Great Infographic from the Economist (Economist Intelligence Unit, June 2013) indicating what type of technologies Enterprises are investing in….kind of speaks for itself, doesn’t it? (We love our TouchDown Email). Very interesting what the forecast is for the next three years. But wait, there is no mention of MDM’s… 😉
There is a lot of buzz going around the discovery that Samsung’s KNOX container has been found to have some vulnerabilities, as reported by the Wall Street Journal Tuesday and PC World yesterday. While it is very poor timing for Samsung, considering CES, the huge technology show in Vegas, starts next week, we are confident that Samsung is dedicated to security and will find a fix quickly.
What exactly is the concern? The vulnerabilities found by Israel’s Ben-Gurion University of the Negev indicate that Knox software (when used on a Samsung Galaxy S4 or Note 3) could allow malicious apps to eavesdrop on data transferred within the secure environment. The WSJ reports :“Samsung officials told the Journal that the vulnerability was found in developer phones that weren’t “fully loaded with the extra software that a corporate client would use in conjunction with Knox,” the paper reported. So far, the Knox vulnerability has only been discovered on the Galaxy S4.”
The PC World article compared KNOX to our TouchDown, since both are designed to keep data secure – so what does all this mean and how does it work? TouchDown was specifically designed to keep data secure against this type of data breach. It keeps corporate data secure through encryption and by keeping it ‘sandboxed’ away from a users personal data on their device (smartphone, laptop, tablet). It works directly with ActiveSync Exchange and keeps email, contacts, calendar and notes data secure when kept within TouchDown. Meanwhile Samsung’s KNOX creates a container around several third party apps, with the purpose of keeping data within those apps separate from app data not inside the KNOX container. The security breach discussed in the article regards the potential security breach of the KNOX container itself, meaning malware could have access to apps inside the container. If there are apps inside the container that are not secure, they could potentially be breached. Luckily, TouchDown users can breathe easy, since even if a malware attack did get past the KNOX container it would not be able to breach TouchDown data. So whether you are using TouchDown in or out of the KNOX container on a Samsung device, your data will remain secure and separate from other data on your device. If you’re not using TouchDown…what are you waiting for??
With the latest release of TouchDown for iOS in the Appstore and our developers working like crazy on the next Android version, we thought we’d give you a little holiday sneak peek at iOS version 2014…with some GREAT new features!! Enjoy 🙂
Did you know that your phone works even when “at rest?” Indeed, no matter whether you just let it “fall sleep” or actively put it to rest, your smart phone will continue to send data, and sometimes to surprising locations. Certain apps (Foursquare, Talking Tom) have even been found to send your personal data like your address book, and sometimes even your phones exact location and your IMEI (Your phone’s unique identifier). Now, I don’t know about you, but I don’t want my phone broadcasting anything about me, my data usage or my location without my specific knowledge and consent. And I certainly don’t want my teenagers location and private information being sent out to advertisers when they use the popular app “Talking Tom”, which was found by Channel 4 news to be sending such private data through Talking Tom to advertising company mopub.com (read more here). Looks like I’m taking that app off my kids phone when I get home.
Then there’s Google, the beloved (and brilliant) search engine. We’ve known for awhile now that Google actively mines users’s email when using Gmail, but it makes you wonder – is it safe to use Google Hangouts as a text messaging service, or Waze, the awesome social sharing traffic App, without fearing your personal information will be shared with someone looking to benefit from such information? Personally, I’ve stopped using Google + and have even given up my beloved Waze. Although I have always applauded Google for their search engine’s capabilities, I hesitate to give full access of all my data, whether through Gmail, Google+ or apps like Waze. One of the reasons I love TouchDown is because I know where my email is going, and where it is being stored. I know my address book isn’t being shared. While I knowingly give up some privacy when I use Facebook, I would never “Sign in with Facebook” because I don’t want to to look up my forgotten password…
In short – be wary, be careful and be smart. Your data should stay YOURS – and you should know where it is going.
We are loving the praises that are coming in for TouchDown for Mac…here’s why you NEED to get it NOW:
“Finally an all in-one corporate email, calendar, contact and task management system for the Mac. The intuative interface has enhanced my workflow and increased producitivity whilst providing a clean and modern user experience. At last, TouchDown has removed the ‘compromise’ of using a Mac within the corporate world.”
– Ian Heathcock – Business Development Director Griffiths Waite UK – http://www.griffiths-waite.co.uk
“After many headaches trying to get Apple Mail to work with my work Exchange account, I had given up getting my work email on a native app. I have downloaded it, and synced up my work email in less than a minute. The interface is simple, intuitive and best of all, it just works. Thanks so much for the opportunity to try out this amazing application. I look forward to the final release!”
Jessica S
“Downloaded your client and have been using it for a couple of days. Here is my feedback about the app:
* Really Love the UI and the way fonts have been chosen. The option of themes is just awesome.
* One of the main critics of Mac mail has been that a new email is not so obvious to spot. But with TouchDown, with the bold and blue color, it takes just a blink of an eye to spot it.
* Integration with Contacts, Calendar and Notes into one single app is a HUGE one.
* The Calendar UI is also fascinating.
* Loved the option to associate an avatar to any contact in our contacts list.”
Deepak M
“Great app. I can finally now get my emails on my mac without having to VPN into my work.”
Eric S
“Kudos on the Touchdown beta. It is a FABULOUS first effort, and fulfils a long-held wish for me – a lightweight, Mac-centric Exchange client. Works great with our corporate Office 365 accounts.”
Susan K
“I bought my Mac in january and have been very frustrated that I couldn’t get my work email. I can’t tell you how excited I am to find your product. “
Cynthia Posey
“Great app, worked fantastic, try- love it”
Deepak C
“Touchdown team,
Thank you, thank you, thank you. It has been a long time since I’ve been able to have the same seamless experience with Exchange email on my Mac environment. Literally years. In 2009, I gave up using Entourage. When I gave up, I knew that I was giving up the messages, mail, notes, tasks, and calendar items that (almost) worked in Entourage.
Now, I’m loving that Touchdown brings back these missing real-life Exchange-hosted features on my Mac.
Keep up the good work,”
-Kent H
“Thanks for working on a Mac client. Touchdown is an amazing utility.”
Sirish K
“So far, the worst thing I can say is TouchDown keeps all my work email and calendars close at hand. <sigh> No more claiming that I didn’t bring my work computer home…”
Keith P
“Hi guys!
I have downloaded and tried TouchDown for Mac and I love it!
A clean and simple Active Sync who do work perfect with office 365!”
Robin J
“First and foremost a big Thank You! About time we got a decent mail client for the Mac platform. As an SMB IT Consultant for the past 20 or so years I hear from end users that they’re ‘OK’ with Mac’s mail client, from the admin side it’s pitiful. Just the fact that you’ve added encryption and security is huge! Now I have another awesome tool in my box to share with concerned clients.”
Jeff A
Thanks to all our amazing customers!
Today we get to hear straight from the mind of our developer himself!
Why TouchDown for Mac?
Some of you may wonder why NitroDesk, traditionally a mobile email product developer, would build a Mac version of TouchDown. TouchDown has traditionally been available on mobile platforms Android and iOS, but Mac is really a desktop platform. So what gives?
Last year when we switched from a pure android shop to build an iOS version, it forced some of us to start using Macs as our desktops (it’s hard to build an iOS app on a Windows desktop). Initially we got by installing parallels on the Mac and with using Outlook. We also had the native Mac client syncing our emails. But eventually we got tired of having to switch between Mac and Windows just to do everything unrelated to development (performance issues due to the two OSs, and the fact that we use Eclipse on Windows to build our android app was another reason – there are several legacy reasons why we could not switch to Eclipse on the Mac). So, we switched from Parallels to BootCamp to dual boot Win8 and Mac on the same computer. That made life easy in some ways (we could actually boot back and forth and get the job done – Eclipse would actually run in Win8 on bootcamp). Personally the best windows PC I have used is a Mac PowerBook Retina (shhh, don’t tell anyone).
This was a good move in a sense. This helped us focus on one platform at a time. The pain of rebooting to switch from iOS to Android was enough to prevent our minds from wandering.
But it caused a couple of problems
Every email received in the Mac Mail app was in plain view in Windows, when using Boot camp. While promiscuous sharing like this between platforms was just great when we need to copy files over from one platform to another, we were not too thrilled with the implications of this (each .emlx file contains the received message in base 64 encoding), which had some serious implications – consider this not too uncommon scenario:
Your CFO is traveling with a MacBook Air and an iPad. You have spent some serious coin on an MDM that would protect the email content on the iPad (probably even mandated the use of TouchDown and an MDM on your iPad). So your corporate data is more secure than Fort KNOX, with a GATE around it. Lose that iPad? You can whip out your cannon and do a remote wipe on it, disable it and nuke it to kingdom come. BUT what happens when he loses the MacBook Air? The MacBook probably syncs with either outlook or Mac Mail. It has waaay more data (no control on email history to download to it) than the mobile device you just nuked. This time around, all you can do is pray for the finder to simply format it rather than trying to get the data out.
YES, laptops are MOBILE! And Macs are vulnerable when they have a partition!
Consider this other scenario:
Your employees use Macs. Every email they send or receive is in that directory in plain text. Any application they may have downloaded from the internet (you can side load applications with no restriction on what they can do) can contain a Trojan which looks for the Mac Mail directory, enumerating, reading and decoding emails, contacts, calendar, notes etc, looking for passwords, credit-card numbers, (PHI if you are a hospital).
This was indeed an OH CRAP moment for us. We have been working hard for the past five years to protect your corporate information, and still we haven’t done enough for our corporate customers.
Hence TouchDown for Mac.
With TouchDown for Mac, all the data in the application is encrypted, so no other application can read or decode it easily. Without explicit user action, none of the email data or attachments can leak outside the protected sandbox we place around it. And no, They cannot be viewed in Windows if you dual boot. Boot away 🙂 “And there’s more!”
…and all the nice tweaks and productivity measures we have added to our mobile apps, and a future resplendent with new ways to work with your corporate email account. (GTD, MYN ? anyone?)
…and PUSH email with an exchange client without being limited to an IMAP connection.
…and the ability for you to import SMIME certs to the application sandbox (not the whole computer) and have touchdown use those to encrypt and sign your emails.
…and the ability to set your OOF.
…and the fact that it may even be a viable solution for implementing the Direct Project (http://directproject.org/content.php?key=overview) – Physicians love Macs (at least mine does), and if we can get them to communicate via secure email, we would have done some good.
Well then, Why NOT TouchDown for Mac!
-g
I am always one of the last to put down my device on an airplane, usually because I’m reading a good book, catching up on a blog post or feverishly working on the next release of one of our products. After all, the hype of your Kindle or iPad causing issues during take-off is, well, somewhat hyped up. Looks like the Federal Aviation Administration FINALLY agrees, and should make an announcement allowing some devices to be left on during take-off and landing next week, according to the New York Times .
Now don’t get to excited, there still won’t be texting or phone calls during the flight, but the list of allowed tasks is likely to include reading e-books or other publications, listening to podcast and music, and watching videos as long as they are not streaming live – all without being glared at by the flight attendants. All the more reason to bring all my devices through security!
Despite working on the UI on the Mac version of TouchDown, there are still fun features that Goutham (who built it) surprised me with – especially my new favorite feature, the custom notification feature.
I like to know when I have new email, and since I am often working on a Mac desktop, a Macbook air and a Samsung PC all at the same time, (meaning my eyes aren’t always staring at the inbox), I LOVE that I can create sound notifications. Not the boring “Ding” that says you have a new email, but awesome, completely custom, speech notifications, PER account. So lets says I have my main inbox, which just happens to be my name @nitrodesk.com. I might have it say “Heh, you have mail.” or if Im having a bad day, I might even have it say “You are amazing” everytime I receive an email.
The coolest part is not the self-esteem booster, but the fact that I can then go to my second and their and fourth account that I have configured for Touchdown, and give each one a different sound/speech notification. So for my support email I may have it say “check support email.” So whether I am pouring over the PC working on some Windows 8 design issue, or having a snack in the lunchroom, I know exactly what account just landed an email that needs my attention.
Want to know who the email is from or who sent it? You can do that too. Here’s how:
In general, you will want to select the account you want to change the notification for – below, I have selected my main account, Daniela@nitro….
1. Click on Settings Icon (lower left hand corner)
2. Click on Notifications, making sure its the Notifications tab under the account you want to amend.
3. Select the Speak radio Button
4. Enter what you want it to say when you receive a new email in the “Speech String” box
5. If you are feeling down, have it say something positive about you, and send yourself email (ok, maybe that’s me…)
Differentiating notifications between accounts
If you want to have a different notification for additional accounts you have configured on your TouchDown for Mac, simply click on that account (mine is blank in this example) and repeat steps 1-4 above. Easy Peasy!!
To get even more details, like WHO sent the email, or the title of the email, repeat steps 1-3, and then:
4. If you want to hear the sender, write something like “Message from” (or email from) and then write “from” like this: %from% An example would be “Email from %from%”
5. If you want to hear the subject of the email, write something like “email titled %subject%”
You can even do both, such as “You have an email from %from% with the subject %subject%”
SO whether you want differentiate your incoming email with speech notifications, boost your self-esteem or TouchDown tell you what the subject line is, this is one cool feature I am already hooked on.
Let me know what you think, and what your notification is.
We are all super busy, running from one place to the next, texting our spouse as we walk to the car and sending an email at the red traffic light (only at a red traffic light, correct?) So yes, it is tempting to give in to all those supposed time savers like ‘one click’ log-ins. But do they make your information vulnerable? Craig Young from Tripwire thinks so.Young reports that the popular ‘weblogin,’ which allows users to use their Google account credentials as authentication for third-party apps may seem secure because its not sharing the username and password itself; instead it creates a token to represent the your login details. Google Apps are very popular across businesses of any almost any size due to their low cost, apparent security and ease of access. However, the use of Google Apps on mobile devices (In this case, an Android device) was demonstrated to have some vulnerabilities by Young at this month DefCon21.
To demonstrate, Young created an Android app that asks for access to the user’s Google account to display stocks from Google Finance. Once you grant the app permission, the app creates a token to access the data. This makes you feel safe and secure because its not passing on your actual username and password. However, the evil app sends the issued token to the hacker who created it, who can then directly paste it into a web session, providing access to everyone of your Google Services. No, not just the Google Finance App you gave permission to use, but Google Calendar, Google Docs, and even your Gmail. Ooops.
It gets worse if you are an administrator for a Google Service – once the hacker can get into your information they can change your passwords and otherwise take control of every account which you administer, not to mention read private company data. Which gets me to the more important point: Why is anyone who is remotely concerned about the safety of their email data not using a self-contained email service that doesn’t allow web-logins, single clicks and other vulnerability causing services? If you are the owner, manager, or client/patient of a business, are you concerned about what security holes the business’ employees are causing when they ‘sign in with Facebook’ or “Google one click” on their Android device while watching their sons T-ball game? We have to balance our thirst for ease of access with our need to not only keep our information private, but that of our clients and our work’s clients. Mobile devices are what allow us the freedom to balance work and play, to multi-task, to keep every client and friend in constant contact. But it is so easy to forget about workplace ethics (including security) wen we’re enjoying that Corona at the Park, checking email to keep up, but taking shortcuts to ‘make it easier.’
So stop using shortcuts, and most importantly, use self-contained data environments (especially for email) that don’t allow other applications on your mobile device to interact with it. If it’s too easy for you to access, its probably too easy for someone else to access too.
Today’s post comes from Dragonfly, our trusty, awesome and beloved iOS Support Guru.
Getting diagnostic information from TouchDown for iOS.
Occasionally during the troubleshooting process, a support technician may request a diagnostic log. Here’s a visual guide on how to retrieve one from TouchDown for iOS:
There are two locations where you can get diagnostic information from the iOS version of TouchDown.
1. During configuration, which can be useful to determine where TouchDown is failing to connect.
2. The diagnostics menu.
In this blog post, I will cover the two methods of obtaining a diagnostic log.
Obtaining a configuration diagnostic:
When you open TouchDown for the first time, or any time after you reset the database, you will be prompted to configure. On this screen, there is a toggle to Enable Logging. To get a configuration log, slide that to the ‘on’ position (see red circle below) and enter in your information.
In the below screenshot, I intentionally entered wrong information and attempted to configure. Note that as the configuration fails, there is an option to ‘Copy Log.’ Click that to put a copy of the log on your clipboard. Once you click it, you will get a notification that it has been added to your clipboard.
As I was unable to configure TouchDown, I entered my gmail account using the device web browser, and opened a new email to send to iossupport@Nitrodesk.com. After long pressing on the body of the email, an option to paste appears. I click it, and it puts the contents of the diagnostic log into the body of the email:
After you paste the log into the email, send it to iossupport@nitrodesk.com with a description of the issue so the technicians there can see where the configuration is having issues.
Obtaining a regular diagnostic log:
If the support staff request an iOS diagnostic log of some specific behavior, here is how to retrieve it. On the main mail screen, tap the circle triangle button, and choose the diagnostics button:
To ensure you get us a correct log, please tap ‘clear,’ which may return you to the main screen again. Enter diagnostics again via the circle triangle button, and enable logging:
Go back to TouchDown and perform the action you are having difficulty with. Return to the diagnostics screen after you are done, and copy the log using the ‘copy’ button. You should receive a notification that it has been copied to the clipboard:
Open a new email, and long press on the body. An option to paste the log should appear. Select that, and you will have a diagnostic log pasted in the body of an email:
Thanks for reading and hope this was helpful in describing the different types of diagnostic logging in TouchDown for iOS.
Dragonfly
Nitrodesk 