Connect with us

Apps

Apple’s enterprise evolution

Back in 2010, Apple’s iconic co-founder Steve Jobs was not entirely enthralled with the enterprise. In fact, Jobs is famously quoted as saying, “What I love about the consumer market, that I always hated about the enterprise market, is that we come up with a product, we try to tell everybody about it, and every person votes for themselves.”

He added, “They go ‘yes’ or ‘no,’ and if enough of them say ‘yes,’ we get to come to work tomorrow. That’s how it works.”

That was an accurate enough representation of the way things worked when Jobs made the statement. Back in those days, IT kept tight control over the enterprise, issuing equipment like BlackBerries and ThinkPads (and you could have any color you wanted — as long as it was black). Jobs, who passed away in 2011, didn’t live long enough to see the “Bring Your Own Device” (BYOD) and “Consumerization of IT,” two trends that were just hovering on the corporate horizon at the time of his death.

I have the feeling he would have quite liked both movements and would have taken great pleasure in the fact that in many ways those trends were driven by his company’s mobile devices, the iPhone and the iPad. People were using those devices at home and they were increasingly bringing them to work. IT had little choice but to begin accommodating them.

That movement has helped fuel Apple’s enterprise evolution. Over time, Apple has partnered with enterprise stalwarts like IBM, SAP and Cisco. It has provided tools for IT to better manage those i-devices, and Macs, too, and it has built the enterprise into a substantial business (to the extent that we can tell).

What do we have here?

Trying to find data on the size of Apple’s enterprise business is a challenge because it doesn’t often break out enterprise revenue in earnings calls, but to give you a sense of the market, Tim Cook did reveal a number in the Q4 2015 earnings call.

“We estimate that enterprise markets accounted for about $25 billion in annual Apple revenue in the last 12 months, up 40 percent over the prior year and they represent a major growth vector for the future,” Cook said at the time.

In a June 2017 Bloomberg interview, Cook didn’t provide any numbers, but he did call the enterprise, “the mother of all opportunities.” That’s because enterprises tend to buy in bulk, and as they build an Apple support system in-house, it feeds other parts of the enterprise market as companies buy Macs to build custom apps for both internal users and consumers of their products and services.

This connection did not escape Cook in the Bloomberg interview. “For most enterprises, iOS is the preferred mobile operating system. IOS is a fantastic platform because of the ease with which you can write apps that are great for helping you run your business efficiently or interface with your customers directly. We see many, many enterprises now writing apps. Well, what do they use to write the apps? They use the Mac. The Mac is the development platform for iOS,” Cook told Bloomberg.

Photo: Justin Sullivan/Getty Images

Another way to look at the market is to look at Jamf, an Apple enterprise tool partner that helps companies manage Apple devices in large organizations. The company, which launched in 2002 long before the iPad or the iPhone, has been growing in leaps and bounds. It reports it has 13,000 customers today. To put that into perspective, it took 13 years to reach 6,000 customers and just 2.5 years to more than double to 13,000.

“A lot of people say Apple is getting more focused on enterprise, but I believe Apple helped enterprise focus more on users and they’ve had more success,” Jamf CEO Dean Hager told TechCrunch. “It started with Apple creating great products people wanted to bring to work and then they just demanded it,” he said.

Forcing their way into the enterprise

That organic momentum can’t be underestimated, but once it got in, Apple had to give IT something to work with. IT has always seen its role as hardware and software gatekeeper, keeping the enterprise safe from external security threats.

Ultimately the company never set out to build out enterprise-grade devices with the iPhone and iPad. They simply wanted devices that worked better than what was out there at the time. That people liked to use them so much that they brought them to work was an extension of that goal.

In fact, Susan Prescott, vice president of markets, apps and services at Apple was at the company when the first iPhone was released, and she was aware of the company’s goals. “With iPhone, we set out to completely rethink mobile, to enable the things we knew that people wanted to do, including at work,” she said.

Susan Prescott of Apple. Photo: Justin Sullivan/Getty Images

The notion of apps and the App Store and bringing in developers of all ilks to build them was also attractive to enterprises. When IBM and SAP got involved, they began building apps specifically geared towards enterprise customers. Customers could access these apps from a vetted App Store, which also was appealing to IT. The Cisco deal gave IT faster on-boarding of Apple devices on networks running Cisco equipment (which most enterprises use).

At the 2010 iPhone 4 keynote, Jobs was already touting the kinds of features that would appeal to enterprise IT, including mobile device management, wireless app distribution through the App Store and even support for Microsoft Exchange Server, the popular corporate email solution of choice at the time.

He may have spoken derisively about the enterprise in a general sense, but he clearly saw the potential of his company’s devices to transform the way people worked by giving them access to tools and technologies that previously were not in reach of the average worker.

Apple also was quietly talking to enterprises behind the scenes and figuring out what they needed from the earliest days of the iPhone. “Early on we engaged with businesses and IT to understand their needs, and have added enterprise features with every major software release,” Prescott told TechCrunch.

Driving transformation

One of the factors driving the change inside organizations was that mobile and cloud were coming together in that 2011 time frame, driving business transformation and empowering workers. If IT wouldn’t give employees the tools they wanted, the App Store and similar constructs gave them the power to do it themselves. That fueled the BYOD and Consumerization of IT movements, but at some point IT still required some semblance of control, even if that didn’t involve the same level they once had.

The iPhone and other mobile devices began to create the mobile worker, who worked outside the protection of the firewall. People could suddenly look at their documents while waiting for the train. They could update the CRM tool in-between clients. They could call a car to get to the airport. All of this was made possible by the mobile-cloud connection.

It was also causing a profound change inside every business. You simply couldn’t do business the same way anymore. You had to produce quality mobile apps and you had to get them in front of your customers. It was changing the way companies do business.

It was certainly something that Capital One saw. They realized they couldn’t remain a “stodgy bank” anymore, and control every aspect of the computing stack. If they wanted to draw talent, they had to open up, and that meant allowing developers to work on the tools they wanted to. According to Scott Totman, head of Mobile, Web, eCommerce, and personal assistants at Capital One, that meant enabling users to use Apple devices for work, whether their own or those issued by the company.

Workers at Capital One. Photo: Capital One/Apple.

“When I came in [five years ago], the Apple support group was a guy named Travis. We weren’t using Apple [extensively] in the enterprise, [back then],” he says. Today, they have dozens of people supporting more than 40,000 devices.

It wasn’t just people inside the company whose needs were changing. Consumer expectations were changing, too, and the customer-facing mobile tools the company created had to meet those expectations. That meant attracting those app developers to the enterprise and giving them an environment where they felt comfortable working. Clearly, Capital One has succeeded in that regard, and they have found ways to accommodate and support that level of Apple product usage throughout the organization.

Apps

The Apple Watch can detect diabetes with an 85% accuracy, Cardiogram study says


According to Cardiogram founder Brandon Ballinger’s latest clinical study, the Apple Watch can detect diabetes in those previously diagnosed with the disease with an 85 percent accuracy.

The study is part of the larger DeepHeart study with Cardiogram and UCSF. This particular study used data from 14,000 Apple Watch users and was able to detect that 462 of them had diabetes by using the Watch’s heart rate sensor, the same type of sensor other fitness bands using Android Wear also integrate into their systems.

In 2015, the Framingham Heart Study showed that resting heart rate and heart rate variability significantly predicted incident diabetes and hypertension. This led to the impetus to use the Watch’s heart rate sensor to see if it could accurately detect a diabetic patient.

Previously, Ballinger and his colleagues were able to use Apple’s Watch to detect an abnormal heart rhythm with up to a 97 percent accuracy, sleep apnea with a 90 percent accuracy and hypertension with an 82 percent accuracy when paired with Cardiograms AI-based algorithm. All discoveries so far have been published in clinical journals and Ballinger intends to publish these latest findings shortly after presenting at the AAAI 2018 conference this week.

Diabetes is a huge — and growing — problem in the U.S. More than 100 million U.S. adults are now living with pre-diabetes or diabetes and more than 1 in 4 of them go undiagnosed, according to the CDC. Part of the problem is the pain that goes into checking blood glucose levels. A patient must prick themselves after every meal and correctly take the right amount of insulin to keep themselves in balance.

Early detection could also help in cutting down on diabetes-related diseases before they get out of hand. While there have been other attempts to build special-purpose glucose-sensing hardware, this is the first large-scale study showing that ordinary heart rate sensors—when paired with an artificial intelligence-based algorithm—can identify diabetes with no extra hardware.

So what’s next? Ballinger and his cohort on the study Johnson Hsieh mentioned they could be looking at a number of diseases to detect through heart sensors, possibly even gestational diabetes. Hsieh also cautions that those tested were already known to have diabetes or pre-diabetes and that anyone who thinks they might have it should go to their doctor, not just rely on the Watch to tell them what’s going on.

But the results are promising. We’ll just have to wait and see what else the Apple Watch and other fitness monitors with a built-in heart rate sensor are able to tell us about ourselves next.
Readmore

Continue Reading

Apps

Mixpanel analytics accidentally slurped up passwords


The passwords of some people using sites monitored by popular analytics provider Mixpanel were mistakenly pulled into its software. Until TechCrunch’s inquiry, Mixpanel had made no public announcement about the embarassing error beyond quietly emailing clients about the problem. Yet some need to update to a fixed Mixpanel SDK to prevent an ongoing privacy breach.

It’s unclear which clients were impacted due to confidentiality agreements, but Mixpanel lists Samsung, BMW, Intuit, US Bank, and Fitbit as some of the companies it works with. “We can tell you that less than 25% of our customers were impacted” the company’s spokesperson told me, but they noted approximately 4% of all Mixpanel projected suffered from the privacy gap.

Mixpanel has raised $77 million in rounds led by prestigious investors like Andreessen Horowitz and Sequoia. But in early 2016 it laid off 10% of its 230-plus team, and has been dogged by a reputation for being expensive. Today’s news won’t help.

mixpanel in app notifications

The password harvesting bug stemmed from a March 2017 change to the open source React JavaScript library that clashed with how Mixpanel’s Autotrack feature launched in 2016 works. It led Autotrack to pull in the values of hidden and password fields in ways it wasn’t supposed to. “We didn’t catch it, it’s that simple” Mixpanel CEO Suhail Doshi tells me.

The problem persisted for nine months until a customer alerted Mixpanel on January 5th. By the 9th, the company had begun filtering out and securing passwords it accidentally scooped up, and it’s since destroyed any passwords it received. On February 1st, Mixpanel sent the email found at the end of this article to its clients informing them of the issue.

Clients that auto-update their Mixpanel SDK or load it straight from the startup have already gotten a patch to fix the issue. But some clients that manually update their Mixpanel SDK still need to download a new version to stop the flow of passwords. “Roughly 85% of affected customers have already updated their SDK to address this issue. We are actively working to contact remaining customers who have not yet updated their SDK” according to the spokesperson.

In the meantime, “We’ve disabled Autotrack by default for all new projects created. We’ll be further evaluating Autotrack as a product in the future” the spokesperson says, showing a mature level of contrition.

mixpanel team

Mixpanel’s team, circa 2014

“To date, our forensics and security experts have not seen any indication that this data was downloaded or accessed by any Mixpanel employee or third party” the company wrote in the email. That’s a relief, since there’s no way for an individual user of one of Mixpanel’s clients to know if their password got sucked in. Still, the possibility that end users’ privacy could have been breached is surely alarming to Mixpanel customers who trust it to watch how their sites and apps are used to optimize performance and monetization. The error could be a windfall for competitors like Google Analytics, KISSmetrics, Splunk, Flurry, and Localytics.

Increasing reliance on open source frameworks like React means engineering and security teams can’t just worry about their company’s own code. It has to mingle with changes to open source projects that can cause unforeseen trouble. It’s like if the ingredients in one of your prescriptions drugs subtly changed, so your preferred over-the-counter pills suddenly caused a dangerous interaction.

The full email from Mixpanel is below:

EMAIL SENT TO CUSTOMERS ON FEBRUARY 1, 2018:

We are writing you today about a recently discovered data ingestion issue on the Mixpanel platform that affects your project(s) and requires that you update your SDK as soon as possible (unless your SDK is set to automatically update). Before we go into detail on what happened and how we’ve addressed the issue, we want to apologize for any difficulty this may cause your organization. Our team is committed to remedying this situation quickly, and we’re available to talk through any questions or concerns—just reply to this email, and we’ll be in touch.

What happened?

On January 5th, 2018, a customer informed us that they observed Autotrack sending the values of password fields in events. We confirmed that this was unexpected behavior; by design, Autotrack should not send the values of hidden and password form fields.

We immediately began investigating further and learned that the behavior the customer was observing was due to a change to the React JavaScript library made in March 2017. This change placed copies of the values of hidden and password fields into the input elements’ attributes, which Autotrack then inadvertently received. Upon investigating further, we realized that, because of the way we had implemented Autotrack when it launched in August 2016, this could happen in other scenarios where browser plugins (such as the 1Password password manager) and website frameworks place sensitive data into form element attributes.

To date, our forensics and security experts have not seen any indication that this data was downloaded or accessed by any Mixpanel employee or third party. It was a bug, plain and simple. Upon discovery, we took immediate steps to secure the data and shut down further receipt. As of today, all data that was inadvertently received has been destroyed. In order to be as transparent as possible, here is more detail on how we have addressed and will continue to address this issue.

How we’re addressing this issue

Since discovery, we have been actively working to resolve the issue for affected customers. The majority of projects were not impacted, but based on our findings, we believe that you may have project(s) that were impacted, which we list at the end of this email.

We took immediate steps when we discovered this data ingestion issue in the form of the following:

  1. Limit further receipt of data: On January 9th, we implemented a server-side filter to securely discard this data as soon as we receive it, and soon thereafter refined the filter to solve for the last remaining edge cases.

  2. Delete the inadvertently received data: We have cleared all data from our database that we inadvertently received and, upon request, we can provide you with fine-grained metadata about what data was inadvertently sent to Mixpanel servers. This will include a mapping of distinct IDs to property names (but not the data values themselves, which have been securely deleted using appropriate security measures).

  3. Fix the Autotrack bug: We have implemented the Autotrack functionality fix in the Mixpanel SDK. You will, however, need to update your SDK as soon as possible to reflect this change. If your SDK is set to automatically update, or if your website loads the SDK directly from our content servers, then no action is required.

  4. Review any access of this data: We do not believe this data was downloaded or accessed by any Mixpanel employee or third party.  To the extent we discover otherwise, we will immediately notify you.

In addition to fixing the root cause of this issue, we’re taking proactive steps to identify and prevent similar issues from occurring in the future:

  1. Incorporating formal privacy reviews as part of our design and development processes: Security and privacy have always been front of mind at Mixpanel, but we’re adding some additional explicit checkpoints in our product development processes to help ensure that we’ve considered all of the impacts of the changes we make.

  2. In-depth security/privacy audits of key existing product areas: We’ve learned a lot from this issue, and our team has been diving in to look for similar cases where these same kinds of problems could arise.

  3. Operationalizing our response tooling: We’ve built new tools in response to this issue to help us identify the scope of data collection, limit access to data, and to purge it from our systems quickly. We’re taking these tools and making them more general purpose so that we can respond more quickly in the unlikely event that a similar problem occurs in the future.

  4. Data filtering and detection: We’re exploring capabilities that can detect something like this sooner including changes to the SDK to give us more insight into what data is being sent to us, integration with Data Loss Prevention (DLP) solutions, and even using our machine learning capabilities to detect anomalous ingestion.

We are conducting a thorough investigation of what happened and how we handled it. We believe that we have addressed the ingestion issue with the speed and accuracy required as your trusted partner. Below the signature, we have also listed your Project ID(s) and Project Name(s) that were affected.

If you have questions or for more information, please reply to this email for a response from your account team. Otherwise, as mentioned before, please update your SDK as soon as possible.

Sincerely,

The Mixpanel Security team

Featured Image: Bryce Durbin/TechCrunch Readmore

Continue Reading

Apps

Apple could let you run iPad apps on your Mac


Apple is working hard on the next major versions of its operating systems — macOS, iOS, tvOS and watchOS. While iOS is the big elephant in the room, the most intriguing new feature could be fore macOS. According to reports from Bloomberg and Axios, Apple will let you run iPad apps.

Yesterday, Axios first reported that Apple’s senior vice president of Software Engineering Craig Federighi announced a revised plan for iOS 12. Apple usually unveils the new version of iOS at its WWDC developer conference in June. It then goes through a few months of beta testing and gets released in September.

And this time, Axios has heard that Apple is delaying some features to work on quality issues. Many customers have been complaining about bugs in iOS 11, such as weird autocorrect bugs, messages arriving out of order, the Calculator app not calculating properly and more.

That’s why some rumored features have been pushed back to iOS 13 in 2019. Those features include a home screen redesign, CarPlay improvements, Mail and Photos updates.

Instead, you can expect a rock-solid iOS 12. There will still be new features, but not as many as expected. iOS 12 could feature better parental controls, a FaceTime update. There could be more augmented reality features too.

Some of those delays will also affect the next macOS update, such as the update to the Photos app for instance. But Bloomberg first reported that Apple is still on track to let you use iOS apps on your Mac. Axios confirmed those plans, saying that iPad apps in particular should run on macOS.

This could represent a huge change for the Mac platform with a big number of new apps hitting the Mac App Store. It’s still unclear whether Apple will optimize the user interface of those apps on the Mac. Using a touch screen is very different from using a mouse. But iPad app developers can expect to reach a lot more users.
Readmore

Continue Reading

Member of The Internet Defense League

Subscribe to our Newsletter

Trending