Best security practices key catalyses full potential of mobile business processes

According to JP Lourens, software product manager at Kyocera Document Solutions South Africa says that along with the convenience and productivity benefits of giving users the ability to access data and documents wherever they are, mobility also introduces new security risks. “Mobile devices can easily be lost or stolen, with the result that confidential data can fall into the wrong hands,” he says.

“Companies that will be providing the workforce with mobile access to documents, should ensure that they adhere to global best practices in data protection and comply with local laws and regulations, such as the Protection of Personal Information Act (POPI). This is especially important when handling sensitive documents that contain financial data, personally identifiable information or contractual details.”

Good security practices key to unleashing full potential of mobile business processes.Lourens says that a mobile ECM/BPM solution should offer tight security at two levels: user and administrator. Administrators should have full control over which features and data their end-users can access, so that unauthorised people cannot access sensitive information.

Some examples of the key features to look for in a secure mobile ECM/BPM solution include:

User permissions: The app should enable the IT department to set which documents and system features different groups of users can access. For example, HR directors who need administrative access to employee documents may have different permissions than HR clerks who only need to view certain documents. While the first group is allowed to perform any action including deleting and modifying documents, the second group can only view and print what their access permissions grant them access to.

Automatic log-in: Any mobile app with access to sensitive company information should feature an option to disable automatic log-in. This forces the user to type in the user name and password each time the app is opened. It is recommended to disable automatic log-in when using automatic log-out.

Data cache clean-out: The administrator should be able to configure the app to flush all data, including any open electronic documents, from the device in any situation. To continue working, the user will need to log back into the system and download the electronic document again if needed.

Automatic log-out: IT should set a policy that users must log out when they are finished interacting with the app. A good solution will allow the administrator to configure a server setting enabling automatic log-out and disabling automatic log-in and export for all users. It is best practice to pair these security settings with the security features offered by mobile devices, such as “Auto-Lock” and “Passcode Lock”.

It should be possible to configure the app to log out automatically after a certain period of inactivity or when the user minimises the app. This should not only remove all documents from local storage, but remove traces of the document or folder that the user was last viewing. These features will stop unauthorised individuals from picking up an abandoned iPad or iPhone and view the data.

Data leak protection: When an electronic document is exported from a corporate-approved mobile app to another app, that new app takes control of the document. A robust platform should allow IT to control whether sensitive documents can be exported to other apps, from where they can be shared with other people or stored locally on the device.

Says Lourens: “In addition to using a secure platform and configuring it correctly, the organisation should have clear security and capture policies in place. It is important to educate users about the security settings and to show them how to keep corporate data secure. If users will access sensitive documents outside the office, they should also be instructed on how to set up a VPN on their mobile device.”

Modern Wi-Fi Networks are Vulnerable, Risk on Bitcoin Wallet?

KRAKS WIFIEarlier this week, Mathy Vanhoef of the Imec-DistriNet research group, discovered serious weaknesses and vulnerabilities in WPA2, a protocol which is used to secure all modern Wi-Fi networks.

Vanhoef’s paper noted:

“An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks.”

How Does it Affect Devices and are Bitcoin Wallets in Danger?

As Vanhoef explained in his paper, any device from mobile phones to computers using public Wi-Fi connections can be vulnerable to data theft. Many analysts including CNET executive editor Roger Cheng explained that at this point, any device that is connected to a public Wi-Fi connection is vulnerable.

“This is pretty serious. The bad news is pretty much every Wi-Fi enabled device is vulnerable. The good news is that it has to be local. The hacker has to be near the Wi-Fi network. It can’t launch a widespread attack,” said Cheng in an interview with CBS.

Analysts have explained that hackers targeting local Wi-Fi connections in public areas such as airports can breach the local systems of Wi-Fi-enabled devices, and as such, hackers can steal information ranging from passwords to local app data. Furthermore, because Android and Linux devices are more vulnerable to KRACKs than other devices or operating systems, Bitcoin and cryptocurrency wallets installed on Android and Linux devices could easily become vulnerable to local attacks.

Vanhoef’s paper explained that around 50 percent of Android devices are vulnerable to KRACKs and other types of attacks that are capable of extracting sensitive information efficiently.

“Because Android uses wpa_supplicant, Android 6.0 and above also contains this vulnerability. This makes it trivial to intercept and manipulate traffic sent by these Linux and Android devices. Note that currently 50% of Android devices are vulnerable to this exceptionally devastating variant of our attack,” read Vanhoef’s paper.

2 Factor Authentication (2FA) For Bitcoin Wallets, Preferably Apps like Google Authenticator

In order to prevent KRACKs and targeted Wi-Fi attacks from revealing the passwords and pin numbers used for Bitcoin wallets it is important that users enable multiple-layered 2FA for maximum protection. Blockchain, the second largest Bitcoin wallet application behind Coinbase in terms of user base, recommends that users enable both email and Google Authenticator protection along with two passcodes, establishing four layers of security that are extremely difficult to breach.

Generally, Bitcoin wallet developers and experts recommend users avoid 2FA via SMS, because phone vulnerabilities or social engineering can lead to numbers being compromised

Read more

Who’s winning African commercial online banking?

According to the recent report by WhySatisfy and Brandwatch, it was found that one bank in each country analysed (Kenya, Nigeria and South Africa) dominated online and social media conversations.

Competition in this space is fierce though and thus the major players can change at any time. Getting the lion’s share of voice can be achieved relatively simply, for example: by running an effective social media marketing campaign (e.g. Standard Bank’s #WhatsYourNext campaign). The audience for this industry is very active on Twitter and this platform has become one of the easiest ways for customers to interact with a bank.

Who's winning online in African commercial banking?Millennials are mobile

In order to not get left behind, banks need to be innovative and agile in listening. Understanding and engaging with the needs of today’s customers. Millennials are the future of the commercial banking industry. Its success will be based on the banks’ ability to get their internet banking and mobile banking customer experiences right.

The experience of ‘visiting your branch’ needs to be completely digital, from beginning to end. If the user has to go offline for a single step, they’ll be lost. An example of a bank that is winning at this is Capital One in the USA. They recognised where the future success of their bank lies and therefore only target millennials. When studying this target market, they found that the top two places millennials like to hangout are: coffee shops and yoga studios. Capital One Cafes were born…”We believe that banking should fit your life, not the other way around.”

The report also notes that the majority of conversations on social in this industry were around mobile and internet banking which is not surprising as this is a very mobile savvy user base. Mobile banking is where future success lies. In the past quarter, this topic of discussion online and on social media was growing at an accelerating rate.

On the web, 37% of all conversations were around mobile banking which was reflected on Facebook and Twitter, with 29% and 42% respectively. This data shows just how active commercial banking customers are on social media in Kenya, Nigeria and South Africa.

Changing perceptions

In Africa, mobile connectivity is growing exponentially, with 90% penetration of the continent’s 1.2bn population, 57% of which are smartphones. Being able to access a full range of banking services for your mobile device is centred around convenience. Customers want to be able to access and transact with their money at any time but most importantly, in a secure way. Succeeding with social customer service mid-June until now has also seen a sharp increase in online and social discussions about service – another high priority area for customers.

Adding value
Banks need to show potential customers they are able to add value and are willing to help with any problems quickly and efficiently.

The customer needs to be made to feel at ease with the service they are receiving and that their bank is looking after their hard-earned money. Effective social customer care has developed into a leading driver of success. All it takes is a single action or key element to completely change how the bank is perceived by a customer. It is good to see that all banks analysed were active daily on social media; interacting with their customers.

Almost 80% of these social discussions were neutral, while only 12% were negative and 8% were positive. On the web 28% of conversations were around service, which was mirrored by the conversations on Facebook and Twitter. Almost a quarter of all conversations were service related as well, being 26% and 24% respectively. Read more

Nigeria remains the most mobilized country in the world

According to a recent report released by Twinpine Networks, a premium mobile advertising network, Nigeria has retained its position as the most mobilized country in the world. Mobile penetration in the country increased from 40 percent recorded last year to 74 percent this year. 81 percent of the mobile traffic in Nigeria comes through mobile compared to India and South Africa, which has 79 percent and 78 percent respectively.

Twine pine

With the growing number of mobile phone users in Nigeria, it is not out of place to say that Nigerians are mobile-obsessed. This is due to the fact that almost everyone in the country, which includes those in the rural area, has a phone. People who don’t have electricity in their homes look for ways to charge their phones. The power bank market in the country is also a growing market because people need a mobile backup charger to charge their phones. Businesses in Nigeria now make use of mobile advertising to advertise their businesses instead of making use of the older way of using billboards, which actually costs more.

The report titled “ 2017 Nigeria Mobile trend report” also revealed that there are 91.5 million unique mobile users in Nigeria out of an estimated 192 million people.

Some other highlights of the reports are

Usage of multi-sim phones 

The report revealed that Nigeria is the country with the highest number of multi-sim phones in the world. The number stands at 66 percent followed by Bangladesh and Tanzania, which stands at 63 percent and 53 percent respectively.

Online activities that Nigerians engage in weekly

Social media is the most popular activity that Nigerians engage on followed by using search engines, checking emails and watching online videos.

Mobile commerce trend in Nigeria

The report showed that 63 percent of all M-Commerce orders in Nigeria come from Mobile. The top three products that Nigerians use their mobile phones to buy are mobile phones, beauty and perfumes and women’s clothing. Surprisingly, the report revealed that more men shop online than women. 61 percent of mobile shoppers are men while 39 percent are women.

Type of app that Nigerians pay for

Most Nigerians hardly pay for apps but the report revealed that Nigerians who paid for apps paid for game apps followed by music and entertainment.

How many Nigerians use mobile banking app

According to the report, about 71.5 percent of Nigerians use a mobile banking app. The benefits of using mobile banking apps are numerous. 63.6 percent of them use it to transfer money, 47.3 percent use it to purchase airtime and 42.7 percent use it to check their account balance

For more insight on the report, please click here to download.