You're Leaking Because of Blackberry...sort of

Ok, so I am going to tell you a Blackberry story. Not the one you think you know from the news or tech articles. This is a story about you, your business, and all that really important company and customer data that is being seen by people whom you don’t want to see it. "Hey Rick, I don’t even use a Blackberry.” I know. Your mobile love fest begins and ends with either Apple or Android. But the gravity of the Blackberry universe still pulls on you. For all you Blackberry folks, don't get wound up. I am not a hater. In fact, I am very much a believer in what the product was: groundbreaking, innovative, and secure.

"You take the blue pill – the story ends, you wake up in your bed and believe whatever you want to believe. You take the red pill – you stay in Wonderland and I show you how deep the rabbit-hole goes." -Morpheus

While many do not like the holy trinity of a Blackberry device, Exchange, and BES, the fact remains that RIM brought us the first real mobile business platform. You could send and receive emails, manage your calendar and contacts, and pretty much run your business life while riding the subway or in the airport bathroom.  And thanks to everything travelling to and from the mothership in Waterloo, it was secure. Above all else though, your IT department could centrally control and manage the entire experience. This was especially important for those of you engaged in top secret clandestine missions where your Blackberry may fall into the wrong hands. A swift click of the mouse and you could nuke the thing from across the globe (cue Mission:Impossible theme). That my friends is power. 

Summer of love
When the iPhone 2G came along in the Summer of 2007, a quiet smartphone revolution began. It was a slow burn that was further ignited when Android came along. See, besides the usual feats (think email, calendar, contacts, etc), these phones could do more. Much more. I'm not talking about lobbing birds at buildings, shooting zombies driving down the highway, or reliving those 80's concert moments with your faux Zippo lighter. I'm talking electronic boarding passes, reading all your news in one view, navigation, and Pandora. And then there is browsing. Yea, ask any Blackberry user about their Internet browsing experience and you will get a scowl followed by a series of colorful metaphors which are...well...they are just plain mean. 

When the bow breaks...
I know, where is the connection to you non-Blackberry users? I’m getting there. You need more info. Check this out. For a long time, companies have been tired of negotiating phone contracts with cell carriers. If you think you hate the experience as an individual, image doing it a hundred or even a thousand times. They also can't stand the cost of replacing the phones. Not just replacing them because of technology changes; replacing them as they go for a late night swim in the pool or have their aerodynamic properties tested in an unexpected manner (sidenote, the Blackberry Storm seems to excel here). But what they abhor most is the ongoing expense of keeping Blackberries going. Cross hairs on IT here. The endless support of Exchange, the costly support contracts for Blackberry Enterprise Server. And the beat goes on. These are hard, sometimes out-of-control expenses. And they are big ones. 

The cradle will fall...
About a year or so ago (maybe a tad bit more), as the three-way game of chicken between Apple, Google and RIM went on, the day had arrived where the unthinkable was now thinkable. Companies finally evoked the words of that great 20th century philosopher, Jackie Gleason, and said "straight to the Moon with you." This was the proverbial middle finger to the carriers and platform makers to indicate that mobile madness would not continue at the behest (and expense) of companies. In an instant, the genie was out of the bottle and its name was BYOD (Bring Your Own Device). It's easy really: you bring your own phone, pad, or tablet to the party.  Use whatever device you prefer. Get your mail, calendar, contacts…everything on YOUR phone. We as the company will give you (maybe) a monthly stipend to use your phone for "business needs." Wow, my own phone and cash in my pocket. My company is great! Wait, why would they do this? Easy. No more buying phones; no more contracts; no more software renewals. And yes, no more responsibility. Finally! One tiny issue though: no more central device management. Alas, here is the leak and why every business owner should now be concerned. Lean closer.

And down will come baby...
"Ok, so I get the whole Blackberry thing. I even get the BYOD thing. Where is the payoff? What about this leak you speak of and how am I affected even though I don't have a Blackberry?" The leak is your data. As the Blackberry kingdom unravels, so does information protection for a lot of companies. Put another way, the more iPhones and Androids that are used in the business world, the more your closely-guarded company data will leave your network without being checked. Why? Remember that little note about the loss of central device management? With no one watching the device, no one is watching what goes TO the device.  Think room full of 4-year-olds and a jar of cookies...with no teacher. Your customer database, your unpublished product costs, your source code, your proprietary research, your special formulas and predictive calculations you have developed for years your (insert your most important data here). Easily copied, zipped, attached to email and sent to a device. No one would ever know. All through the air, no cables required. Think it isn’t happening to you. Think again. And it's not some rogue group of operatives in your company (well, not most of the time). Check these stats from Watchguard Technologies:

73% of all data leakage that occurs is customer data

52% from internal employees

48% from hacking into network or mobile device

96% of internal data leakage is accidental

Bit by bit, you are leaking every single day. And remember, in these uncertain days of economic turmoil, even trusted people do untrusted things when they are invited to leave your organization, no matter what the history. Put another way, you sit down and conduct that exit interview with your soon-to-be-former employee. Perhaps he is smiling as a sense of relief. He's not. He's downloading your entire customer database to his iPhone while you are firing him.Welcome to the "new-new."  

As Paul Harvey used to say, “now you know the rest of the story.” (here is a link if you are too young to know of Paul Harvey) No longer will you dismiss Blackberry’s fall from grace as yet another tech company sleeping at the wheel of the getaway car. There is much more at play here. And it is affecting every business. You just didn't know how...until now.

Feel like you just got told about the Matrix? That’s good. That means you are now aware. Next blog I will tell you how that information is leaving your network and introduce you to the new sheriff in town. His name is DLP. No, it’s not the Texas Instrument television technology. More to come…

Wireless N Speed Explained...Really

It seemed fitting that my first blog be about wireless since it is the one thing we get questioned about the most. In specific, why customers never see the speeds they think they should get. Let me throw this scenario at you. Read on, its not above your head and quite fun.

So you bought a shiny new Wireless N router for home or are about to install numerous ones at work. You are stoked to get it deployed cause this new network is gonna fly. Perhaps you plunked down big Benjamins for those new fancy "Dual Band" ones. Let's rock. 

Getting it up and running...so much easier now than the last time you did this some three or four years ago.  Now, onto the devices. Hmmm. What shall I test? I have my laptop, some IP Cams, my smartphone and a tablet (choose your poison on the last two; I am an Android guy but you Mac folks can substitute your respective devices). You follow the config wizard, including turning up security because (circle one):

a) Need to keep the neighbor's 14-year old from using/hacking your wireless or 

b)Prevent the freeloaders on the forth floor from chewing up all your bandwidth watching The Jersey Shore on Hulu...while at work.  

Set a passphrase and off you go. Done. You are amazed at how easy this process has become. You beat your chest and utter those timeless Mel Brooks' words, "It's good to be the king."  Behold, I have created a fast wireless network of all my toys that runs at...what...54Mps? Did I read the box wrong? I thought I read 450Mps somewhere. I did, its right here on the box.  Your first instinct is to think there is something wrong with the device. Perhaps it is behind on software updates. Not usually the case. You my friend just got caught in the 'N' zone. And we are not talking about football.

FACT #1: Your old laptop is making your wireless slower

There is a lot of rocket science that goes into wireless technology. I will spare you from that so that you can better understand the deal. See, wireless N is meant to bring all the former wireless protocols together. Kind of the Jimmy Carter of wireless. Old wireless devices worked on wireless-B or wireless-G. Wireless-N promised quicker speeds and reverse compatibility. That means your three-year old laptop with wireless can work with your new tablet on the same wireless network at the same time.  But your three-year old laptop is not going to magically benefit from the wireless-N speed increase. It actually may slow down your network. Why? Because the radio in your laptop knows nothing about wireless-N and tells the router to "slow down" so that it can keep up. Put another way, your brand new super fly wireless network will only be as strong (or as fast) as the slowest or oldest device. Bet you weren't told that when you bought the thing, were you? All is not lost yet. Read on...

FACT #2: Encryption is the key to faster speeds.

Now, the previous curse doesn't happen to all wireless-N routers; just most of them.  But the real speedbrake (I couldn't resist the pun) is encryption. But it is not what you think. Stay with me here cause this one is a hare bit deeper. Back to our earlier example of turning up wireless security. It's a good thing and you must do it. After all, you don't want your business out there for everyone else to see. The most important part of this security is encryption. Unlike the old days, this is all handled for you automatically. All you need to do is pick the protocol and method. Kind of like picking car colors.  To make any wireless device work, you have to pick an "exterior color" (security protocol) and an "interior color" (encryption method). Now before you start getting swatch happy, know that due to the age of some devices, your color choices may be very limited (insert Henry Ford comment here: any color as long as it is black)

These days the preferred "exterior color" is WPA2, the successor of WPA. Former exterior colors of "Open" and "WEP" may still be available but they are unsafe (and uncool).  Here is the rub. Some devices support WPA, some WPA2, and some both. The newer the device, the more likely to support both (ie more exterior color choices). The documentation on your device (or the wireless setup) will tell you more. Now to the interior color. Depending on your exterior color, you will have either one or two  choices here: only TKIP or TKIP and AES. You can click here if you want the Steven Hawkings explanation of the differences.  Here is where a handy color chart would likely help:

Here is where you need to pay close attention. Your choice here really depends on what your devices will support. Back to your laptop: it is three years old and only supports WPA. This means you are stuck with the interior color of TKIP. Your tablet is new will do WPA2 so you can choose your interior color between TKIP or AES.  Ok, easy enough. Lowest common denominator here. Set your wireless to use WPA-TKIP and everything will work. Yes they will...except they will run slower. Like 54Mps slow. Why? TKIP will only work on a 54Mps network. Ugh. Here is the deal:

Wholly cow! That is huge! They didn't tell me that at the store!  Darn laptop is bringing me down again. What do these numbers mean? They mean that your bionic wireless-N router is running at a fraction of the speed it is capable. I am not advocating you get rid of all of your TKIP devices. Just want you to know what happens when you use TKIP instead of AES. Who would have thought an interior color would make so much of a difference ;) Also, as an aside, know that many routers support a mixed mode of TKIP and AES. This is done for ease of connection. Even in this mode, all devices will slow to TKIP speed even if connecting with AES. Why? Because TKIP is turned on.

FACT #3: Not all Ns' are created equal

Whew, now that the math lesson is over, lets get back to wireless shall we? Ok, so you now understand (I think) that you want to run WPA2-AES to get the most out of your new wireless - N router. And thanks to this info, you are happy cause you can get to 300Mps with all your devices and be really secure. Life is good right? Except for one question. What is this dual-band stuff?  I want to go for the gusto. After all, the box says I can get up to 450Mps. How can I get there? That my friends is where you need a bit of quick history. See there was wireless before there was wireless-N. I know you're saying "Is this guy for real? That isn't any big revelation. I know about wireless-B and wireless-G. And I even know they work in the same frequency as my cordless phone and microwave oven." That is 2.4Ghz for those of you keeping up at home.  However, you may not know about wireless-A. Unlike its two siblings, wireless-A came out after wireless-B and runs in the 5Ghz range instead of the normal 2.4Ghz range. It had a short life but was used in many places due to its higher power.  So, check this out:

Wireless B/G (2.4Ghz) => Wireless N (2.4 + 5.0) <= Wireless A (5.0Ghz)

So, manufacturers came up with Dual Band routers. The idea was to put "legacy" devices on the 2.4Ghz network while placing newer devices on the 5Ghz. By doing so, your old B/G devices would be isolated and run at a slower speed (like your laptop) and your newer devices would get supercharged thanks to having up-to-date 5Ghz radios onboad (like your tablet).  Neither would interfere with the other. Hallelujah! That is how you get the fastest speeds. What they don't tell you at the store is that  this process is not automatic. So, with a little front end work, you can divide your devices between bands and everything is peas and carrots. 

Getting there is always the hardest part. To make things more difficult, it is sometimes not easy to tell whether your device's wireless-N radio is 2.4Ghz or 5Ghz. A quick Google search of the spec will likely tell you. However, the easiest way I have found is to try to attaching the device to the fastest network first. If it works, you are a contender. If not, you have to fall back to the second network as a featherweight. Let's setup a fictional wireless router. If we pull everything together, here is how it would look:

Mind you, you would only need two (2) of the above SSIDs. Again, depends on the age and capabilities of your devices. 

Now go run off and look a bit more closely at your wireless router. Most of you will be surprised that you are on the slow boat. A little patience and a few mouse clicks will deliver warp speed.