Thursday 2 October 2014

Android : Screen Mirroring and Recording

If you have the need to mirror your android screen onto your PC or create video recording of your android session then this post is what you are looking for. There are hardware devices that you can buy like cromecast but this blog is about the free software that is available over the internet.  

Mirroring Your Screen

To mirror you screen you can use the below. It does not give you high quality video but it you can effectively leverage it for giving product demos or sharing your mobile screen with others via web conferencing tools

Setup Instructions


   

Recording your android session (Kitkat 4.4 and above)

This will allow you to create high quality videos of your android session. If you have to create marketing videos or training videos this is a great approach as the video is of very high quality.




Hope this helps.

Monday 9 June 2014

Native Apps v/s Web Apps v/s Hybrid apps

I was trying to understand the exact difference between the various types of mobile apps. The following video gave me an excelent quick overview.

Tuesday 3 June 2014

IOT : Protecting Your Information

Just loved this. Had to post it. Excellent humor illustrating the need to authorize access to data and services in this Internet Of Things era.

Monday 2 June 2014

Internet of Things : Evolution of the Security problem

I just watched this very captivating presentation by Kevin Mahaffey where he spoke on security challenges, how they will evolve and why it is essential for all vendors to invest into security in this internet of things era. There is allot of buzz around Internet of Things and every one has jumped on this bus. This is one of the really good session that explains why security will play an important role in the Internet of Things era.


Tuesday 15 October 2013

Closed Loop Identity Certification

Avitek Retail has put some controls in place to prepare them for their Identity Audit. Automated self service and closed loop identity certification will help them in cost effectively meeting their Audit requirements. These controls are enabled by the converged Oracle Identity Governance Platform.

David one of the managers is assigned a task to review application access granted to employees in his department. David will log into the Identity Governance console and start the access review process. David will then notice that the risk engine has flagged Joe (Joseph) the System Administrator as a high risk user. Joe has been directly assigned the payables application privilege; this privilege would allow him to approve payment to Avitek’s suppliers and vendors. There is no reason why Joe the System Administrator should have this access. David will revoke this access from Joe’s account, review the access of the remaining users and sign off on the access review campaign.

As soon as David sign’s off on this certification campaign closed loop remediation will kick in and the privilege to approve payment to Avitek’s suppliers and vendors will be automatically revoked from Joe’s account. David can track the status of this remediation action from the certification dashboard. Avitek’s auditors can also log into this console to view the reports on what access each user had, who reviewed that access and when did they review that access

Wednesday 18 April 2012

Securing the Database

Securing the database is simple and challenging at the same time.

Its simple primarily because of 2 reasons:
  1. Depth of knowledge and understanding of the database in the Industry.
  2. Security solutions for the database are transparent to business applications.
If you have databases out there that contain business critical  information you have to ensure you have controls in place to ensure confidentiality, integrity and availability of this data.
 
If your business is dependent on data withing the database you need to ensure that you have controls in place for data integrity and availability. If this data is sensitive or confidential then you need to look into the controls need for confidentiality.

Now what is sensitive data? Sensitive data does not have to be PII, HIPPA or PCI data, it can be any sensitive information like transaction data, customer data, vendor data, sales data.


The challenging part when it comes to securing the database is identifying the right set of controls that you need to ensure confidentiality, integrity and availability of this data.

When identifying these controls I like to evaluate solutions on 5 criteria:
  1. Transparency
  2. Performance
  3. Accuracy
  4. Heterogeneous support
  5. Integration options

When you look at an Oracle database the following set of products provide the complete set of controls needed for your defense in depth strategy.  You can pick and choose these technologies as per your business requirements, the products are designed to work together, are easy to manage an maintain but the key here is that they are designed to function together as the security platform for you database.

  1. Oracle Database Firewall
  2. Oracle Audit vault
  3. Oracle Advanced Security Option
  4. Oracle Virtual Private database
  5. Oracle Label Security
  6. Oracle Database Vault
  7. Oracle Database Masking