CSOonline: Review of Check Point’s SandBlast Mobile — simplifies mobile security

There is a new category of startups — like Lookout Security, NowSecure, and Skycure — who have begun to provide defense in depth for mobiles. Another player in this space is Check Point Software, which has rebranded its Mobile Threat Protection product as SandBlast Mobile. I took a closer look at this product and found that it fits in between mobile device managers and security event log analyzers. It makes it easier to manage the overall security footprint of your entire mobile device fleet. While I had a few issues with its use, overall it is a solid protective product.

You can read my review in CSOonline here.

Read More
How Citrix Fuels Red Bull Racing

Few businesses create a completely different product every couple of weeks, not to mention take their product team on the road and set up a completely new IT system on the fly. Yet, this is what the team at Red Bull Racing do each and every day.

A video featuring the racing company’s staff and its ultra-fast pace was featured at Citrix Synergy conference in Orlando earlier this summer. When I saw it, I wanted to find out more about what happens behind the scenes. Indeed, during the week of Synergy, they were busy at one of the 20 different races they participate in around the world each year. “We design and manufacture all of our cars and go through some 30,000 engineering changes a year,” says Matt Cadieux, CIO of Red Bull Racing, “We create new car parts for every race because all of our cars get torn apart and rebuilt to new specifications that are designed to make the car go faster.”

The typical race week starts out with the team showing up several days ahead of the green flag, ready to unload 40 tons of equipment on the first day. The next day, the communications networks are connected and the cars assembled. “We don’t have time to debug things, we have to be up and running and do that in 20 different places around the world,” he said.

The company is based in the UK, where they have a very space-age data center. And it should! They designed it based on the look and feel of NASA’s mission control room in Houston. “We have one of the largest video walls in Europe,” said Cadieux. The data center houses three Linux clusters, a Windows cluster, and uses IBM Spectrum Storage to manage all their resources.

All that video isn’t just for showing pretty pictures. They have some serious data visualizations, where they are tracking in real time more than 200 different car metrics dealing with its performance. “It is very graphically intensive, and behind the graphics are some pretty large databases too,” Cadieux said.

Getting these graphically-rich screens sent to the racing team at the track requires some serious computing horsepower and a very dependable remote desktop experience, and that is where Citrix comes into play. “If we didn’t have Citrix, there is no way we could manage these apps effectively,” he said. The racing company uses a combination of XenDesktop and XenServer along with NetScaler to provide firewalls and load balancing. As their infrastructure has gotten more complex, they have been able to add functionality from this collection of products easily.

That is one of the reasons why Red Bull Racing has worked with Citrix for many years. “We always had great tech support from them and they always exceed our expectations. We have access to their developers and early code releases. For our use cases, we are always pushing technical boundaries, because we not afraid to try new things. We give a lot of blunt and honest feedback to their product teams, too.”

As you might imagine, using all these graphical screens places a burden on having the lowest possible network latencies when those bits are shipped all over the planet. “We needed to take some heavyweight apps and use them in remote places, and that means we need some solid networks too.” They make use of AT&T VPN technologies to provide their global connectivity.

For example, when they are in Australia, they can get less than 380 ms round trip latencies back to their data center in the UK. “Sometimes, users can feel that delay, but they still can use our apps. When we are running races in Europe, you almost can’t tell the difference between the remote session and being back inside our data center,” he said.

The support team that they bring to each race used to be bigger, but thanks to XenDesktop they have managed to leave several key team members back in the UK. “We still can have the collaboration between people at the track and at home with XenDesktop. The result is that we can make better and more informed decisions,” he said. There is also a limit on the number of team members that can be present on the track as part of the racing staffing regulations.

Red Bull Racing has been around for more than a decade and, as you might assume, their current technology portfolio is “massively different” when compared to what they used back then. “When we first started, our operations room was the size of a broom closet and our simulations had almost no correlation to what we observed in the real world. Back then it was more of a science project than something that could make appropriate business decisions. Now, our math models are much more complex and we do a better job with visualizing our data. The size of our models and the infrastructure required to run them has also exploded over time.” As he mentions in this ITWorld article, “It allows us to get a very under-the-covers view of the health of the car, where you can understand forces, or you can see things overheating, or you can see, aerodynamically, what’s happening and whether our predictions in computational fluid dynamics and the wind tunnel are what really happens in the real world.”

Red Bull Racing have also been able to be more responsive; now, they can instrument a problem, track down a solution, and have it ready for race day all in a matter of hours. “We can now react to changes and surprises and deal with them in a more data-driven way,” he said.

Cadieux came from a Detroit-area traditional automaker before he moved across the pond and started supporting race cars. The two businesses have more in common than you might think, because ultimately they are all about making engineering decisions around the cars themselves. “We build our cars for performance, rater than for the mass market, that’s all. The software problems are similar.” Well, maybe he is just being modest.

Does Cadieux have one of the best jobs in IT? Certainly. “It is a very cool job and I am very lucky to have it. We get to solve some very interesting problems and be at the forefront of using tech to improve our business. It is great to work with such a cohesive team and be able to move very quickly, and merge engineering with our business needs.”

Read More
Securing the smart home, a guide to my reviews series

I began a series of reviews for Network World on securing the smart home. These three articles were published earlier this year:

Since then, I have written additional stories, but before I introduce those I want to take a step back and review the decision process that I would recommend in terms of what gear you should buy and at what point during your smarter home networking automation journey. And let’s also take a moment and review the decisions that you have made so far on hubs and wireless access points and how these decisions can influence what you buy next.

While there is no typical decision process for this gear, here are a series of five questions that you should have begun thinking about:

  1. Do you already own a smart thermostat? If not, make sure you pick the one that will work with your hub device. Nest doesn’t work with Apple’s HomeKit, for example. I will talk about my experience with Nest in a future installment. Also, you might also want to make sure that you can upgrade your older thermostat with something more intelligent, in terms of wiring and network access.
  2. Are you in the market for a new TV? If you are, consider what your main motivation is for buying one and which ecosystem (Apple, Google or Amazon) you want to join and use as your main entertainment provider. It used to be that buying a TV was a major purchase, but today’s flat screens are relatively inexpensive. Most new TVs come with wireless radios and built-in software to connect with Netflix, Amazon, and other streaming providers too.
  3. Are most of your cellphones Android or iOS? While many of the smart home products work with apps on both kinds of phones, that doesn’t necessarily mean that features are at parity between the two phone families. In some cases, vendors will prefer one over the other in terms of their app release schedule and that could be an issue depending on which side you are on. If you are serious about considering Apple HomeKit products, obviously you will need at least one Apple phone for managing its basic features. While Apple’s ecosystem supports the largest collection of smart home devices, overall, many of the smart home products will work on either Google Home or Amazon Alexa as well.
  4. Do you have sufficient wireless and wired infrastructure to support where you want to place all your devices? As I mentioned in my last installment, one of the major reasons for using a better wireless infrastructure like the Linksys Velop is because of its wider radio coverage area. Make sure you understand what your spouse is willing to tolerate in terms of wiring and AP placement too while you are assembling your new network requirements and scouting out potential AP locations around your home. As part of this decision, you might also need to upgrade your ISP bandwidth plan if you are going to be consuming more Internet services such as video and audio streaming.
  5. Do you have enough wired ports on your network switch? With all the devices that you plan on using, you probably are going to run out of wired ports. And while you might think that most smart home products are connected wirelessly, many require some kind of wired gateway device (the Philips Hue is an example here) that will consume a wired Ethernet port.

Those five questions should help get you started on your smart home journey. But before you purchase anything else, you might want to consider these security issues too.

  1. Do you understand the authentication requirements and limitations of each smart home app? One of the biggest limitations of the smart apps is how they set up their security and authentication. In many cases, the app can only use a single login ID and password. If you want multiple family members to use the app, you may have to share this information with them, which could be an issue. You might want to consider a document that lays out your family “rights management” — do you want your kids to be able to remotely control your thermostat or monitor your home security cameras? What about your spouse? This begs the next question:
  2. Who in the family is authorized to make changes to your smart infrastructure? By this I mean your network configuration and access to your computers, printers, and other IT gear. Again, in the past once this was set up it wasn’t often changed by anyone. But the smart home requires more subtle forms of access and this could be an issue, depending on the makeup of your family and who is the defacto family IT manager.
  3. You should plan for the situation when you (or another family member) loses their phone with all of your connected apps and authentication information. This is one of the major security weaknesses of the smart home: your apps hold the keys to the kingdom. Most of the apps automatically save your login info as a convenience, but that also means if you lose your phone, it can be a massive inconvenience. Some of these apps will only work when they are on your local network, but others can reach out across the Internet and do some damage if they fall into the wrong hands. Given how often your family members lose their phones (I know of one 20-something who loses her phone twice a year), this might be worthwhile. You might want to record the procedures for resetting your passwords on your various connected apps and other login information.
  4. What happens when one of your smart devices is compromised? The reports earlier this year about the compromised web server that comes with a Miele dishwasher are somewhat chilling, to say the least. How can you detect when a smart device is now part of a botnet or is running some malware? We will have some thoughts later in the series, but just wanted to raise the issue.

As you can see, making your home network smarter also means understanding the implications of your decisions and the interaction of products that now could create some serious family discussions, to say the least.

The remaining reviews in the series includes:

Read More
The smart home series: Nest is building a smarter thermostat

If the Philips Hue smart light bulb is the first connected home product, probably the most desired home networking product is the smart thermostat. While Nest wasn’t the first in the field, it has become the market leader and was purchased by Google back in 2014. One of the reasons why I chose my test home in suburban St. Louis was because the homeowners already had one installed. I wanted to see how it would interact with the Google Home and Alexa Echo units and what other equipment it would integrate with.

Nest is like many smarthome products: there is the actual thermostat itself, an attractive low-slung cylinder that has a built-in 480×480 pixel touch screen and a rotating collar for its main menu controls. Then there is a smartphone app and a web service. The apps run on both Android and IoS devices. (iOS 8 or later, or Android 4.1 or later)

Nest can’t replace all analog thermostat installations, but there is this helpful page that will walk you through what you have now and how your existing thermostat is wired to figure it out. They also have an installation video and troubleshooting tips. My home owners are moderately handy and they had no issues getting it installed. In my informal poll of other Nest users, I didn’t hear any horror stories either.

Once you wire it up to your HVAC system, you have to download its app to your phone and get the software setup. That took about 15 minutes. You can control up to 20 different thermostats and in two different locations from one app and one account. Unlike other smart home products,

Nest allows this account to grant access to two users with two separate email addresses. You still may want to use a throwaway email address to share among your family, if they have authority to change your home temperature conditions. It connects to your home network via Wi-Fi and like other products, initial setup is via Bluetooth.

We set up the Nest with both Alexa and Google Home. Nest doesn’t directly work with Apple’s HomeKit although there is this workaround. We also set up Nest with the ADT Pulse alarm system app that was installed in our test home. More on these connected apps in a moment.

Nest calls its product a learning thermostat, and this is because it automatically figures out your usage patterns on a daily basis. For example, the new generation units will light up to greet you when you come home. You can wait a couple of weeks for it to learn your schedule, or set up a typical schedule like any programmable thermostat. But unlike an analog thermostat, it has a series of sensors, as you might imagine. Besides temperature, it also measures humidity, activity and ambient light. That means it can make smarter decisions about your occupancy and usage patterns. That is one of its chief selling points.

Nest has some built-in routines that help you save money on your heating and cooling bills, called Nest Sense. It has all sorts of automated routines here. One is called Eco Temperatures. Basically, you set up a temperature range that your home will operate at, and if no one is home that is the default mode of operation. Others are called Cool to Dry, Leaf, Airware, Home/Away Assist, and Time-to-temp.

The Nest phone app is cleanly organized and once you get done setting up these various routines, you probably won’t be spending much time with it. With my test homeowners, one said she is so ingrained in using the thermostat directly that when she walks by it in her hallway she thinks about changing the temperature then. The other said he used both the Nest app and the voice commands but still was getting used to using both of them. Part of the issue here is that unlike lighting that you change frequently during the day, you probably don’t think about your home temperature control very often.

Another selling point for Nest is that it has a large range of other products that integrate with it. That is what drove my test homeowners to buy it since it works with their ADT security system. One of my homeowners used the ADT/Nest control because she forgot her Nest app password. So it is nice to have all these different mechanisms to control it, to be sure.

Finally, Nest was easy to setup with both the Amazon Alexa and Google Home, taking less than five minutes to get each one configured. Using it was simple too, and both seemed to perform the same way in terms of controlling the thermostat. My male homeowner said he is starting to prefer the Amazon hub for home control, just because it has so many more connected apps. But he finds the Google hub provides him with more thorough answers to his questions.

Nest is now on their third generation product, which retails for $249. (I tested the second generation.) But don’t let that price scare you: your local electric or gas utility might have rebate offers. (In St. Louis, it was $125 from both companies combined). It comes in four colors.

Read More
The smart home series: Philips Hue lighting system review

In today’s installment, I look at the Philips Hue lighting system. This has four main components: a network-attached bridge or controller, the smart bulbs themselves, web-based software and the smartphone software that is used to turn your lights on and off. We tested the product in the same suburban home location outside of St. Louis where we tested our earlier products, connecting Hue to both the Alexa Echo Dot and the Google Home hubs.

Hue comes with three different kinds of bulbs: white-only, white ambiance and multi-color, which includes white. The White Ambiance allows you to do more than just dim up and down at the one color temperature and gives you access to 50,000 shades of white light. I tested the multi-color. Both come with built with radios that communicate via the ZigBee LightLink protocols back to the bridge.

To me, a lamp is a necessary evil and something that doesn’t require a great deal of thought. This is because I am someone with zero sense of interior design. I tell you this upfront, which is one of the reasons I was testing these products at a home where both residents have a lot more design-savvy and understanding of lighting placement and mood creation.

If you are a design philistine like me, then you probably won’t get much out of this product and should just stick with ordinary lamps. But if you do take the plunge, make sure you are buying what Philips calls “gen 3” bulbs (which is what I tested). These bulbs have deeper green, cyan and blue for even better mood setting. Philips claims the bulbs can deliver 16 million different colors, but since I am colorblind I couldn’t verify this claim. Nevertheless, you have a wide color palette that you can play with on your smartphone and have a lot of fun finding that exact color to match your mood, your decor, what your spouse is wearing, or whatnot. All the bulbs are LEDs, so are very energy-efficient. They all fit into a standard base and (unlike the early CF bulbs) are small enough to fit in most ordinary lamp housings.

Why bother with smart bulbs? Several reasons. First, you can remotely turn them on and off, both instantly and on a specified schedule, to make your home more comfortable and secure. Second, you can set various moods by having them dim or brighten appropriately. And finally, you have bragging rights when you have your friends over for dinner or parties. By now many of you have already bought your own smart hub: this gives you the first practical application that can readily demonstrate its utility.

When I first got the Hue kit I thought it was mostly “nice to have” but not an essential use case. The more I and my test couple used them, the more we liked them and the more we came to rely on the ability to control them at will and to set different moods. I think this bears emphasis: Hue is creating something new and really giving you a new dimension on how you live and consume lighting in your home.

You don’t need a smart hub to operate your Hue lights, because you can control them via the smartphone app  (shown here) or you can also purchase a variety of hardware controllers that can fit inside a standard light switch receptacle or sit on your coffee table if you want a physical object. That is all well and good, but really that gear is just a glorified “Clapper” device that is about as exciting. But using the Alexa or Google Home hubs means you have voice commands for your lights. This means you don’t have to look for your phone and can just turn your lights on or off quickly as you enter a room.

Getting setup from scratch took about 15 minutes on either hub, using a very similar process. The biggest issue I faced was switching my lighting system from the Amazon to the Google hub, which a normal user wouldn’t necessarily do. If you are going to change hub vendors, you should do a factory reset to make things easier. The controller/bridge connects to your home network via Wi-Fi, and it also works with Apple Home Kit hubs too.

The most important part of the hub-related setup is naming your various rooms where the bulbs will be located. The workflow for doing this is different in Amazon Alexa versus the Google Home. With Alexa, it picks up this information from the Hue app. In Google, you have to create your room names on its app.

For the most part, the Hue bulbs worked fine with either Alexa or Google Home. But sometimes Alexa would make a mistake, thinking a particular bulb was on when it was off, or vice-versa. And sometimes Alexa would turn on a bulb in the wrong room. We couldn’t reproduce these errors. It isn’t clear who is at fault here: because sometimes the app shows a bulb is on when it is off. For the majority of time though, things work as intended.

If you are just going to control your lights locally — meaning while you are in your home — then you don’t have to worry about the web server piece of the product. This is needed for two purposes: first for controlling your lights when you are away from home, and second to integrate with any Nest products and other home automation web services. For either purpose you will need to create an account on meethue.com and then use that login on your smartphone app. As with other smart home products, only one account (meaning one email address) per home is allowed. If you want multiple family members to have lighting controls, you might want to create a special email address that everyone can access. Philips is looking into having multiple accounts with different access rights at some point in the future.

Once you get going with the standard bulbs, Philips makes a bunch of different other bulb sizes that can you expand your horizons and play interior decorator. I didn’t test any of these. You can purchase a rechargeable portable light source called Go and lights that come with a variety of their own decorative bases. Given that Philips has been making electric lights for more than a century, this is not unexpected that there will be others joining its Hue product line in the near future.

Hue comes in various product configurations, the basic white-only starter kit with two bulbs and the controller is $70. It is available online and in a variety of electronics and lighting stores too.


Read More
Warning: your mobile phone is not safe from hackers

The biggest cyber threat isn’t sitting on your desk: it is in your pocket or purse. I am talking of course about your smartphone. Our phones have become the prime hacking target, due to a combination of circumstances, some under our control, and some not.

Just look at some of the recent hacks that have happened to phones. There are bad apps that look benign, apps that claim to protect you from virus infections but are really what are called “fake AV” and harm your phone instead, and even malware that infects application construction tools. I will get to some of the specifics in a moment. If you are in St. Louis on August 3, you can come hear me speak here about this topic.

Part of the problem is that the notion of “bring your own device” has turned into “bring your own trouble” – as corporate users have become more comfortable using their own devices, they can infect or get infected from the corporate network.  And certainly mobile users are less careful and tend to click on email attachments that could infect their phones. But the fault really lies in the opportunity that mobile apps present.

For example, take a look what security researcher Will Strafach has done with this report earlier this year. He demonstrated dozens of iOS apps that were vulnerable to what is called a man-in-the-middle attack. These allow hackers to intercept data as it is being passed from your phone through the Internet to someplace else. At the time, his report grabbed a few headlines, but apparently, that wasn’t enough. In a more recent update, he found that very few of the app creators took the hint — most did nothing. He estimates that 18 million downloaded apps still have this vulnerability. Security is just an afterthought for many app makers.

Another issue is that many users just click on an app and download it to their phones, without any regard to seeing if they have the right app. Few of us do any vetting or research to find out if the app is legit, or if it part of some hacker’s scheme, and to do so really requires a CS degree or a lot of skill. Take the case of the “fake AV” app that infects rather than protects your phone. There are hundreds of them in the Google Play store. FalseGuide is another malware app that has been active since last November and infected more than two million users.

The Judy malware has infected between 8.5 million to 36.5 million users over the past year, hiding inside more than 40 different apps. DressCode initially appeared around April 2016 and since then it has been downloaded hundreds of thousands of times. Both look like ordinary apps that your kids might want to download and play with. Hackers often take legit apps and insert malware and then rename and relist them on the app stores, making matters worse.

Even the WannaCry worm, which was initially Windows-only, has been found in seven apps in the Google Play store and two in Apple’s App Store. Speaking of Apple, the malware XcodeGhost is notable in that it has targeted iOS devices and resulted in 300 malware-infected apps being created, although that malware infected Apple’s desktop development environment rather than the mobile phones directly.

So what can you do? First, make sure your phone has a PIN to lock its use, and if you have a choice of a longer PIN, choose that. There are still at least ten percent of users that don’t lock their phones. Having a PIN also encrypts the data on your phone too.

Next, use encrypted messaging apps to send sensitive information, such as Signal or WhatsApp. Don’t trust SMS texts or ordinary emails for this.

Use a password manager, such as Lastpass, to store all your passwords and share them across your devices, so you don’t have to remember them or write them down.

When you are away from your home or office network, use a VPN to protect your network traffic.

Don’t automatically connect to Wi-Fi hotspots by name: hackers like to fool you into thinking that just because something is named “Starbucks Wi-Fi” it could be from someone else. Apple makes a Configurator app that can be used to further lock down its devices: use it.

Turn off radios that aren’t in use, such as Bluetooth and Wi-Fi.

Don’t do your online banking — or anything else that involves moving money around — when you are away from home.

Don’t let your kids download apps without vetting them first.

Turn on the Verify Apps feature, especially on Android devices, to prevent malicious or questionable apps from being downloaded.

Keep your devices’ operating systems updated, especially Android ones. Hackers often take advantage of phones running older OS’s.

I realize that this is a lot of work. Many of these tasks are inconvenient, and some will break old habits. But ask yourself if you want to spend the time recovering from a breach, and if it is worth it to have your life turned upside down if your phone is targeted.

Read More
Speech: How to make your mobile phone safe from hackers

While the news about laptop camera covers can make any of us paranoid, the real cyber threat comes from the computer we all carry in our pockets and purses: our mobile phones. In this speech I am giving at Venture Cafe STL, I will describe some of the more dangerous cyber threats that can turn your phone into a recording device and launch pad for hackers, and how you can try to prevent these in your daily life.

Read More
iBoss blog: The new rules for MFA

In the old days — perhaps one or two years ago — security professionals were fond of saying that you need multiple authentication factors (MFAs) to properly secure login identities. But that advice has to be tempered with the series of man-in-the-middle and other malware exploits on MFAs that nullify the supposed protection of those additional factors. Times are changing for MFA, to be sure.

I wrote a three-part series for the iBoss blog about this topic. Here is part 1, which introduces the issues.  Part 2 covers some of the new authentication technologies. If you are responsible for protecting your end users’ identities, you want to give some of these tools careful consideration. A good place to start your research is the site TwoFactorAuth, which lists which sites support MFA logins. (The Verge just posted their own analysis of the history of MFA that is well worth reading too.)

And part 3  goes into detail about why a multi-layered approach for MFA is best.

Read More
Is there good news for journalism in the gig economy?

This piece originally appeared in Sam Whitmore’s MediaSurvey.com in late June 2017.

We all know that the Bezos Post and the Grey Lady are doing well selling monthly subscriptions. (During the last three months of 2016, the Times added 276,000 net digital-only subscribers, more than they started the year.) They are the counter-examples in the otherwise dismal NewspaperDeathWatch (done by my podcasting partner Paul Gillin) series of layoffs and site closures.

But what about some way new models that could support quality journalism? Here are a few bright spots, some operating sites, some ideas that are still being worked out:

  • The Marshall Project, which is a non-profit newsroom focused on criminal justice with stories such as The Mental Health Crisis Facing Women in Prison and How to Cut Down on Searches in Traffic Stops: Legalize Pot.
  • Press Think, which is a US version of the Dutch site, De Correspondent. That site is funded solely by its 56,000 members who pay about $63 a year. Jay Rosen is leading that effort, which has articles on politics and the gaming nature of PR. It is funded by a foundation for now. The idea is to optimize for trust.
  • Stratechery, which is Ben Thompson’s one-person effort to look at the intersection of tech and business, with recent pieces on the Amazon/Whole Foods deal (which has one of the more insightful things said about the merger) and Google and antitrust.
  • The Information, which is also tech news related. That has been around for several years and has done some excellent reporting, which is what you would expect if you hire some of the top journalists and charge $400 a year for subscriptions.
  • Most recently is Civil, which announced plans to build a blockchain-powered marketplace on Ethereum. This marketplace could be where citizens and journalists form common communities and financially support factual reporting and investigative work. The motivation is to substantially limit misinformation through effective collaborative-editing methods. Call it “fact-checking as a service,” if you will. It hasn’t yet launched.

All of these efforts are worth watching to see what gains traction. Against this landscape, or maybe in spite of it, are a series of re-energized corporate blogs that seem to be well-funded (such as IBM’s SecurityIntelligence.com) and new information delivery models (such as Jason Calacanis’ Inside.com series of email newsletters — NB: I am a contributor to both efforts).

Will any of these gain real traction? Hard to say. Paying for content is expensive, and paying for superior content is even more expensive. Crowdfunding may not bring in enough dough, whether it is in traditional dollars or some crypto-currency that can trade at wide valuations.

Part of the problem certainly began years ago when advertising revenue evaporated, or at least moved to other places. But that just shifted the cost basis of most pubs. There is the issue that Google and other search sites now collect those funds, and have sucked the air out of any news-oriented site.

But another issue is the trust deficit that news sites now have with their readers. Witness the CNN issue earlier last week, or any of the latest collection of presidential Tweets. So, as they say in the media, stay tuned.

Read More
FIR B2B podcast: Millennials vs. Baby boomers on B2B marketing, a new book called “Tap”

It isn’t surprising that millennials are less satisfied with their jobs – given that they change them so frequently. Perhaps they have unrealistic salary or promotion expectations. This survey, the Data Snapshot: 2017 Career Outlook for Tech Marketers, of several hundred marketers from both the US and UK is worth looking at, not just because it points out generational differences but it also shatters some myths too.

Are vendors paying freelancers to place stories in reputable publications they write for? David Berlind thinks so. We describe what motivated him to post a complaint about how freelancers are double-charging for their stories, being paid by both a vendor client and their editors.

Next, Anindya Ghose’s Tap: Unlocking the Mobile Economy should be on every B2B marketer’s reading list for how to understand mobile ecommerce and mobile transactions. It is a rare book that provides solid research and is enjoyable to read. He shows that the balance between advertising and peer group recommendations for purchasing products and services is shifting to more of a mix, and this book will help guide marketers to understanding how to play that mix to their favor without alienating consumers. He covers the nuances of location-based advertising and how mobile phones access this information. B2B marketers have to get better at using mobile technologies. And the smartphone has become the glue between online and offline channels, so marketers need to understand how this glue is applied and how to become more effective at using it.

Finally, this post from Buffer (We Made These 10 Social Media Mistakes so Don’t Have To) is well worth reviewing. Many of us have made most of the mistakes on this list, and some of them are worth discussing with your social media team to try to prevent them in the future.

Listen to our podcast here:

Read More
1 2 3 4 193