Let’s Hack It: Securing data on the mobile, the what, why, and how

6th of May, 2015 / / No Comments

Here is the presentation of tonight’s talk. It was great to see so many passionate developers and business people at Melbourne Mobile. I have embedded the slides below and I hope you find it useful.

Talk Summary

This presentation is basically a summary of what I have learned and the experience I have had going through my recent project. In trying to secure the users data on the mobile device, I have come to learn quite few common flaws in the security implementation, I have learned more reasons why you need to protect the data on your mobile app, and have come to know and use few useful open source projects.… [Keep reading] “Let’s Hack It: Securing data on the mobile, the what, why, and how”

Announcing KeyChain.NET: a unified API for using KeyChain on many platforms

6th of May, 2015 / / No Comments

Storing and accessing private keys and passwords can be a tricky task. How far do you need to go to protect your (and the user’s) data? This is where KeyChain on iOS comes in handy. It allows you to store keys in a (arguably) secure database. This has seen great improvements since iOS 8 and iOS devices (since iPhone 5S) equipped with a special A7 chip designed particularly for holding your keys. More on iOS KeyChain can be found on Apple’s website here.… [Keep reading] “Announcing KeyChain.NET: a unified API for using KeyChain on many platforms”

Sharing Azure SSO Access Tokens Across Multiple Native Mobile Apps

8th of January, 2015 / / 3 Comments

This blog post is the fourth and final in the series that cover Azure AD SSO in native mobile applications.

  1. Authenticating iOS app users with Azure Active Directory
  2. How to Best handle AAD access tokens in native mobile apps
  3. Using Azure SSO tokens for Multiple AAD Resources From Native Mobile Apps
  4. Sharing Azure SSO Access Tokens Across Multiple Native Mobile Apps (this post).

Introduction

Most enterprises have more than one mobile app and it’s not unusual for these mobile apps to interact with some back-end services or APIs to fetch and update data.… [Keep reading] “Sharing Azure SSO Access Tokens Across Multiple Native Mobile Apps”

Using Azure SSO Tokens for Multiple AAD Resources From Native Mobile Apps

9th of December, 2014 / / 3 Comments

This blog post is the third in a series that cover Azure Active Directory Single Sign-On (SSO) authentication in native mobile applications.

  1. Authenticating iOS app users with Azure Active Directory
  2. How to Best handle AAD access tokens in native mobile apps
  3. Using Azure SSO tokens for Multiple AAD Resources From Native Mobile Apps (this post)
  4. Sharing Azure SSO access tokens across multiple native mobile apps.

Introduction

In an enterprise context it is highly likely there are multiple web services that your native mobile app needs to consume.… [Keep reading] “Using Azure SSO Tokens for Multiple AAD Resources From Native Mobile Apps”

How to Best Handle Azure AD Access Tokens in Native Mobile Apps

2nd of December, 2014 / / 6 Comments

This blog post is the second in a series that cover Azure Active Directory Single Sign On (SSO) Authentication in native mobile applications.

  1. Authenticating iOS app users with Azure Active Directory
  2. How to Best handle AAD access tokens in native mobile apps (this post)
  3. Using Azure SSO access token for multiple AAD resources from native mobile apps
  4. Sharing Azure SSO access token across multiple native mobile apps.

In my previous post, I talked about authenticating mobile app users using Azure AD SSO.… [Keep reading] “How to Best Handle Azure AD Access Tokens in Native Mobile Apps”

Implementing Azure Active Directory SSO (Single Sign on) in Xamarin iOS apps

2nd of December, 2014 / / 2 Comments

This blog post is the first in a series that cover Azure Active Directory Single Sign On (SSO) Authentication in native mobile applications.

  1. Authenticating iOS app users with Azure Active Directory (this post)
  2. How to Best handle AAD access tokens in native mobile apps
  3. Using Azure SSO access token for multiple AAD resources from native mobile apps
  4. Sharing Azure SSO access token across multiple native mobile apps.

Brief Start

Two weeks ago the Azure AD (AAD) team released the Active Directory Authentication Library (ADAL) to enable developers to implement SSO functionality leveraging AAD.… [Keep reading] “Implementing Azure Active Directory SSO (Single Sign on) in Xamarin iOS apps”

Secure Azure Virtual Network and create DMZ on Azure VNET using Network Security Groups (NSG)

7th of November, 2014 / / 20 Comments

At TechEd Europe 2014, Microsoft announced the General Availability of Network Security Groups (NSGs) which add security feature to Azure’s Virtual Networking capability. Network Security Groups provides Access Control on Azure Virtual Network and the feature that is very compelling from security point of view. NSG is one of the feature Enterprise customers have been waiting for.

What are Network Security Groups and how to use them?

Network Security Groups allow us to control traffic (ingress and egress) on our Azure VNET using rules we define and provide segmentation within VNET by applying Network Security Groups to our subnet as well as Access Control to VMs.… [Keep reading] “Secure Azure Virtual Network and create DMZ on Azure VNET using Network Security Groups (NSG)”

Azure VM Security using Azure VM Security Extensions, ConfigMgr and SCM Part 2

31st of October, 2014 / / 1 Comment

This post is part of the series. Part 1 can be found here. As I mentioned on previous post, this post to wrap up my session at TechEd Sydney 2014 DCI315 Azure VM Security ad Compliance Management with Configuration Manager and SCM.

Let’s jump to our next focus:

Patch Azure VM

ConfigMgr  is long famous for its capability for patch management. Three points on how the patch management lifecycle is running with ConfigMgr 2012 R2 for our Azure VMs:

  • Scan and Measure
    Scan&Measure
  • Remediate Non-Compliant – Patch the non-compliant
  • Reporting
    reportdefinition

Patch is straight forward and utilize ADR (Automatic Deployment Rules) to set schedule update/patch.… [Keep reading] “Azure VM Security using Azure VM Security Extensions, ConfigMgr and SCM Part 2”

Azure VM Security using Azure VM Security Extensions, ConfigMgr and SCM Part 1

30th of October, 2014 / / 1 Comment

This post to wrap up my session at TechEd Sydney 2014 : DCI315 Azure VM Security and Compliance Management with Configuration Manager and SCM.

In this blog post series we will dispell some of the myths and dive into Azure VM Security.

With Azure AU Geo launched on TechEd Sydney 2014, Azure now has 19 Regions. More and more enterprises start migrating their workloads into Azure. Most of our clients have the same question – How do we manage security and compliance on Azure VM?… [Keep reading] “Azure VM Security using Azure VM Security Extensions, ConfigMgr and SCM Part 1”