Protecting my devices with an invisible shield

Posted on By Mark Wilson

Scratch-proof your gadgetsWhen I bought my first iPhone, I bought a rubber case to protect it (and a set of screen protectors). After a few months, the rubber case split, so I bought a polycarbonate case instead. And when I went to sell the phone, I removed it from the case and found that it was still scratched – despite having spent around £50 in total on the various protective accessories. With my new iPhone 3G, I decided to try something different and I knew that one of my friends had been pleased with his .

InvisibleSHIELD is a clear protective film that is applied to the device – so it looks just as the original manufacturer intended (albeit in a strange wrapper) rather than in an external case with questionable aesthetics and which may restrict your ability to use your device with certain accessories. Each InvisibleSHIELD is cut to size for a particular device (be it a laptop, phone, GPS, PDA or even a watch). Furthermore, if you need to remove the film (e.g. to sell the device in as new condition – as my friend Alex did with his iPhone), then it easily detaches and leaves no stickiness behind.

I had two InvisibleSHIELDs to install – first up I protected my 30GB iPod with Video (which went very smoothly) and then I tried on my iPhone 3G (which was very difficult) but the best piece of advice I was given was to watch the videos first. It’s not complex – but there is definitely a technique – and I would have paid someone to do my iPhone if I knew they could do it well (unfortunately the curved back of the iPhone makes it very difficult to apply the film to and I have a couple of air bubbles that I missed as I fought to get all the edges and corners stuck down in the right places). I’m now following the manufacturer’s instructions and leaving the devices alone whilst the ShieldSpray application solution dries.

On the whole, I’m pleased with my InvisibleSHIELDs. Of course they are not completely invisible, as with any adhesive film (e.g. there’s some extra glare on the screen on my iPod now) and, as mentioned previously, the iPhone protector was difficult to install but I can use the devices without a case getting in the way (for instance, the iPod no longer needs to be removed from its case to put it into my speaker system, or onto the dock connector in my wife’s car). The feel of the shield also means that there is some slight friction against a desk, or the palm of my hand, making it less likely to slide away but there is one significant flaw in the design – the points on the device that are still exposed after the shield is in place are the corners – i.e. those areas most likely to get scratched up if the device does take a tumble.

Would I buy another InvisibleSHIELD? Almost certainly yes. In fact, if I ever get to the point that my MacBook goes out and about with me more, then I’ll probably buy one to protect it. It’s a low-cost solution with a high value. Even so, I’m a perfectionist and if there was a local distributor who would fit a shield for me (with no air bubbles and all edges perfectly lined up) then I’d pay an extra £20 for that service (on an iPhone 3G at least!).

Scratch proof your iPhone 3G

Microsoft infrastructure architecture considerations: part 5 (security)

Posted on By Mark Wilson

Continuing the series of posts on the architectural considerations for designing a predominantly-Microsoft IT infrastructure, based on the MCS Talks: Enterprise Infrastructure series, in this post I’ll look at some of the infrastructure architecture considerations relating to security.

The main security challenges which organisations are facing today include: management of access rights; provisioning and de-provisioning (with various groups of users – internal, partners and external); protecting the network boundaries (as there is a greater level of collaboration between organisations); and controlling access to confidential data.

Most organisations today need some level of integration with partners and the traditional approach has been one of:

  • NT Trusts (rarely used externally) – not granular enough.
  • Shadow accounts with matching usernames and passwords – difficult to administer.
  • Proxy accounts shared by multiple users – with no accountability and a consequential lack of security.

Federated rights management is a key piece of the “cloud computing” model and allows for two organisations to trust one another (cf. an NT trust) but without the associated overheads – and with some granularity. The federated trust is loosely coupled – meaning that there is no need for a direct mapping between users and resources – instead an account federation server exists on one side of the trust and a resource federation server exists on the other.

As information is shared with customers and partners traditional location-based methods of controlling information (firewalls, access control lists and encryption) have become ineffective. Users e-mail documents back and forth, paper copies are created as documents are printed, online data storage has become available and portable data storage devices have become less expensive and more common with increasing capacities. This makes it difficult to set a consistent policy for information management and then to manage and audit access. It’s almost inevitable that there will be some information loss or leakage.

(Digital) rights management is one solution – most people are familiar with DRM on music and video files from the Internet and the same principles may be applied to IT infrastructure. Making use of 128-bit encryption together with policies for access and usage rights, rights management provides persistent protection to control access across the information lifecycle. Policies are embedded within the document (e.g. for the ability to print, view, edit, or forward a document – or even for it’s expiration) and access is only provided to trusted identities. It seems strange to me that we are all so used to the protection of assets with perceived worth to consumers but that commercial and government documentation is so often left unsecured.

Of course, security should be all-pervasive, and this post has just scratched the surface looking at a couple of challenges faces by organisations as the network boundaries are eroded by increased collaboration. In the next post of this series, I’ll take a look at some of the infrastructure architecture considerations for providing high availability solutions.