 2016. The cloud will allow apps to sync data from various devices, making them a major tool to aid cross-platform development.

3. Emphasis on Security

In 2015, several massive data thefts took place, including 87 million patient records from Anthem and 21.5 million security clearance apps from the U.S. Office of Personnel Management. The European Union is currently crafting a General Data Protection Regulation designed to strengthen and unify data protection. Security will be a major concern for app development in 2016, especially for large businesses and government agencies.

4. Internet of Things

The Internet of Things (IoT) has gained traction with the advent of wearable devices. IoT attracts value on a case-by-case basis with specific IoT components designed to solve a specific problem. For those unfamiliar with IoT, here’s an awesome introductory video by Intel:

IoT has emerged as a major area of growth in the tech world which will only continue to expand in 2016. One study by IDC shows IoT spending will reach $1.7 trillion in 2020.

5. M-Commerce

With Paypal facing competition from Venmo, Apple Pay, Android Pay, and more, mobile commerce has become the norm. As consumers seek easier payment methods, app developers in 2016 will be working toward designing apps with safer, faster, easier transaction processing.

Mystic Media is an Android & iOS app development, web design and strategic marketing firm located in Salt Lake City, Utah. Contact us today by clicking here or by phone at 801.994.6815.