Top enterprise mobile security tips to ward off phishing and ransomware attacks

Posted on Updated on

enterprise mobile security strategy tips

With enterprise applications becoming a standard norm across almost all industry areas, hackers are having a field day stealing data from business entities rather than individual consumers (who were their initial targets).

Highly customized techniques are being devised to attack confidential enterprise data through phishing, spearfishing, CEO Frauds, and BEC (Business Email Compromise) – to name a few.

Enterprises are falling short of effectively preventing and countering these security breaches because of lack of a comprehensive policy that covers all types of devices that have access to their data – PCs, smartphones, and tablets.

This article is written to illustrate what are the major causes of security concerns and how they should be addressed in the enterprise’s mobile security strategy.

The level of Security Awareness within the workforce is an indicator of the vulnerability of the enterprise.

Most enterprises do not give adequate importance to security awareness programs within the company, reducing them to a mere formality of attending a training session annually. This is the first indicator how the enterprise will fare on the security rating scale.

The results of regular training sessions are effective only when surprise employee testing sessions are conducted by intentionally subjecting their emails to planned phishing scams/other forms of security threats. The number of employees reporting suspicious account activities gives an idea of the security awareness level of the enterprise.

It is important to note that the employees who fail to recognize these dummy threats should not be pressurized to maintain healthy atmosphere that will encourage them to report any subsequent security threats.

ROI (Return-on-investment) depends on mobile security strategy

It is a surprising fact that majority of enterprises do not have any mobile workspace solution to handle the security needs across devices. The implementation of a consistent security strategy is a must to ensure that the enterprise data is protected even when the workforce logs in using personal devices and from unknown networks.
This requires a comprehensive workspace solution that provides tools such as virtual desktops, data loss prevention, asset management, centralized data store, etc. through a combination of MAM (Mobile Application Management) and MDM (Mobile Device Management). There are several MEAPs (Mobile Enterprise Application Platforms) that provide this solution and help implement policies like consistent enterprise file sync and share, single sign-on, VPN and other development and deployment features.

If a mobile security strategy is implemented correctly, the enterprise will see an overall increase in productivity and application quality leading to an increase in application downloads. Thus, mobile security strategy and ROI go hand-in-hand for enterprises.

4 security practices

    • BYOD policy implementation

Work from home has become an accepted norm be it an employee staying in for the day or being out of town for some meeting. In such cases, there may be instances of employees using their personal devices to access enterprise data and applications.

Although enterprises have accepted the fact that they cannot force users to use company devices at all times (and allowed usage of personal devices for office work), most of them still undermine the security breaches that can take place because of this. Hence, every enterprise requires a BYOD (bring-your-own-device) policy that provides more protection than just having secure passwords. Applications like PIN Genie Vault provide decoy passwords, and snap pictures if someone tries to forcefully access the device.

    • Cloud Storage

Cloud migration is predicted to be number one enterprise mobility trend in 2017. The data stored on cloud (as well as critical on-premises hosting solutions) should be closely monitored through role-based access. It should not be stored as-is, but encrypted before being saved to the database.

The cloud-based security implementation should be able to segregate data dispensation based on roles, in addition to allowing remote retrievals, redaction, and wiping of device data. It should also take regular automatic backups of system data, to ensure data availability in case of ransomware attacks.

    • Two layered authentication

Although a multi-layer authentication is desirable, it is too complex to implement (with OTPs, USB tokens, smart cards, etc.). A two-layer authentication is enough (and essential) to validate that the user accessing the data is indeed an authorized employee, and not an impostor who has broken in to the employee’s device. This implementation asks for an indicator like OTP or secret question when the user tries to access sensitive data.

    • Email Security

Even normal email providers use two-layer authentication, which is an industry level security mechanism. Hackers mostly aim to accomplish identity thefts through phishing attacks, while the more sinister of them would aim to infiltrate the internal system of the enterprise to steal confidential data. This makes it necessary to have measures in place to encrypt sensitive emails and educate the top management level employees about CEO Phishing.

Conclusion

As technology advances, the enterprise applications become more prone to security breaches and threats as the hackers leverage the same technology advances to develop ‘better’ phishing scams and ransomware attacks. So much so that Ransomware-as-a-Service has become lucrative business. Hackers now focus on business entities, as individual user data supply has become abundant in the underground market and very few people pay for buying it. Instead, they hold entire enterprises to ransom by stealing huge chunks of database files. Hence, change management to keep upgrading security at the same speed as technology upgrades is the need of the hour along with the basic mobile security strategy implementation.

So, hire Java developers to develop robust client driven applications, easy to use ecommerce or online shopping apps, various web application and enterprise security application with minimal scope for redundancies.

Java and .NET: Competitors or Allies?

Posted on

You would have read plenty of material comparing Java and .NET and also advising you on which one to choose. The fact is that both Java and .NET perform similar functions. There is no doubt that they are competitors, but, unlike how some bloggers project them as opponents with diverse interest, these are competitors with same interest.

In this blog, I will attempt to touch the common points between the two and leave the selection decision on you without maneuvering facts and making one look better than other.

Java and .Net

Understanding Java
Java is a programming language and just when you start relating to it as a language, you will encounter the Java Framework, the Java Platform, and a lot of Java everywhere. Although, all of these are linked with a thin line of difference, but, for a beginner with no prior knowledge, it might be confusing at first. In this blog, we are talking about the Java Platform that use Java as the core programming language.

Understanding .NET
.NET is a Microsoft-powered framework. The primary languages are C# and VB.NET. It has been in existence for close to two decades and has emerged as a tough competitor to Java which had a kind of a monopoly before .NET was launched. This is sometimes confused with ASP.NET which is an application framework whereas .NET is a programming framework.

Common Points
The basic purpose of both Java and .NET is same. The commonalities can be broadly classified on the basis of the purpose and convenience. Let’s look at each of these in detail.

  • The Purpose Is to Develop Applications :- Both Java and .NET are used for developing server-wide applications. These are often referred to as object-oriented languages that involves using classes which can later be used for incorporating similar functions in different applications. Again, to emphasize for Java Platform, the language for writing codes in Java and in .NET it is primarily C#. Java and .NET can be used to create applications for different platforms. There are reservations here like .NET being preferred to Windows applications but then nothing like a hard and fast rule.

    You can easily get started with the development by either employing a Java or .NET developer or by collaborating with a .NET or Java Software development company.

  • The Aim Is to Avoid Rework :- You guessed it right, this is about modularity. While this is something not to boast about because almost all the application building platforms are now modular, it does add to the convenience aspect that a developer gets by being able to reuse classes and use plugins from external sources. The comfort of a developer is a prime point in determining which language will be chosen. And, therefore, the companies focus on this aspect.

This also involves the availability of help resources. Many a times, Java developers advocate for Java being a better choice because it is easy to find a Java Software development company. But, this is not true. There are almost the same resources available for help irrespective of which platform you choose.

Conclusion
Java and .NET are indeed competitors but another point of looking at them is to consider them as allies that motivate each other to develop something more innovative which gives one edge over the other. If either of these is eliminated from the equation, it would be a one-sided battle (not literally) without any motivation for the other. Both have their set of pros and cons, lovers and haters, which encourage the platforms to go strong against each other. Let us know which one you choose.

How to Deploying Micro services using Kubernetes in Java

Posted on Updated on

Technology: Kubernetes is the open source cluster management tool designed by Google, and donated to cloud native computing foundation. It mainly used to automate the deployment process, scaling of the application, operations on application hosted containers across the cluster nodes. It usually works with Docker container, co-ordinates with wide range of Docker running cluster hosts.

Kubernetes Concepts:

  • Cluster: A cluster is a set of virtual machines used by kubernetes to deploy/run our applications.
  • Pod: A pod is set of one or more containers (Docker containers) that share the storage and holds the options to how to run the containers. Pods are co-located and co-scheduled and run in the shared context.
  • Node: A Node is worker machine in kubernetes. It may be VM or a physical machine depending on the cluster. Each node must contain list of services like Docker, Kubelet and kube-proxy to run pods and managed by master components.
  • Label: Labels are key/value pairs attached to objects such as pods, which are used to identify the attributes of objects meaningful and relevant to users, but these will not directly imply core semantics. Labels can be used to organize and to select subsets of objects. These can be used to attach to objects at creation time, later can be modified at any time.
  • Selector: A selector is an expression that matches label to identify related resources such as which pods are targeted by a load balancer.
  • Replication Controller: A ReplicationController verifies that a defined number of pod “replicas” are operating at any time. It makes sure that a pod or similar set of pods are always up and available. If there are many pods available, it will kill some. If there are too less, the ReplicationController will start more. Unlike manually developed pods, the pods maintained by a ReplicationController are automatically replaced if they fail, get deleted, or are terminated.
  • Service: A service is middle layer between front-end and back end, service is an abstraction which defines a set logical pods, and policy by which to access them. Service will target a set of pods using label selector.
    Volume: Volume is directory on file system with some data in it, which is accessible to containers. As Kubernetes volumes are built on top of Docker Container volumes, and providing the additional features compared to Docker volumes.
  • Secrets: A Secret is an object that store the sensitive information like passwords, authentication tokens etc… this information can be put in either in image file or pod specific volume. A secret can be used at pod in two ways:
    • As files mounted one or more container volume.
    • Used by kubelet pulling image.
  • Name: All objects in the Kubernetes REST API are unambiguously identified by a Name and a UID. UID`s are generated by kubernetes internally.
  • Name Space: Name spaces will be used in environment with many users, multiple teams involved. If you are familiar with spring framework, it provides one separate name space for each of its module.
  • Annotation: A key/value pair that holds arbitrary non-identifying metadata for retrieval API by tools, libraries etc… This information may be human readable format, it may be structured, or unstructured, and it may include characters which are not allowed in labels. Efficient filtering by annotation value is not supported.

Installing Kubernetes:
Kubernetes and Java development in India on top of Docker, so we need to install Docker to run Kubernetes.

Installing Docker:

  1. Windows: we can download InstallDocker.msi (https://download.docker.com/win/stable/InstallDocker.msi) and we can install msi file, by default it will create VM. We can run Docker Quick Start Terminal. We can verify the docker installation by running docker –version command.
  2. Ubuntu: we can install Docker in two ways:
    • We can download deb package, install it manually and we need to manage upgrades manually (sudo dpkg -i docker-engine.deb).
    • We can setup Docker repository and we can install from added repository.
      • Repository setup:
        • Execute the below commands in terminal to add the repository.
        • sudo apt-get install apt-transport-https ca-certificates
        • curl -fsSL https://yum.dockerproject.org/gpg | sudo apt-key add –
        • apt-key fingerprint 58118E89F3A912897C070ADBF76221572C52609D
        • sudo add-apt-repository “deb https://apt.dockerproject.org/repo/ ubuntu-$(lsb_release -cs) main”
      • Installing:
      • Execute the below commands to install docker:
      • sudo apt-get update
      • sudo apt-get -y install docker-engine
      • By default it will always install latest version from repository, if we want to install specific version then we can execute the below command instead of above command.
      • To get the list of versions in repository we can run the below command:
      • apt-cache madison docker-engine

Minikube is the tool, using which kubernetes will run locally, and also it will setup the single node cluster in our dev machines.
Minikube supports Kubernetes features such as:

  1. DNS
  2. NodePorts
  3. ConfigMaps and Secrets
  4. Dashboards
  5. Container Runtime: Docker, and rkt
  6. Enabling CNI (Container Network Interface).

Installing MiniKube in windows:

Download the minikube from https://storage.googleapis.com/minikube-builds/101/minikube-windows-amd64.exe

And go to saved folder and invoke command in command prompt to install minikukbe.

minikube-windows-amd64 start

And we need to download kubectl.exe from https://storage.googleapis.com/kubernetes-release//v0.18.0/bin/windows/amd64/kubectl.exe

And add to path (environment variable).

Creating Docker image for our application:

Build tools like Maven, Gradle provides plugin for creating docker image.

If we are using maven as build tool then we need to add the below docker plugin:
<plugin>
<groupId>com.spotify</groupId>
<artifactId>docker-maven-plugin</artifactId>
<version>0.4.11</version>
<configuration>
<imageName>${project.artifactId}</imageName>
<dockerDirectory>src/main/docker</dockerDirectory>
<resources>
<resource>
<targetPath>/</targetPath>
<directory>${project.build.directory}</directory>
<include>${project.build.finalName}.jar</include>
</resource>
</resources>
</configuration>
</plugin>

dockerDirectory refers to folder where docker file present.
directory: refers to build directory.
We can run mvn clean package docker: build to create docker image.
If we are using continuous integration tools like Jenkins we need to push image after the build successful, we can push the image using docker:push goal.
We can also tag the image using imageTags in configuration.
Pushing Docker images to private repository:
We can use registry docker image to start the private repository.
docker run -d -p 5000:5000 –restart=always –name registry registry:2
and change image name specified in docker maven plugin to “<imageName>localhost:5000/hello-world</imageName>”.

And run the mvn clean package docker:build it will build the image file.
Deploying docker image into Kubernetes:
We need to push the above docker image into registry, and we need to execute the below command:
kubectl run hello-world –image=localhost:5000/hello-world:v1 –port=8080
It will deploy our docker image into kubectl cluster, we can also configure under which port our application want to run using port parameter.
We can run the kubectl get deployments to know the deployment status of our application.
View our app: by default all our application will also accessible in kubectl cluster.
For accessing our application we can do in two ways:

  1. We can create kubectl proxy between terminal and kubectl cluster.
    For this we need to run kubctl proxy command to create proxy.
  2. We can expose our application using kubectl expose command.
    kubectl expose deployment/hello-world –type=”NodePort” –port 8080
    We can run kubectl services to check the service is exposed to public or not.
    To get the details about our application service we can run the below command:
    kubectl describe services/hello-world
    Describe output will provide nodePort of the service, we need to use this port for accessing our application.

Updating Docker Image:
We can build latest docker image and we can update deployment path for application to update the application in kubernates.
kubectl set image deployments/hello-world hello-world=localhost:5000/hello-world:v2

Conclusion: Kubernetes is the tool for creating cluster for docker like containers, we can easily scale the cluster size, and we can easily deploy our docker image in all of the configured cluster using kubernets easily.

Java outsourcing services provider introducing command pattern for Java development

Posted on Updated on

In this post, java outsourcing experts explain the use of command pattern for app development. Understand command pattern well and implement a call back functionality in java app. Code shared in this post are for reference purpose only

Introduction

In Java, to make the code more reliable we should design our code efficiently that can be done by applying design methodologies such as OOPs, OOAD, design principles and patterns into applications.

Command pattern is a behavioral design pattern which actually help us to implement a call back functionality in Java. I.e. it encapsulate the request and sends to invoker who holds the command that is need to be executed.
GOF states that – “Encapsulate a request as an object, thereby letting you parameterize clients with different requests, queue or log requests, and support undoable operations”

command-pattern

Command – Interface to executing a command
Concrete Command – Holds a receiver, Implements command interface and execute the operation on the receiver and it actually creates the link between receiver and the action.
Receiver – Has the knowledge of the command and knows how to perform the operation
Invoker – has a command to execute.
Client – uses invoker thru concrete commands

e.g.
java.lang.Runnable is implemented followed by command pattern
In the real world, we can think of any examples

Buying or Selling a share in ShareMarket

  • Command
  • ConcreteCommand – BuyCommand, SellCommand (executes the command on the receiver)
  • Receiver – Share Market (has the knowledge of shares that companies(ICICI, SBI, TATA, etc.) holding and knows how to perform all the share operations will execute shares)
  • Invoker – Broker or Agent who holds the command
  • Client – creates either buy or sell command basis on their requirement and invokes it thru invoker

Commanding/Operating a TV(Television)

  • Command
  • ConcreteCommand – SwichOn, SwitchOff, ChangeChannel, MuteSound etc.,
  • Receiver – TV (knowledge of how to execute the command operations)
  • Invoker – TVRemote (holds the commands to be executed)
  • Client – Creates the command either switchon or off or change channel and invokes it thru invoker

//Command interface
public interface TVCommand {
void execute();
}

//Concrete Command class SwitchOn
public class SwitchOn implements TVCommand {

// holds a receiver who knows how to perform command operations
private TV tv;

public void execute() {
tv.switchOn();
}
}

//Concrete Command class SwitchOff
public class SwitchOff implements TVCommand {

// holds a receiver who knows how to perform command operations
private TV tv;

public void execute() {
tv.switchOff();
}
}

//Receiver – who knows how to perform operations
public class TV {

public void switchOn() {} // switch on operation

public void switchOff() {} // switch off operation

// more methods or operations like muteSound, changeChannel etc.,
}
//Invoker class TVRemote
public class TVRemote {

// holds a command that needs to be executed
private TVCommand tvCommand;

public void setTVCommand(TVCommand tvCommand) {
this.tvCommand = tvCommand;
}

public void pressButton() {
tvCommand.execute();
}
}

//Client
public class Client {

// creates commands and invoke the commands thru an invoker TVRemote
TVCommand on = new SwitchOn();
TVCommand off = new SwitchOn();

TVRemote tvRemote = new TVRemote();

tvRemote.setCommand(on); // on command
tvRemote.pressButton();

tvRemote.setCommand(off); //off command
tvRemote.pressButton();

}

Java outsourcing services providers have explained the command pattern use for app development. If you think you need assistance of professionals to perform this project, outsource java development services today.

Conclusion

It actually help us to implement a call back functionality and command supports to do undo and redo operations since it is maintaining state with the receiver. And it makes the code more maintainable and adaptable i.e. we can add a new command like change-channel, mute-sound etc. without affecting the existing implementation

How to Backup and Restore your CRM Online Instance?

Posted on Updated on

It is the most important aspect of an organisation to keep it data safe. The business depends upon the various data that are needed again and again for various purposes. Preventing your CRM data from any theft and becomes very essential as it requires regular time to time check-ups so that it status can be known.

We have multiple options for backing up and restoring your CRM Online instances. This is the ability for the end user to be able to manage database backups and simultaneously backups van be made in our online instance whenever we require. Previously customers had to engage Microsoft support to do this for them, but with new added features the customer can now manage this procedure of their own.

crm-online

There are two types of backups namely system backups and on demand backups.

System Backups: These are like an automated function which takes it course automatically without manually commanding it to its job. Some useful CRM system backups are stated below:

  • All your instances are backed up automatically without doing it yourself each day.
  • System backups occur daily and it doesn’t need any reminder.
  • System backups are retained up to three days so that you may check them when in need.
  • System backups in no case keep count against your data storage limits.
  • System backups are identified as created by System on the Manage Backups page.

Demand Backups: With on demand backups, you can make your own backup before making some significant modification change or applying a version update. Some important features of Demand Backups are mentioned below:

You can back up Production and Sandbox occasions.

  • You can only restore to a Sandbox instance. For restoring to Production instance, firstly you have to switch it to a Sandbox occasion.
  • Only CRM Online 2016 version update 1 or later versions are supported for any backup.
  • On demand backups are retained for up to three days. These backups can be further used for your references.
  • On demand backups are generally explained as created by someone other than System and with the help of Edit – Delete – Restore in the details section. System backups only There is currently no facility to program backups (other than the daily system backup that’s taken automatically once a day)

Limitations

With this new ability like all new features it is quite obvious that it will have some limitations:

  • This is especially available for CRM Online 2016 Update 1.
  • You are not supposed to take an on Premise backup and restore it into our online occasion
  • Cannot backup your online instance, and doesn’t have the ability to restore it to an on Premise org or for reporting purposes.
  • There is no usual API support in this segment.
  • There are currently no facility to schedule backups (other than the daily system backup that’s taken automatically once a day)
  • With all these limitations it’s amazing to witness that more power coming to the CRM Online customers hands. It’s for sure that Microsoft will definitely linger to enhance this already powerful tool and maybe eliminate some of the current limitations in future versions.

Even with these limitations it’s great to see some more power coming to Microsoft CRM Development. Its sure Microsoft will continue to increase this already influential tool and maybe disregard some of the current limitations in future versions. The backups themselves are encrypted, and you’re only able to restore back into a Sandbox instance. Microsoft CRM Development in India thus helps its users in so many ways.

Read More: