When it comes to security of the apps you use and the device you chose, I think it’s best to consider the Mud Puddle problem. That may not be a term you’ve heard but it’s very important to understanding how threat actors think about your device.
For instance, let’s say you drop your phone in a puddle of mud and it ceases working. You try everything you can to clean it up but it stops working. If you can take it to some store and some genius can recover your data off of the device, it has failed the mud puddle problem.
The basic concept is this. If there is a way that a stranger can take your device and resurrect the data out of it, it means an adversary can do it as well. That is why it is always best to ask vendors how your data is secured. Can they recover your information after you’ve deleted it? Can they recover it after your account has been erased? Can they recover it if your device has been crushed in an anvil? If the answer is yes, then probably many people have access to your data whether you or they realize that or not.
It’s something to consider as you consider which products and services to use.
Multi-tasking on a phone is a very different thing than multi-tasking on a desktop environment. There are some things that are similar and work well. Then there are also quite a few things that need a lot of work or just are currently not possible for a variety of reasons.
Let’s start with the good. You can do things like listen to music while you work. You can take a phone call while you work. You can run several apps at the same time, cutting and pasting between them or having them launch one another. You can download things in the background – like email for instance. Your system can be monitoring dozens of chat clients running with virtually no processing power and still push you a message as it arrives, and on and on.
The bad news is that you can’t do things like you might on a traditional computer – even when running on a full sized monitor through an HDMI dongle. For instance you can’t watch a movie and write an email. Quite often I used to watch a presentation in one window that lasted an hour and work in another, looking over only when I needed to see what the presentation was saying – that’s just not possible on the phone. You can’t have two apps open at the same time for transcribing purposes or for productivity reasons.
The issue comes down to a combination of problems. Its a mix of screen real-estate, the lack of a mouse and app handles to switch between apps to give focus to the active window, and the memory requirements.
What that means is that if you need to do that you end up doing context switching far far too often between apps. On the iPhone (as an example) this means taking the hands off the keyboard and double clicking the home button to switch contexts between windows. That’s a very slow and annoying context switching operation. Unlike the alt-tabs keyboard shortcuts of the world which context switch and are very fast, you’re really stuck doing a slow operation.
So there is a long ways to go to consider it an equivalent operating environment. But it is coming along. Not that many years ago, the iPhone couldn’t even run two apps concurrently. So we’ve come far enough that it’s a useful business tool. I still think Continuum is going to ultimately be the path forward for mobile operating systems though as a result – the phone should be context aware of switching into desktop mode. Memory issues may prevent it, but the screen real-estate and access to a mouse and keyboard are foregone conclusions in the business world. So it’s just a matter of giving the phone a little more memory, making context switching seamless and allowing Bluetooth mouse access. We’re so close I can taste it!
I’ve spent a lot of time with various types of mobile apps over the years and compiled a list of things to think about when developing a mobile app for business use. If this saves anyone a headache while using your app, that’s a big win. If you want to make your business customers happy, this is the hit-list I’ve come up with:
Make it work functionally. So many apps have drop downs or buttons that don’t do anything at all. It’s mind boggling how these apps make it through the QA process. But if something looks like a button and doesn’t work like one, you’ve created a usability nightmare.
Make it easy to use. A lot of apps have rich functionality buried underneath a complicated/convoluted multi-tier navigational structure, making it difficult to find the options necessary to interact with it in the way the user wants to. There’s been a lot of studies that the more you make someone click the less likely they are to find and click that option. So keep the interface clean, simple to use and easy to navigate. Don’t forget to pay attention to your workflows.
Make it stable. I regularly run into unstable apps that crash when you do something like navigate away and then navigate back. That’s a terrible user experience. Your apps should be memory efficient, fault tolerant and if they do crash they should do so in the most graceful way possible.
Make it save work if appropriate to do so. Some apps are safer to use because they save work as you go. Crashes are quite common on mobile, so this is a very useful feature if it’s appropriate to do so.
Make it work with an external keyboard. Things like tab and shift-tab should work as expected – getting you from one form field to the next. If you have to take your hand off they keyboard to use your application you should probably re-think it, unless it is core to the app’s functionality (like a drawing program or something). Business users intuitively feel like touching the phone and interacting with it directly slows them down. Lack of a mouse really hurts app developers, but that’s a separate issue.
Make it work equally well in landscape and portrait. So few apps do this well or even at all. Not even the settings app on iOS does this. Having to switch between the two just to use your app is annoying to say the least. You’re not a special snowflake and there’s almost never a reason to force the user into one mode over the other. Some apps like games need it to be in a certain orientation, fine, and no, I’m not talking about those. But your feature had better be worth it if you’re going to force the user to change the orientation of the device. Don’t play favorites though – just because you envision someone using the device in portrait mode, doesn’t mean that’s how they want to be using it. That’s especially true if they are using an external monitor.
Give your app the same functionality as the browser version of your website. This should be straight forward, but almost no apps get this right. They often have no signup system, no payment system or a bunch of missing features. Why bother building an app if you aren’t allowing your customers to give you money? The worst is when websites force you to download an app and then don’t have the feature on the app. Are you trying to drive the customer away?
Give an option to remove your ads, even if that means payment. It’s the most requested feature of most apps that have ads. Go ahead and do them a favor. Ads are not just annoying, they’re also a huge user of data, and mobile data plans aren’t cheap.
Allow selectable muting and selectable alerts. A lot of the alerts that you think are important a user will disagree with you on. Meanwhile a lot of the things you couldn’t care less about a user will kill for. Making your alerts as selectable and customizable as possible is very helpful. As an example, making alerts specific to certain senders in emails would be very useful because some people have very important things to say, and many people have way too much email to get alerts about every inbound email. Selectable alerts is a winner.
Keep push notifications to emergencies or important notifications only. Basically my rule of thumb when it comes to alerts is silence all of them unless they are warning of something involving a combination of the three I’s: impending, important and irreversible. If your alert is telling me about something I don’t care about you’ve made me that much closer to uninstalling your app or muting it permanently. Don’t waste the user’s time.
Give the option to disable access to the location when not in use. Not only is accessing my location a battery hog, and a data hog it’s also just plain creepy. Ask for only the permissions you need. This should be obvious, but most of the time it appears it’s not. If you really want to be nice to your user only ask for it when you need it, rather than upfront. That way they can selectively disable it and re-enable it. Not many people are this paranoid, but when they are, this little detail can go a long way.
Use SSL/TLS for everything possible. A lot of apps not only don’t use HTTPS but they don’t even tell the user that they aren’t. So there’s no way for them to even notice that something nefarious could be happening and is possible, unlike a web application with a browser where the protocol (http or https) is in the URI field.
Create layered authentication if the app’s access includes sensitive information. For example banking apps shouldn’t allow users to check details without authenticating each time. The rule of thumb here is that theft of an unlocked phone should not mean complete loss of whatever data the app has access to if you build your app well. This really only applies to sensitive data, but it’s amazing how many apps have sensitive data these days.
If you’ve discontinued the app in favor of another one, alert the user to that fact. I’ve run into a number of situations where the app appears to no longer work, but what really happened is that they stopped supporting that version and created a new version. Without telling the user, you’re really creating a terrible user experience.
These rules of thumb are primarily related to business apps but I can see situations where many of these issues could be useful for any sort of mobile application. Let me know if you think I’ve missed anything.
Working with a phone can be a bit annoying in terms of keeping it at a height and position where you can easily read it while doing real work. Normally this isn’t a big deal if you have a monitor because that serves the same function for most things.
However, if you have to access the touch interface you’ll need to do something to prop up the phone. You’ll end up having to do this far too often, since phones lack a mouse and many of the navigation functions of a traditional operating system are missing.
One such option is to use a stand. I picked the HOTOR solid aluminum desk phone stand, because it’s inexpensive, durable, and allows you to work in landscape or portrait mode fairly easily. Though I will say that moving between the two is annoying to say the least if you keep a cable attached to it, since it will require moving said cable around quite a bit. That said, it’s still a nice option when you need to have your phone handy and in a visible place at all times. I have no doubt I will revisit this topic in the future.
Ultimately I think this is really just a hack though, because the real solution is to just allow mice and fix productivity apps so that they work in landscape mode as well as portrait mode. But for now, this is what we have to deal with.
Losing your laptop or phone is one of the most devastating things that can happen. Not only is there a loss of whatever data wasn’t backed up, a loss of business continuity as you find and re-build a replacement, but there’s also the potential of loss of critical data. This is actually one area the phone is substantially better – you can carry it with you everywhere. Like I discussed before, you’re far more likely to bring your phone with you to the bathroom than act like a nut-job and bring your laptop. It’s just a fact. Even if you’re extremely good about keeping your laptop bag with you at all times, it’s just far more likely that you’ll be separated from it than from a smart phone.
But I’d be remiss in saying that a smart phone is a perfect solution. It too can and does get separated from your hands. You go through an airport, it’s out of your hands. You want to show someone a video? There it is, in someone’s hands, unlocked. I have even been told I can’t bring my cell phones into a meeting – so there it sits in some basket outside of my direct line of sight. Let’s ignore the threat of malware for this post, because that’s a different threat vector in a number of ways.
So what do you do when your cell phone is stolen to prevent bad things from happening beyond the immediate loss of the hardware? There are some pre-emptive steps you can take and some things you’ll have to do after the fact:
Let’s start with the pre-emptive steps:
Keeping your phone locked with a password is the first line of defense. If you can limit it to a number of failures before being wiped that further increases your safety. If your phone is locked, the data within should be safe barring any other vulnerabilities in the phone. I really recommend a relatively short timeout (E.g. Less than 5 minutes) before the screen locks, but not so short (Eg. Less than two minutes) that you have to type your password/passphrase often in public, as that creates more likely opportunities for shoulder surfing the password/passphrase.
Disable Wifi on the phone when out in public. You don’t want the phone connecting to a random Wifi and being man in the middled so that content it sends over the wire is visible. Apple has made a lot of progress here by requiring that apps communicate over HTTPS, but that’s still not 100% rolled out, given that there are many apps that have circumvented this rule.
Disable any notifications so they aren’t readable on the locked screen so that information isn’t leaked to whomever has the phone ahead of time. This often requires a lot of configuration of each app’s notifications.
Use a long passcode/passphrase instead of the short 4 digit pins or equivalent, so that brute force is significantly more difficult. I know it’s annoying, especially when you’re in a hurry, but it does provide a significant barrier to someone breaking into the phone once it’s outside of your control.
After the fact:
Use any/all services you have to locate the phone. Maybe your friend picked it up for you at the bar. You can attempt to call it as well. At this point it’s probably gone and you can move onto the following. On trick is to allow one of your close friends to always have access to your phone’s location. That’s a lot of trust though, and understandably comes with its own risks.
Remote wipe the device if you can.
Immediately change all passwords to all of the services you use, and ideally lock that phone out from any APIs it is authorized to once the phone is deemed lost.
Disable VPN accounts, and any SSH keys you use. As an aside I don’t recommend SSH keys as the only line of defense for exactly this reason – if the machine is compromised they have instant access to the remote server. I prefer SSH keys be used to jump to bastion hosts or VPN tunnels, but then passwords be used from that point on, so that even if an attacker does get access to the bastion host, they can’t pivot into the other machines because they lack the password. Passwords are easy to brute force though, so that’s why you use them only after a key is required. It’s a bit like second factor auth in a way.
Assume email has been compromised, shut down the accounts immediately. This is one of the most critical steps, because email typically has a lot of passwords, and PII in it. And worse yet, most of the services you use require an email for password reset. Once they have access to email they have access to everything. This means every password needs to be changed that exists in your email, and anywhere you use that password should also be changed.
Assume that all apps that have access to your credit cards have been compromised – think things like Uber, and Amazon. Unfortunately this means you need to cancel your credit card immediately.
Assume all chat clients that you have logged into have been compromised. iMessage, SMS, Facebook, Instagram, Snapchat, Signal, Twitter, Yahoo!, MSN, IRC, Slack, Hipchat, WeChat, Skype, etc… etc… Only chat clients with ephemeral OTR are reasonably safe because they auto-delete content over time, but even still, the adversary can read recent messages and contact your contacts as you, so you’ll need to disable the account/change passwords, etc if that’s possible.
The nice part though, is that while all that stuff sounds bad, if you follow the very first step, you may have no issues at all to worry about other than replacing the device. So in many ways the primary defense really is the best one – a good password and keeping it locked when it’s out of your sight.
A friend of mine sent me a quick note that I thought was worth sharing. In an effort to improve production vs consumption he has opted to forego a mouse entirely in his PC environment.
so an interesting thing I’m going to try is is turning off my mouse whenever I’m “working”. So doing anything focused like coding or whatever. Get to know my keyboard shortcuts better and hopefully be a nice way to reduce the temptations to get distracted
Obviously there are some times a mouse really aids in production. Drawing, or clicking through research to find the snippet of code (consumption for the purpose of production) or clicking on rich apps that have drop downs are all examples. Ironically, the lack of a mouse is one of my greatest pet peeves with the iOS environment because tab doesn’t work the way you’d expect it to in most apps. But this is an interesting take on improving productivity that I hadn’t heard of before.
I like the fact that mobile phones have helped democratize the Internet. Anyone with a smart phone (which can be extremely inexpensive these days) can do practically all of the same things that can be done on a laptop with a few notable exceptions. It’s no longer only the realm of the elite to have email, or websites, or make their dreams come true, as long as the capital requirements are low enough. Pretty cool actually.
However, I have noticed a number of things that make this dream a bit more difficult than it has to be. Here are some examples:
Some companies require you to call in to do certain functions. For example if you want to increase the amount putting into your mortgage, your bank will force you to call in, despite the fact that this is an extremely easy change. They want to add the extra hurdle so people don’t do it as often – it cuts down on the interest they earn. So you don’t just need a smart phone, you also need a data plan or a landline somewhere. Thankfully banks have toll free numbers, but still. It shows that they intentionally treat online users differently than phone users.
Many apps do not have the full features of the site. For instance, Shutterstock has a wonderful app that has no functionality at all to allow the user to sign up. This has got to be an oversight, or a roadmap item. Why would you make your users go through more hoops to give you money? Either way, you’re required to use their website.
Often times the mobile website has incredibly limited functionality compared to a traditional browser. I even encountered a website today as a matter of fact (not to pick on them too much, but it’s a good example) where Shutterstock’s mobile interface has an out of date SSL/TLS certificate. There’s pretty much no chance this would have happened if it had been their main website – people would complain. So mobile users have little recourse.
When mobile starts being treated as a first-class citizen, it will encourage people to consume more, and therefore it will increase revenue. There have been a number of apps where I would have happily given money if they had only had a functional purchasing flow in the application. This points to a bigger problem of democratization. All users should be treated with the same respect, and be given the same options, regardless of what tools they have. Though I think it’s a big enough investment and a small enough customer base, that most companies will take a long time to get there.
The external pressure of annoyed customers who abandon, and companies like Google who penalize websites that aren’t mobile friendly, do give some hope. But other issues like a disparate ecosystem of phone sizes/shapes/functionality do a lot to undermine the app developer. But we might get there someday. I’m a big fan of democratization, because it puts everyone on equal footing, and gives them the tools they need to be successful with whatever setup they want to use, be it a massive desktop, a portable laptop or an ultraportable smartphone.