It’s particularly galling when a company specializing in security issues gets monumentally hacked. That was the case for Stratfor, which suffered a massive data breach just before the holidays that exposed thousands of client names, e-mail addresses and credit card numbers. Adding insult to injury, hacktivist group Anonymous revealed on Twitter that it was able to get at the data because the company hadn’t encrypted them, according to the Associated Press. Stratfor’s travails serve as a re- minder to all companies that they need to get their cyber security policies and practices in order. Here are some issues to consider.

1. Beware of the mobile threat.

Mobile devices have become ubiquitous and more powerful. Companies can no longer just protect employees’ laptops, but must be aware of tablets, smartphones, iPods and anything else with a brain and wireless connectivity. Inadequately secured devices, if stolen, can give thieves access to corporate networks, allowing them to steal sensitive data.

Employees downloading new apps may download keystroke-logging software as well, giving hackers access to their credentials—but few people have anti-virus software installed on these devices.

“2012 is going to be a significant year for mobile threats enterprise-wide because so many devices are being adopted,” says Dave Marcus, director at security firm McAfee Labs. Companies “have to start looking at mobile devices like other devices—‘If it’s got data on it, it’s got my corporate data on it, then I’ve got to manage and secure it like every other device on my network,’” he adds.

2. Review privileges.

Do all users really need all the access rights they now have? Keeping privileges to a minimum limits the damage hackers can do if they get into a user’s account, as well as the damage employees can do on the way out the door.

Controlling privileges can also help with compliance since “most regulations, including SOX, HIPAA, GLB and PCI, have a clause on the level of access to key IT assets,” says Jim Zierick, executive vice president at security vendor BeyondTrust.

But privileges can be hard to manage, especially in big organizations with lots of applications. “Users are proactive about acquiring access they need or want, but rarely ask for access to be taken away even if they no longer need it,” says Michael Bennett, chief information officer for the U.S. unit of defense contractor BAE Systems.

One option is to roll out a centralized system to allocate and manage privileges, which allows for quick changes if employees are hired, fired, move internally or temporarily need special access for a project.

Companies should move beyond automated provisioning, access control and auditing solutions to add a new security control and abstraction layer that sits between the information and the people who use it, Bennett says. This allows the data to be displayed in a way that the particular user—and device—needs to see it, “while denying access to anything not specifically required by and permitted to the user,” he adds. “Apart from the huge security gains, this architecture makes it much simpler to support the many different kinds of access devices that users want to bring to work.”

3. Prepare for breaches.

No system is completely hacker-proof. If a security hole—or human error—allows key data to leak out, companies must be ready to deal with it quickly and effectively. And that’s going to require more effort than before.

The Securities and Exchange Commission’s guidance issued in October reminds public companies that breaches could be considered material events that need to be disclosed, says Richard Bortnick, an attorney at Cozen O’Connor. Private firms may be affected if they are suppliers or partners of a public company.

States are also rolling out or toughening up disclosure laws, including California, Bortnick says.

After a breach disclosure, companies should be prepared for lawsuits, says Bob Parisi, senior vice president at consultancy Marsh. As the result of a recent court ruling, plaintiffs no longer need to show actual harm or imminent threat of harm, but simply increased risk of potential harm to take their cases to trial, he says.

And lawsuits are now being filed faster, just days or even hours after a breach is disclosed rather than months later, Parisi says. Companies need to respond quickly to a breach, which may involve more than just offering credit monitoring to clients whose information has been compromised, he says, and remedies should be relevant.

“If you’re a hospital losing patient data, offering credit monitoring might not be the most appropriate response,” Parisi says. “If what you offer is the wrong remedy or no remedy at all, you’re basically waiving a red flag in front of the potential plaintiff class.”

4. Encrypt, encrypt, encrypt.

In the past, encryption slowed down systems and inconvenienced users, so it was used only to protect data traveling over the Internet. Technology has improved to the point where companies can encrypt data that’s stored on mobile devices, moving across internal networks, even stored inside databases, without adding lag or hindering productivity.

The new technology operates on a more basic level, even embedded into the hardware. If a breach occurs, the stolen information can’t be used and no disclosure is required.

One organization taking this approach is AGS Capital Group. “The risks and penalties of breach laws are increasing, so we are looking at increased and mandatory encryption on all employee computers and laptops,” says Allen Silberstein, CEO and chief investment officer at AGS. “So if the hard drive gets into the wrong hands, the information remains protected.”

5. Add new authentication mechanisms.

Most applications require only a user name and password. Companies have been reluctant to ask customers to use a second form of authentication, such as an additional password sent by text message.

As breach notification requirements and costs escalate, companies should take another look at second-factor authentication, says David Miller, chief security officer at Covisint.

In the past, the second form was often key-chain fobs that generated one-time passwords—and employees who misplaced their keys would be locked out of the system. But the solution now could be a cell phone.

“A mobile device can run a one-time password-generating app to supply a PIN for network access, hold a digital certificate that uniquely identifies the device or can receive an automatically generated text message with a one-time password to authenticate each login,” says BAE’s Bennett. “Using a mobile device that a user already has, as opposed to issuing another physical device for authentication, makes a lot of sense.”

For a look at what the Securities and Exchange Commission wants companies to disclose if they’ve been hacked, see SEC Provides Guidelines for Disclosing Cyber Attacks.

SLIDESHOW: 5 reasons Macs are gaining ground in the enterprise

But the latest numbers don’t lie. Apple’s U.S. market share for the quarter ended Sept. 30 jumped from 10.5% to 11.3%, according to IDC. And Apple’s global Mac shipments increased by 20%. Gartner puts Apple’s U.S. market share at 12.9%, with a 21.5% growth in PC shipments.

Apple: CES goers, don’t forget about us!

In its latest earnings report, Apple said Mac sales hit an all-time high of 4.9 million units, a 26% year-over-year increase. And according to a survey by Forrester Research, 22% of enterprises report the use of employee-owned Mac computers is growing significantly.

So, what is Apple doing differently? The answer, not surprisingly, is not much. Apple hasn’t changed, but the world has.

The popularity of consumer-oriented devices like iPhones and iPads among traditional end users has created a sea change in the enterprise. Whereas enterprise IT managers once tried to keep a tight lid on new hardware accessing the network, the trend toward a new open attitude is described in two of the big buzzwords of the day: consumerization of IT and BYOD (bring your own device.)

Then there’s the new generation of employees entering the workforce who are demanding computers that they’re already familiar with – and that means Macs.

When it comes to applications, the concerns of the past don’t apply as much anymore. Traditional Microsoft Office apps run just fine on the Mac these days. And with more apps viagra hosted in the cloud, whether the host computer is a PC or a Mac is becoming a non-issue.

According to Forrester analyst David Johnson, there are a couple of other reasons for the Mac surge: productivity and prestige.

“The corporate PC as a device is increasingly over-managed, creating very difficult-to-use systems for people, and impacting productivity,” he says. “The length of time we were on Windows XP created a lot of frustration with end users.”

XP has been around for 10 years, he adds, and 50% of companies are still running the aging operating system and dealing with all that comes with it -Blue Screens of Death, Patch Tuesdays, etc. Meanwhile, the latest Mac operating system is smooth, fast, user-friendly, stable and secure, he says.

Plus, the perception has shifted. At one time, if you walked into a meeting with a Windows laptop, you meant business. If you walked in with a Mac, you were less than serious. Today, that has totally changed.

“Power brokers don’t want to show up to a meeting with a plastic laptop that sends the subliminal message that they aren’t prosperous enough to afford something nice,” Johnson says.

The big switch

Chicago-based IT services company Model Metrics began switching from PCs to Macs in 2007.

“What we found was that we would walk into a meeting, and open the Mac – and it’s a conversation starter,” says CMO Dave Dahlberg. “‘Oh, those guys are different!’ It’s almost a part of our sales process. We’re seeing the same thing with iPads to an even greater extent – you do the presentation on an iPad and it’s a conversation starter.”

Today, 174 of the company’s 175 employees have Macs.

MacBooks are also more reliable than Windows PCs, he adds. “And, for us, meeting with clients every day, that’s really important.”

“Some companies are using it as a recruiting tool,” Forrester’s Johnson says. “Those kinds of stories are fairly common.”

“They [Apple] have really made a name for themselves for ease of use,” adds Apurva Mehta, director of client services and educational technologies at the University of Massachusetts-Boston. “They have a cool factor to it, and the younger staff and faculty that come in are requesting Macs.” In fact, he said, this was the first year that more faculty requested Macs when they were hired than PCs.

Today, out of about 800 faculty and staff, between 10% and 15% are using Mac computers, he says.

The younger generation finds them easier to use. “And the fact that Macs are not prone to virus attacks and trojan attacks and all those other securityissues are helping them become more and more popular,” he adds.

Easier integration

The growth of OS-neutral applications both inside and out of the enterprise, virtual desktops, and new integration technologies make it easier than ever to allow Macs full-fledged entry into the enterprise.

Tech argument: Macs vs. PCs

Henderson, Tenn.-based Freed-Hardeman University began switching to Macs four years ago, as a result of student demand. What helped the process was the university’s long-term plan to move to an OS-neutral infrastructure.

“We thought, by centralizing on one OS [Windows], it would make things easier,” says Greg Maples, the university’s director of network operations. “But it wound up costing us more in the long run.”

Being a Windows shop locked the organization into the Windows ecosystem, he says, and resulted in less flexibility, nimbleness and a loss of opportunities to innovate.

Instead, the company has begun moving to cloud services. Two years ago, for example, the Exchange server was replaced with Google Apps. (Read our tech debate: Google Apps vs. Microsoft Office 365.)

“For education, it’s free, so it was a no brainer for us,” he says. The university switched over its faculty and students, and not only saved money on the Exchange licenses, but also on support costs.

“All the support calls went away,” he says. “I get a call a week now – and it’s usually because of Outlook.” He explained that some users still use Outlook clients to access Gmail instead of accessing it via the web interface.

Campus members are also doing more and more work in the cloud – using Google Docs, cloud storage, and other applications.

Some university staffers still use Microsoft Office, he says. “The mail merges, the export functions, the templates – there are definitely reasons to keep Office.”

However, this might be the last year for a campus-wide Windows Office license, he says. “It may be cheaper to buy it outright for just a few users.”

Meanwhile, most software vendors have already begun delivering applications via the Web, he adds.

“Once we got pretty good Internet access here, we quit buying software that needed to be installed on the desktop,” he says.

Today, only a couple of applications still require a Windows machine, like the school registration system. Staff who need access to these applications, or who simply prefer to work in a Windows environment, can use a virtual Windows desktop provided by Desktone, headquartered in Boston.

Desktone offers a secure cloud-based Windows desktop, accessible via any computer or mobile device, on a per-user basis – no virtual machines or dedicated servers required.

“As time goes on, we’ll move more and more things over to more user-friendly and accessible ways to connect,” Maples says. “But Desktone allows us not to worry about that.”

The university decided on a gradual migration, moving all incoming freshmen and a quarter of staff and faculty to Macs four years ago, and repeating the same process each successive year.

Today, almost all 2,000 students, with the exception of some graduate and fifth-year students, use Macs, as do almost all of the university’s 500 employees.

One early problem was Active Directory integration. Apple’s OS 10 will work with it, but not easily, and if the university were doing it over again, it would use Centrify, a vendor which specializes in integrating Macs into Windows networking environments. “We’re actually looking at Centrify right now,” Maples says. “Our biggest challenge now with the Mac is authentication, keeping account information synchronized and setting password policies.”

Another challenge was managing user expectations. “You have to be careful when you make the switch not to say that it’s going to be better – better is subjective,” he says. “Some people weren’t very happy with the changes … and that was our stupidity because we thought everyone would like it.”

The recent versions of the Apple operating system hook into Active Directory and Exchange and connect to file servers, says Aaron Freimark, IT director at New York-based Apple consultancy Tekserve. He is also the founder of EnterpriseIOS.com, an online community for IT administrators who have implemented Apple devices in their organizations.

“The baseline works, and is configured,” he says. “But you often get a better experience with a third-party application. For example, the mail client that comes with the Mac works with Exchange, but it may not have all the features that someone wants.”

“We make the Mac machine a security peer to the Windows machine,” says Centrify’s Macintosh Product Manager Lance McAndrew. According to McAndrew, few large organizations are monolithic environments. In addition to running Windows, most also run Unix, Linux and, now, Macs.

To comply with regulations and ensure security, companies need to make sure that employees can access the resources they need to do their jobs while providing access that is secure and trackable, he says.

RAND Corp., a think tank headquartered in Santa Monica, Calif., uses Centrify DirectControl to authenticate Mac and Linux computers with Windows Active Directory. Around 400 of the company’s 2,000 employees use Macs.

“We’re seeing a lot of companies trying to get in front of this,” McAndrews says. “They’re coming to us and saying, ‘Right now employees can pick between an HP machine and a Dell machine when they come into the company, and we want a Mac to be one of the platforms they can pick.’”

In addition to Centrify, there are several other vendors that can help a company integrate Macs into the enterprise. They include the Casper Suite from JAMF Software, which works with Apple computers and mobile devices.

Absolute Manage, from Absolute Software, can manage both Macs and Windows in a single platform, Tekserve’s Freimark says. On the open sourceside, DeployStudio and Puppet can also manage and configure Mac devices.

In addition, virtual machines such as Parallels or VMware Fusion can put a Windows desktop on a Mac – but at a cost, according to Forrester’s Johnson. Virtual machines use up the Mac’s resources and create distribution and management headaches for IT departments. As a result, they are better used as a stop-gap measure until the rest of the infrastructure catches up, he says.

At the University of Massachusetts-Boston, Mac users get Office 2011, the Adobe design suite, a lecture capture tool, access to the university’s Exchange servers, and almost all the other functionality that Windows PCs have. Anything that’s missing can be accessed through a virtual desktop, Mehta says.

“We’re starting to see differences narrow,” he says. “And we make sure that any new system we buy is Mac-compliant, because we know we have so many Mac users on campus.”

At Model Metrics, the company began transitioning to cloud-based services at the same time it began the move to Macs. Although everyone still has Microsoft Office, the majority of work takes place in Google Apps. File backup and storage is also in the cloud, with Carbonite and various other cloud storage vendors, including Amazon S3. The primary content management system is Salesforce.com., Dahlberg says.

Employees who need a Windows environment for specific developer tools access them through a VMware partition, he adds.

Saving money

Although Macs cost more than equivalent Windows computers, some companies are seeing a return on investment in terms of increased productivity.

Bently Holdings, a private real estate investment and management company in San Francisco, reports significant support savings. The company started moving away from Windows PCs to Macs five years ago and today 110 out of 123 employees use Macs.

“We’re saving hundreds of thousands of dollars with our migration to Macs,” says Brady Frey, the company’s Art and IT director. First, the training time required for new employees has been reduced by over 75%. “The employees were used to a Mac environment at home, and going into Windows was hard and uncomfortable for them,” he says. “It took four hours of training per employee. After switching to Macs, it was 45 minutes per employee.”

Equipment upkeep costs were also lower, he adds. “With Windows devices, we had a high failure rate,” he says. “We spent so much time with very obscure errors. Some people completely stopped using our audio visual equipment because of dealing with errors.”

For example, the company typically holds three events a day as part of its business. Previously, that required more than an hour of setup time per event – time which has been reduced to just 15 minutes after switching to a Mac environment and iPad controllers. “Saving that three to five hours a day in maintenance alone has been a significant financial improvement,” Frey says.

The company also saves $12,000 to $15,000 a month as a result of eliminating the use of outside companies for Windows support. “We used to average 28 support tickets a day,” he says. “Now we average five.”

To support the multi-device environment, the company uses Kerio Connect, an alternative to Microsoft Exchange that supports Windows, Mac, and Linux operating systems as well as iPhones, iPads, Android and Windows Phone 7 mobile devices.

The future

Looking ahead, it’s clear that the trend toward Macs shows no sign of abating. According to Apple CFO Peter Oppenheimer, 92% of Fortune 500 are now testing or deploying iPads, as are 52% of Global 500 companies, while iPhones are being tested or deployed at 93% of the Fortune 500, and 60% of the Global 500.

And once users are on iPhones and iPads, Macs can’t be far behind. For example, Newport Beach, Calif.-based private equity fund Kodiak Capital Group recently upgraded to new iPhone 4Gs – which came with a discount on Mac laptops.

As a result, the firm switched from PCs to Macs, says managing partner Ryan Hodson. “The learning curve has definitely been interesting, but in the long run I think we will all wonder why we ever used PCs,” he says.

Korolov is a freelance business and technology writer in Massachusetts. She can be reached at maria@tromblyinternational.com.

Use of nicknames or false names poses a security and money-laundering risk, and requiring the use of actual and verified names could put an end to such problems, the central bank said in the draft proposal.

With its rapid growth, the electronic-payments market also is increasingly vulnerable to financial misdoings, Weidong Wang, an analyst from the China-based iResearch Consulting Group, tells PaymentsSource, noting most consumers use their actual names when paying online.

“The main difficulty in implementing a real-name system would be the increase in business costs for payment providers, which would include overhauling the complete back-office systems,” he says.

Convincing hesitant consumers to agree to use their real names also might be difficult, especially if their account is dormant, Wang says. Online-shopping activity also could drop if many consumers decline to provide their real names, he adds.

The agency, an information-technology venture under the Ministry of Railways, launched a mobile version of its popular online ticket-booking portal on Jan. 5. It previously offered only a Web browser version from which passengers could search for trains and buy tickets through online banking services and bankcards.

“Now the same Web experience would be possible on a mobile version, which would be usable free of cost on data-enabled mobile handsets,” a spokesperson for the corporation tells PaymentsSource.

Users must open their mobile browser and enter the link to the Web version of the site, which accesses a beta version of the mobile site. They then would log in using the same credentials used to access the Web version, he says.

“After that, you would have to choose your destinations, the train, class and seats, just like you would on the Web,” the spokesperson says.

Only customers of Citibank Pvt. Ltd. may make payments via online banking and bankcards for now, the spokesperson says. “Other banks would be added progressively, and we will have the full list of banks as we have on the website soon enough,” he says.

Similar to Web bookings, users must pay the regular ticket fare along with service charge and an agent-service charge of 10 rupees (18 U.S. cents or 15 euro cents) for sleeper class and 20 rupees for higher classes.

Users receive a text message with full details of the transaction, including booking number, train number, date of journey and class, he says.

The agency will continue to work with third party payment providers such as Paymate Pvt. Ltd., which offers train bookings through their mobile applications, the spokesperson says. “We will also launch our own application for [Apple] and Android devices soon,” he says.

The company has enabled point-of-sale terminals in more than 20 provinces to accept NFC payments, according to the spokesperson. China UnionPay’s goal is to cover all of China with NFC and other forms of mobile payments by 2013 to help create a cashless society, she says.

Under the expansion, UnionPay is setting up hundreds of thousands of noncontact payment terminals in restaurants, supermarkets, department stores, convenience stores, pharmacies, hospitals and clothing shops, the spokesperson says.

UnionPay in 2010 implemented a text message-based mobile-payments model across its point-of-sale infrastructure in Beijing, Shanghai, Shenzhen, Guangdong, Jiangsu, Zhejiang, Shandong, Tianjin, Hunan, and 21 other provinces and cities. It also has established a card-based microSD payment model in Shanghai, Shandong, Ningbo, Hunan, Sichuan, Shenzhen, Yunnan, Beijing, Hubei and nine other provinces.

Chinese mobile-payment sales volume reached 2.6 billion yuan (US$407 million or 298 million euros) in 2010, up 300% from 650 million yuan in 2009, according to a report from China Electronic Commerce Research.

China’s mobile-payment market relies on four different standards. They include the dual-interface card, NFC technology and microSD cards, all based on 13.56-megahertz contactless technology; and the RF-SIM card based on the 2.4- gigahertz technology. China’s Ministry of Industry, the People’s Bank and the National Standard Committee established a joint working group in September to develop a single mobile-payment standard (see story).

China’s total mobile market, including not only e-commerce but also games, advertising and other value-added services, reached 10.83 billion yuan (US $1.7 billion or 1.2 billion euros) in the third quarter of this year, an increase of 154.8% from 4.25 billion yuan a year earlier, the company said.

The mobile-commerce share of that total grew as well, to 34.8%, or 3.77 billion yuan, from 15.8%, or 671 million yuan–more than a five-fold increase in spending.

But the total still is relatively small when compared with mobile commerce’s potential, iResearch analyst Weidong Wang tells PaymentsSource.

China has 320 million mobile Internet users, according to iResearch. “The future market demand for mobile payments is immeasurable,” iReseach analyst Du Feng said in another report released Oct. 20.

The mobile Internet is becoming increasingly popular with Chinese consumers, who value its convenience. In addition, various industry players are promoting its growth, including mobile telephone companies, payment processors, banks and online retailers, Wang says.

“And e-commerce mobile payments are only one of the factors contributing to the growth of the mobile-payments sector,” Wang adds. “With the rise of mobile-payment technology, the rapid deployment of mobile payments will become a new growth are for the industry.”

However, the industry must address a number of issues before that happens, including security, contactless payment standards, and consumers’ habits of using cash and bankcards when shopping instead of their phones, he adds.

According to the company, interested customers must upgrade their phones at any of 70 Beijing Telecom outlets around Beijing. During the upgrade, they will keep their same phone number, but the telco will replace the phone’s SIM card with a UIM, or user identify module, card. The upgrade is free.

After upgrading their phones, customers may check balances and transfer funds between accounts, buy lottery tickets and game cards, and top off their cell-phone balances, the company says. They may link up to 10 China UnionPay credit or debit cards to each device.

Shanghai-based China UnionPay Co. Ltd. is China’s sole card network, with more than 400 member institutions and 2.7 billion cards issued in China and abroad to over 700 million cardholders as of last month, according to a report by Xinhua, China’s official news agency.

Beijing Telecom picked China UnionPay because of its compatibility with many contactless-payment platforms, such as transportation; its wide acceptance; and low operating costs, Weidong Wang, an analyst from Beijing-based iResearch Consulting Group, tells PaymentsSource.

Security is assured through encryption, both on the phone itself and during wireless communications, by supporting authentication encryption algorithms and OTA (over-the-air) technology, he says.

However, it might take time for the rest of China’s telcos to support mobile payments, Wang adds.

“There are still difficult issues across the country when it comes to the harmonization of standards,” he says. “Beijing Telecom’s payment service is just a pilot project.”

The service — which was previously available only in English — allows individual users to opt for a second login step, which sends an authorization code to an iPhone, Android or BlackBerry device. Enrolment is done by the individual users by registering a cell phone number, in a process that Google says takes about 15 minutes. After registration, users can have a confirmation code sent to their mobile device each time they log into Google Apps, or when they access it from a new device, or once every 30 days. Users also get back-up codes in case they can’t get service on their phones.

The security feature might change the perception about the insecurity of cloud application delivery, said Tim Drury, CEO of New York-based cloud consulting firm White Stratus Inc.

“The idea of someone like Google coming to a company and saying, ‘give us all your data and we’ll look after it’ — it’s probably a similar feeling to when a bank came to them in the 16th century and said, ‘we’re a bank, give us all your money and we’ll look after it’,” Drury said. “But, over time, that’s become very commonplace. We trust that banks are built to look after money. The reality of companies like Google is that they’re built to look after data.”

According to Google, there are currently 3 million businesses, with a total of 30 million active users, using Google Apps.

However, the management options for corporate customers are limited.

“The domain administrator can enable users in their domain to voluntarily enroll in two-step verification by flipping a switch in their admin control panel,” said Google spokesman Jay Nancarrow. “We don’t currently provide a mandatory setting option.”

1. Encrypt, encrypt, encrypt. There are two parts to the data encryption challenge – encrypting stored data, and encrypting data that’s moving over public networks, says security expert Brian Reed, vice president of products at mobile security vendor BoxTone. SSL encryption on the iPad is a fast and convenient way to protect data in motion. “With data at rest, you want to ensure that the data is encrypted and protected, but you also want to be able to remotely wipe it if possible,” he adds.

2. Centralize management. Apple‘s iOS 4 allows iPads to be managed centrally. Companies can set security policies, lock down or wipe lost or stolen devices, and even create their own app catalogs, Reed says. Stories about how Apple devices don’t play well with corporate IT departments date back a year, he adds. “What we’re seeing now, and the reason why this is heating up, is that management capabilities are built into iOS,” he says. “We’re seeing the floodgates open to the iPad in the enterprise.”

3. Isolate personal and company data. Since the iPad is a consumer-friendly device, many users are going to want to use it for personal e-mail, reading, online shopping, or playing games. This could be a problem in some regulated industries, such as medical and financial sectors, where sensitive financial data or medical records must be kept isolated. To keep regulators happy, employees can carry two devices – one for work, and one for personal use. Or they can logically isolate the corporate environment from the personal environment on the same device, Reed says. This would allow employees to bring their personal devices to work. When employees leave the company, just the corporate environment would be deleted. “With an employee-owned iPad, I can do a selective wipe and leave all the personal data in place – the personal iTunes account and Angry Birds,” Reed says.

4. Route e-mails through company servers. Out of the box, the iPad is designed to work with personal e-mail services, but it can also be configured to work just with corporate e-mail systems – or to have access to both on the same device. “The nice thing is that you can force all e-mails to be routed through your server and you will already have compliance and archiving on that e-mail server,” Reed says.

5. Authentication and authorization. Companies are used to having a second authentication factor on desktops and laptops – digital certificates, one-time passcodes, smart card readers. “But on a mobile device, it’s often just a login with your ID and password,” says Jeff Kalwerisky, Chief Security Evangelist for Alpha Software. But many two-factor systems can work on the iPad as well, he added. These include one-time passwords from RSA or VeriSign devices, or confirmation messages to a separate cell phone. “The cell phone is a very clever second factor,” Kalwerisky says. “If someone stole your iPad but didn’t have your cell phone, they wouldn’t be able to log in. And it’s a cell phone – everybody has got one.”

But the action hasn’t died off. Instead, it has shifted to proprietary, enterprise-class platforms like Teleplace, ProtoSphere, and VenueGen — and to the open-source platform, OpenSim.

Based on reports from educational institutions, non-profit groups, and hosting and consulting firms, I estimate that OpenSim currently has between 500,000 and 1 million users. These users are scattered across hundreds, or thousands, of private virtual worlds running on the OpenSim platform.

OpenSim is free software that anyone can install and run. It is compact enough to run on a USB stick and scalable enough to run a world with 10,000 regions — or 160,000 virtual acres.

Over the past year, OpenSim has come to rival Second Life in terms of stability and features. In fact, in some respects, such as backups and content limits, OpenSim is far in advance of Second Life. Its two main weaknesses are its complex vehicle physics and its lack of a large, concentrated user base. As a result, it’s not the best platform for large-scale marketing campaigns or complex, vehicle-based role-playing games.

However, OpenSim worlds can be accessed using the same browsers as Second Life, and content can be moved between the two platforms, making it the destination of choice for schools and companies fleeing the high costs of Second Life.

OpenSim also has a hypergrid: A user registered on one world can teleport to another without having to log in again. This means that users can visit multiple worlds to attend events, socialize, and even go shopping. Goods bought in one world can be brought to another via the hypergrid teleport system.

There is currently no way to track the total number of OpenSim-based worlds, since anyone can download and run the software — and the main distribution point doesn’t track the number of downloads. But for over a year, I’ve been tracking the growth of the largest public grids running OpenSim. Currently, more than half of them are hypergrid-enabled, allowing teleports in and out.

Over the past 12 months, the number of regions on the top 40 public OpenSim grids has doubled, from 7,947 in the middle of January 2010 to 15,623 in the middle of January 2011. I’ve only been tracking total users since September, and not all grids report this number. But of the grids that do, total users have grown from around 118,000 to more than 153,000 — an increase of 30 percent over the course of four months.

OpenSim region counts (Source: Hypergrid Business survey data)
To access Second Life or an OpenSim world, users need to download viewer software, just as they would have to get Firefox or Internet Explorer in order to surf the World Wide Web.

So OpenSim growth is particularly interesting because OpenSim viewers — who are also Second Life viewers — not only require a download, but are also difficult to learn to use. There are a couple of OpenSim viewers that run in a Web browser, but they are still in the testing stages.