2/23/2013 BY VORAPOJ LOOKMAIPUN CISA, CISM, CRISC, CISSP Agenda. Security Cases What is BYOD Best Practice Case Study
|
|
- Quentin Butler
- 8 years ago
- Views:
Transcription
1 BY VORAPOJ LOOKMAIPUN CISA, CISM, CRISC, CISSP Agenda Security Cases What is BYOD Best Practice Case Study 1
2 Zeus Botnet designed for Financial Crime Compose of Zeus Builder Create Zeus bot Zeus Admin (C&C Command and Control) Web Dashboard Page Zeus bot Collecting system configuration data Collecting transaction and personal information Web injective Etc. ZITMO (Zeus in the mobile) Banking malware to steal from your bank account Infection Threat Analysis 2
3 ZITMO (Zeus in the mobile) ZITMO (Zeus in the mobile) 3
4 ZITMO (Zeus in the mobile) ZITMO (Zeus in the mobile) 4
5 Trojan Genimi BOT, C&C Baseball Superstars 2010 Threat Intercept inbound SMS, Send SMS, Restart Packages Access GPS location Access browser history Etc. ios malware ikee 1 st worm on iphone Nov 2009, Attack Jailbreak device Use SSH default password vulnerability to distribute on network 5
6 IT Trend in
7 Consumer driven IT 7
8 BYOD Bring Your Own Device Bring Your Own Applications Bring Your Own Data Bring Your Own Friends 8
9 Gartner CIO agenda 2012 What is BYOD? BYOD = Bring Your Own Device The recent trend of employees bringing personally-owned mobile devices to their place of work, and using those devices to access privileged company resources such as , file servers, and databases. An alternative strategy that allows employees, business partners and other users to use a personally selected and purchased client device to execute applications and access data. Mobile innovation is now driven by consumer markets than by business markets 9
10 BYOD What are the challenges for IT? Protecting sensitive data Support Security How does BYOD benefit the organization Increase Flexibility Empower Employees and Increase worker productivity Overall Cost Saving Traditional vs BYOD Concept Components Devices Applications & Operating System Devices Management Traditional End user computing Structure and Standardized Typically PC, laptops and Blackberry devices Standardized Endpoint Security, Systems, and Asset Management are used and in full control BYOD Concept Heterogeneous PC s, laptops, Macs, tablets & smartphones Heterogeneous Various Applications, Operating Systems, even form factors Minimal control or no control at all 10
11 BYOD Pro & Con Business Employees Pros Business adopting a BYOD policy can save on buying costly desktop devices. Also, saving terms of maintaining and supporting computer devices with the hiring of IT support staff. With the cost savings, business could take advantage by investing in other technology, or other areas of business. Employees tend to take better care of self owned property/devices Employee can decide which devices that they prefer, which in turn would increase employee morale and productivity. As BYOD devices are mobile devices, employees could work resources and application anywhere and anytime which in turn improves productivity. Employees are now empowered to work more efficiently and be more productive, instead of corporate-owned devices. Cons Without proper BYOD policies and technologies in place a business or computer risks exposing classified information. Information will not be as secure as it would be on a device exclusively controlled by the company. Devices brought in by employees likely face in compatibility issues. IT departments may need to spend extra time troubleshooting various devices, and looking for best solutions to issues Due to security issues, the employees often do not have true full control over their devices. The company they work for would need to ensure that proprietary and private information is secure at all times. It is an out-of-pocket expense for the employees. They would be responsible for repairs it their devices were damaged or broken at work. Without proper security measures, BYOD could mean BYO Malware to the office, which eventually causes damage to organization BYOD Pro & Con 11
12 BYOD Goal To balance conflict goals Social Keep employees happy Business Keep process running effectively Financial Manage costs Risk management Stop bad things from happening Mobile Infrastructure 12
13 BYOD Strategy Demand The mobile experience for customers, employees and partners. How will they transact, be informed and be serviced? Supply Which technologies, resources and partner will deliver the mobile experience? Governance and Risks Who needs to be involved, who is providing the funding, and how will risks be mitigated? 13
14 BYOD Pro & Con Security Risks & Concerns Business Employees Technical Solution to reduce BYOD risk? BEST PRACTICE 14
15 BYOD Security Blueprint App Store Mobile Device Security Network Access Control Wireless Access Point Safe mobile device configurations Safe mobile device provisions Safe access channel for mobile device Guest Limited Full BYOD Security Blueprint App Store Mobile Device Security Network Access Control Wireless Access Point Safe mobile device configurations Safe mobile device provisions Safe access channel for mobile device Guest Limited Full 15
16 WIFI Security WIFI Threats WIFI Security Change SSID Default Hide SSID Broadcast Strong Encryption WPA/WPA2 Strong Password (Wifi Router Admin) Enable Router Firewall Disable Auto Connect (option) 16
17 BYOD Security ISACA Framework Remote Access Connect to enterprise via WIFI to enterprise network via VPN or IPSec WIFI use WPA2 or better Network Access Control 17
18 Network Access Control Strategy Embrace Contain Block Disregard = Allow everyone to BYOD for almost everything = Allow some people to use some devices to access some resources = Not allow = No change BYOD NAC Contain Sample Access Control Policies Allow Internet access Allow access to , calendar and contacts (such as via Exchange Active Sync) Allow access to some corporate applications Block access to sensitive intellectual property and data 18
19 BYOD NAC Contain Network Access Level Limited access Zone, restrict access to applications & data Support Wireless LAN and Wired LAN Limit access according to user s role (by integrating with Active Directory) Server Based Computing (such as VDI and Windows Terminal Server) SSL VPN Firewall, wireless controller or any Layer 3 network component that accepts ACLs BYOD NAC Embrace Sample Endpoint Control and Security Policies Required MDM agents for tablets and smartphones Required DLP agents for tablets and smartphones Maintain current OS levels and patches for Windows PCs and Apple OS X devices Require security agents for Windows PCs and Apple OS X devices (such as NAC, Endpoint protection, DLP) Network Access Level Allow personal owned endpoints that compliant with security policies to access the corporate network. 19
20 BYOD NAC Moving From Contain Embrace Gain CIO Support Partner With the Mobile Team Begin with Contain Policies Slowly Evolve to an Embrace Approach BYOD NAC 20
21 BYOD NAC ISACA Framework Network Access Control SSL/TLS or VPN Active Directory 2 nd Factor Authentication Mobile Device Security Security Level Security Criteria (Weak to Strong) 7 Air Gap 6 Geo Location Policy Enforcement 5 Mobile Device Encryption 4 Mobile Content Control 3 Mobile Device Lock Down 2 Sandbox, Container, Wrapper 1 Password Management 0 Do Nothing 21
22 Mobile Device Security 0 Do nothing Don t know what they have in the organization. Blackberry system is security built-in environment, locked down devices and management was handled invisibly in a data center with BES. Mobile Device Security 1 Password Management Required Passcode Minimum Password Length Password Expiration Password History 22
23 Mobile Device Security 2-Sandboxes, Containers & Wrappers Memory Isolation, memory protection from OS collapse app-wrapper VPN capability rather entire device Mobile Device Security 3-Mobile Device Lock Down Device identity authentication CA-based handshaking with AD to create mobile workforce provisioning, management and reporting. Always-on VPN VoIP traffic must be encrypted WIFI traffic must be encrypted The user cannot bypass the VPN 23
24 Mobile Device Security 4- Mobile Content Control Begin with harden stateful inspection mobile firewall:- services, ports, process, users/groups Centralize management mobile firewall, make entire mobile population becomes invisible to the internet and attacker Application Black Listing - SIEM Check Jailbreak, Root Mobile Device Security 5 - Mobile Device Encryption Device level encryption to protect data at rest, OS level Do not allow sensitive data to reside at rest on the mobile device, Using Critrix-like tool to access corporate resources Treat mobile device as GUI dump terminal and encrypted traffic Application Wrapping 24
25 Mobile Device Security 6 - Geo-Location Policy Enforcement GPS or tower-based resolution enforcement Integrate mobile firewall and policy with highly granular resolution with 3 meters 25
26 Mobile Device Security 7 -Air Gap Two devices Users have one mobile device for business and one for work. Make mobile device full as secure as fully compliant desktop computer; Andriod and ios More expensive, depend on worth of Mobile Device Security 7 -Air Gap BYOD Air Gap Personal/Business data intermingled on device? Yes No Personal Privacy in Jeopardy? Yes No Compliance Risk? Yes No Company potentially liable for personal data loss? Yes No Who is liable for breached company data? Unknown Company Who is liable for compromised personal data? Unknown Not Applicable 26
27 MDM Product MDM Product 27
28 BYOD Security ISACA Framework Device Access Restriction Strong password 2 nd authentication factor Password expired in every 90 days Device lock after 3 unsuccessful password attempts Data permission & access is aligned with data classification Data accessibility and permission is within user job function and data classification BYOD Security ISACA Framework Device security Explicit permission to Wipe data Encryption and data protection at least AES 128 bits or 3DES 168 bits Remote Access Bluetooth discoverable is disable Bluetooth connect with previously pair devices Connect to enterprise network via VPN or IPSec Connect to enterprise via WIFI to enterprise network via VPN or IPSec 28
29 BYOD Security ISACA Framework Malware Protection Antivirus installed Firewall BASELINE SECURITY FEATURE 29
30 Baseline Security Feature (Andriod) Andriod 2.2 Password policies: required, minimum length, alphanumeric, maximum attempts Maximum inactivity time lock (idle time) Andriod 3.0 Password policies: complexity, minimum letters/characters/symbols, expiration, history Full file system encryption Data Execution Protection (DEP) using ARM XN Andriod 4.0 Support for Microsoft Exchange ActiveSync (EAS) v.14(exchange Server 2010) and EAS certificates Automatic sync to be disable while roaming Disable camera Keychain API Address space layout randomization (ALSR) to help protect system and third-party apps from exploitation due to memory management issues VPN API and underlying secure credential storage Baseline Security Feature (Andriod) Device Security Basis access locks :-passcode, pattern lock, face recognition Lock after timeout and wife after retry limit Bluetooth and Wi-Fi access controls SIM card password Andrioddevices should not be allowed to host business data and apps without under control of MDM tool, that provides access control policies, proactive status reporting and root detection. 30
31 Baseline Security Feature (ios) Encryption Always-on AES hardware storage encryption Configuration profiles that can be encrypted and locked to a device, with removal requiring an administrative password itunes backups that can be encrypted and password-protected at the user s discretion Native S/MIME support Certificates Certificate enrollment can be linked to a company s public-key infrastructure and certificate authority Certificates can be required for virtual private network (VPN) connections Online Certificated Status Protocol (OCSP) facilitates certificate revocation Simple Certificate Enrollment Protocol (SCEP) establishes opt-in policy controls at the user device Exchange Active Sync (EAS) and VPN client access can be set to require a device certificate Baseline Security Feature (ios) Apps JavaScript VM App Isolation Jailbreak-proof App Keychain Address Space Layout Randomization Safari Private Browsing and anti-phishing policies Enterprise-installed apps installed/removed by MDM tools Embedded VPN L2TP, IPsec, PPTP and SSL are natively supported. Proxy configuration is supported in Safari and by a VPN configuration profile VPN can autoconnectto bring up a tunnel only if a resource is requested 31
32 Baseline Security Feature (ios) Endpoint Policies Apple provides controls for app-generated messages and forwarding policies. Combined with EAS, this servers as an introductory over the air (OTA) management solution. Additional local device security policies may be administered on a tethered connection using iphone Configuration Utility (IPCU), or can be delivered OTA by , a Web URL and third-party MDM tools Apple Configurator can help IT administrators to mass configure and supervisor ios devices by means of a tethered connection Apple s MDM API provides lots of policy functions to third-party developers BYOD CASE STUDY 32
33 Case Study Financial service company 100,000 endpoint devices 200 location Anticipate approximate 10,000 employee owned smartphones, tablets and laptops. Case Study Use Case 1. Employee-owned Tablet/Smartphone 2. Employee owned Windows Laptop 3. Employee owned MacBook Laptop 33
34 Case Study Use Case 1 Employee Owned Tablet/Smartphone Policies -Install MDM agent for the device to gain access to wireless BYOD network Action -If MDM agent is detected, Citrix like agents is used to grant access to subsetof applications on the corporate network. -If MDM agent is not detected, the device is positioned on the guest network, and is limited to internet access only. -JailbrokeniOSdevices and rootkittedandriodare denied access to network, including guest network. Case Study Use Case 2 Employee Brings Own Windows Laptop Policies Up-to-date patches are required. Up-to-date antivirus signatures are required. Disk Encryption is required. Specific ports must be blocked via a personal firewall (such as Telnet/SSH) Mobile Endpoint enable for checking configuration status Data Loss Prevention agent is required. 34
35 Case Study Use Case 2 Employee Brings Own Windows Laptop Actions If Windows laptop is compliant with all policy criteria, it is granted full access to corporate network. If Windows laptop is non compliant with one or more policies, it is positioned on the guest network and is limited to internet access only. (The user must register at the guest Web Portal) Case Study Use Case 3 Employee Brings Own MacBook Laptop Policies It must be running OS 10.5 or later MDM agent must be enabled VontuDLP agent is required. Actions: If compliant with all policy, it is granted full access to the corporate network. If not compliant with all policies, it is positioned to guest network and limited to internet access only. 35
36 Case Study 3 Phases project 1 st phase A pilot project, 200 IT staff brought personally owned devices to work. 6 months Refine the Web registration portal Address minor product integration issues with MDM agent, Case Study 3 Phases project 2 nd phase Support 1,000 employee-owned devices Employee in IT risk management and risk compliance department included Assess the end-user experience and overall performance of the solution. Define and monitor role based access. 1 years period 36
37 Case Study 3 Phases project 3 rd phase Support all employee and contractors By year end 2014 Case Study Results 80% employee have chosen to comply with corporate policies and install required MDM agent and other software in their mobile devices. Users who choose not to comply with policy, must register devices at guest portal on daily basis, and are allow only internet access. (August 2012) approximately 1,000 employee owned devices are present on corporate network on a regular basis. Contractor represent 85% of the non corporate devices Smartphones and tablets 10% of non corporate devices Macbooksare 5% of non corporate devices 37
38 Case Study Results The company did not add full disk encryption to support BYOD initiative. There are Endpoint service consultants are on-site and support broader NAC project. Policy enforcement has gone smoothly. For example- 5 employees reports that they lost their personally owned device, then these devices were immediately wipe clean, the entire devices. The employees had signed waivers agreeing to the remote wipe policy, because the policy was communicate clearly, the employees (grudgingly) accepted the fact that they lost personal content. What is the right answer? Air Gap. Two devices. I want my mobile work as homogenous as possible. iosplus a select best of breed Andriods. Lock-down, VPN, firewall and content filtering Full Disk Encryption VDI???? 38
39 BYOD Security Blueprint App Store Mobile Device Security Network Access Control Wireless Access Point Safe mobile device configurations Safe mobile device provisions Safe access channel for mobile device Guest Limited Full WIFI Security Change SSID Default Hide SSID Broadcast Strong Encryption WAP/WPA2 Strong Password (Wifi Router Admin) Enable Router Firewall Disable Auto Connect (option) 39
40 Network Access Control Strategy Contain = Permit some users to use some personally owned devices Embrace = Permit all users to use some personally owned devices Block = Prohibit all personally owned devices in workplace Disregard = Ignore the issue; do not establish any BYOD policies Mobile Device Security Security Level Security Criteria (Weak to Strong) 7 Air Gap 6 Geo Location Policy Enforcement 5 Mobile Device Encryption 4 Mobile Content Control 3 Mobile Device Lock Down 2 Sandbox, Container, Wrapper 1 Password Management 0 Do Nothing 40
41 Easy Mobile Security Lock code Lock when idle Complex password Remote wipe capability Device Encryption 41
Embracing Complete BYOD Security with MDM and NAC
Embracing Complete BYOD Security with MDM and NAC Clint Adams, CISSP, Director, Mobility Solutions Keith Glynn, CISSP, Sr. Technical Solutions Engineer August 22, 2013 Today s Speakers Clint Adams, CISSP
More informationSecurity Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0
Security Guide BlackBerry Enterprise Service 12 for ios, Android, and Windows Phone Version 12.0 Published: 2015-02-06 SWD-20150206130210406 Contents About this guide... 6 What is BES12?... 7 Key features
More informationBlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note
BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise
More informationSecuring BYOD With Network Access Control, a Case Study
Securing BYOD With Network Access Control, a Case Study 29 August 2012 ID:G00226207 Analyst(s): Lawrence Orans VIEW SUMMARY This Case Study highlights how an organization utilized NAC and mobile device
More informationBYOD: End-to-End Security
BYOD: End-to-End Security Alen Lo MBA(CUHK), BSc(HKU), CISA, CCP, CISSP, CISM, CEH IRCA Certified ISMS Lead Auditor, itsmf ISO 20000 Auditor Principal Consultant i-totalsecurity Consulting Limited alenlo@n2nsecurity.com
More informationChris Boykin VP of Professional Services
5/30/12 Chris Boykin VP of Professional Services Future Com! 20 years! Trusted Advisors! Best of brand partners! Brand name customers! 1000 s of solutions delivered!! 1 5/30/12 insight to the future, bringing
More informationiphone in Business Security Overview
iphone in Business Security Overview iphone can securely access corporate services and protect data on the device. It provides strong encryption for data in transmission, proven authentication methods
More informationDeploying iphone and ipad Security Overview
Deploying iphone and ipad Security Overview ios, the operating system at the core of iphone and ipad, is built upon layers of security. This enables iphone and ipad to securely access corporate services
More informationipad in Business Security
ipad in Business Security Device protection Strong passcodes Passcode expiration Passcode reuse history Maximum failed attempts Over-the-air passcode enforcement Progressive passcode timeout Data security
More information{ipad Security} for K-12. Understanding & Mitigating Risk. plantemoran.com
{ipad Security} plantemoran.com for K-12 Understanding & Mitigating Risk Plante Moran The ipad is in K-12. Since its debut in April 2010, the ipad has quickly become the most popular tablet, outselling
More informationForeScout MDM Enterprise
Highlights Features Automated real-time detection of mobile Seamless enrollment & installation of MDM agents on unmanaged Policy-based blocking of unauthorized Identify corporate vs. personal Identify
More informationThe ForeScout Difference
The ForeScout Difference Mobile Device Management (MDM) can help IT security managers secure mobile and the sensitive corporate data that is frequently stored on such. However, ForeScout delivers a complete
More informationEnsuring the security of your mobile business intelligence
IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive
More informationFeature List for Kaspersky Security for Mobile
Feature List for Kaspersky Security for Mobile Contents Overview... 2 Simplified Centralized Deployment... 2 Mobile Anti-Malware... 3 Anti-Theft / Content Security... Error! Bookmark not defined. Compliance
More informationEmbracing BYOD. Without Compromising Security or Compliance. Sheldon Hebert SVP Enterprise Accounts, Fixmo. Sheldon.Hebert@fixmo.
Embracing BYOD Without Compromising Security or Compliance The Mobile Risk Management Company Sheldon Hebert SVP Enterprise Accounts, Fixmo Sheldon.Hebert@fixmo.com New Realities of Enterprise Mobility
More informationBYOD Guidance: BlackBerry Secure Work Space
GOV.UK Guidance BYOD Guidance: BlackBerry Secure Work Space Published 17 February 2015 Contents 1. About this guidance 2. Summary of key risks 3. Secure Work Space components 4. Technical assessment 5.
More information[BRING YOUR OWN DEVICE POLICY]
2013 Orb Data Simon Barnes [BRING YOUR OWN DEVICE POLICY] This document specifies a sample BYOD policy for use with the Orb Data SaaS MDM service Contents 1 ACCEPTABLE USE... 3 1.1 GENERAL RULES... 3 2
More informationXperia TM. Read about how Xperia TM devices can be administered in a corporate IT environment
Xperia TM in Business Mobile Device Management Read about how Xperia TM devices can be administered in a corporate IT environment Device management clients Xperia TM T3 Exchange ActiveSync The my Xperia
More informationManaging ios Devices. Andrew Wellington Division of Information The Australian National University XW11
Managing ios Devices Andrew Wellington Division of Information The Australian National University About Me Mac OS X Systems Administrator Division of Information (Central IT) Mostly manage servers (about
More informationAPPENDIX B1 - FUNCTIONALITY AND INTEGRATION REQUIREMENTS RESPONSE FORM FOR A COUNTY HOSTED SOLUTION
APPENDIX B1 - FUNCTIONALITY AND INTEGRATION REQUIREMENTS RESPONSE FORM FOR A COUNTY HOSTED SOLUTION Response Code: Offeror should place the appropriate letter designation in the Availability column according
More informationMobile Device Management
1. Introduction Mobile Device Management This document introduces security risks with mobile devices, guidelines for managing the security of mobile devices in the Enterprise, strategies for mitigating
More informationMcAfee Enterprise Mobility Management
Technical FAQ McAfee Enterprise Mobility Management Frequently Asked Questions Device Management Q: Which devices do you currently support? A: McAfee Enterprise Mobility Management (McAfee EMM ) offers
More informationBlackBerry Enterprise Service 10. Universal Device Service Version: 10.2. Administration Guide
BlackBerry Enterprise Service 10 Universal Service Version: 10.2 Administration Guide Published: 2015-02-24 SWD-20150223125016631 Contents 1 Introduction...9 About this guide...10 What is BlackBerry
More informationHow To Manage A Mobile Device Management (Mdm) Solution
Mobile Device Management Buyers Guide IT departments should be perceived as the lubricant in the machine that powers an organization. BYOD is a great opportunity to make life easier for your users. But
More informationGuideline on Safe BYOD Management
CMSGu2014-01 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius Guideline on Safe BYOD Management National Computer Board Mauritius Version
More informationBYOD: BRING YOUR OWN DEVICE.
white paper BYOD: BRING YOUR OWN DEVICE. On-boarding and Securing Devices in Your Corporate Network Preparing Your Network to Meet Device Demand The proliferation of smartphones and tablets brings increased
More informationSecure, Centralized, Simple
Whitepaper Secure, Centralized, Simple Multi-platform Enterprise Mobility Management 2 Controlling it all from one place BlackBerry Enterprise Service 10 (BES10) is a unified, multi-platform, device, application,
More informationMobile First Government
Mobile First Government An analysis of NIST and DISA requirements for the adoption of commercially available mobility platforms by government agencies August 2013 415 East Middlefield Road Mountain View,
More informationBYOD: Should Convenience Trump Security? Francis Tam, Partner Kevin Villanueva, Senior Manager
BYOD: Should Convenience Trump Security? Francis Tam, Partner Kevin Villanueva, Senior Manager 1 AGENDA Mobile Explosion Mobile Trends BYOD Benefits, Challenges and Threats BYOD Security BYOD Strategy
More informationCisco Mobile Collaboration Management Service
Cisco Mobile Collaboration Management Service Cisco Collaboration Services Business is increasingly taking place on both personal and company-provided smartphones and tablets. As a result, IT leaders are
More informationBuilding A Secure Microsoft Exchange Continuity Appliance
Building A Secure Microsoft Exchange Continuity Appliance Teneros, Inc. 215 Castro Street, 3rd Floor Mountain View, California 94041-1203 USA p 650.641.7400 f 650.641.7401 ON AVAILABLE ACCESSIBLE Building
More informationiphone in Business Mobile Device Management
19 iphone in Business Mobile Device Management iphone supports Mobile Device Management, giving businesses the ability to manage scaled deployments of iphone across their organizations. These Mobile Device
More informationKaspersky Security for Mobile
Kaspersky Security for Mobile See. Control. Protect. MOVING TARGETS Mobile devices play a key role in connectivity and productivity. But they also introduce new risks to the business: in the past 12 months
More informationPMDP is simple to set up, start using, and maintain
Product Datasheet IBELEM, SA ITS Group - 5, boulevard des Bouvets 92741 Nanterre Cedex - FRANCE Tel: +33(0)1.55.17.45.75 Fax: +33(0)1.73.72.34.08 - www.ibelem.com - info@ibelem.com PMDP is simple to set
More informationSuccessful Mobile Deployments Require Robust Security
By: Maribel D. Lopez FIRMS MUST BUILD SECURITY ENABLED MOBILITY Mobility is no longer considered a luxury within enterprise but a critical part of a networking strategy as 9irms look to increase productivity
More informationWrapping Your Arms Around Mobile Security in the Enterprise Nathan King, Senior Manager, IT Security Systems United Airlines
Wrapping Your Arms Around Mobile Security in the Enterprise Nathan King, Senior Manager, IT Security Systems United Airlines May 2013 Choosing a Mobile Device Had to pass FAA Device Security Hardware
More informationHow To Manage A Corporate Device Ownership (Byod) On A Corporate Network (For Employees) On An Iphone Or Ipad Or Ipa (For Non-Usenet) On Your Personal Device
Empowering BYOD and Mobile Security in the Enterprise Jeff Baum, APAC Managing Director Growth of Mobile Mobile worker population will reach 1.3 Billion in 2015 Source: IDC Worldwide Mobile Worker Population
More informationFileCloud Security FAQ
is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file
More informationWorkplace-as-a-Service BYOD Management
For companies with people in them Workplace-as-a-Service BYOD Management Solution Overview The BYOD Management solution provides customers with IT tools and services to deploy a Workplace-as-a-Service
More informationSecure Your Mobile Workplace
Secure Your Mobile Workplace Sunny Leung Senior System Engineer Symantec 3th Dec, 2013 1 Agenda 1. The Threats 2. The Protection 3. Q&A 2 The Mobile Workplaces The Threats 4 Targeted Attacks up 42% in
More informationApps. Devices. Users. Data. Deploying and managing applications across platforms is difficult.
Users Devices Apps Data Users expect to be able to work in any location and have access to all their work resources. The explosion of devices is eroding the standards-based approach to corporate IT. Deploying
More informationONE DEVICE TO RULE THEM ALL! AUDITING MOBILE DEVICES / BYOD NSAA IT CONFERENCE OCTOBER 2, 2014
ONE DEVICE TO RULE THEM ALL! 1993 2013 1 AUDITING MOBILE DEVICES / BYOD NSAA IT CONFERENCE OCTOBER 2, 2014 2 1 AGENDA Mobile Devices / Smart Devices Implementation Models Risks & Threats Audit Program
More informationBen Hall Technical Pre-Sales Manager
Ben Hall Technical Pre-Sales Manager LANDESK MDM Solutions Mobility Manager (MDM in the Cloud) Secure User Management Suite with CSA LetMobile (Secure Mobile Email) Core MDM Functionality MDM Functionality
More informationios Security Decoded Dave Test Classroom and Lab Computing Penn State ITS Feedback - http://j.mp/psumac33
ios Security Decoded Dave Test Classroom and Lab Computing Penn State ITS Feedback - http://j.mp/psumac33 Why care about ios Security? 800M 800 million ios devices activated 130 million in last year 98%
More informationios Enterprise Deployment Overview
ios Enterprise Deployment Overview ios devices such as ipad and iphone can transform your business. They can significantly boost productivity and give your employees the freedom and flexibility to work
More informationSecuring Patient Data in Today s Mobilized Healthcare Industry. A Good Technology Whitepaper
Securing Patient Data in Today s Mobilized Healthcare Industry Securing Patient Data in Today s Mobilized Healthcare Industry 866-7-BE-GOOD good.com 2 Contents Executive Summary The Role of Smartphones
More informationAdministration Guide. BlackBerry Enterprise Service 12. Version 12.0
Administration Guide BlackBerry Enterprise Service 12 Version 12.0 Published: 2015-01-16 SWD-20150116150104141 Contents Introduction... 9 About this guide...10 What is BES12?...11 Key features of BES12...
More information1. What are the System Requirements for using the MaaS360 for Exchange ActiveSync solution?
MaaS360 FAQs This guide is meant to help answer some of the initial frequently asked questions businesses ask as they try to figure out the who, what, when, why and how of managing their smartphone devices,
More informationData Loss Prevention Whitepaper. When Mobile Device Management Isn t Enough. Your Device Here. Good supports hundreds of devices.
Data Loss Prevention Whitepaper When Mobile Device Management Isn t Enough Your Device Here. Good supports hundreds of devices. Contents Shifting Security Landscapes 3 Security Challenges to Enterprise
More informationHow To Protect Your Mobile Devices From Security Threats
Back to the Future: Securing your Unwired Enterprise By Manoj Kumar Kunta, Global Practice Leader - Security Back to the Future: Securing your Unwired Enterprise The advent of smartphones and tablets has
More informationHow To Use A Microsoft Mobile Security Software For A Corporate Account On A Mobile Device
Technical FAQ McAfee Enterprise Mobility Management (McAfee EMM ) 12.0 Frequently Asked Questions Q. What types of mobile devices does McAfee Enterprise Mobility Management (McAfee EMM ) support? A. McAfee
More informationArchitecture and Data Flow Overview. BlackBerry Enterprise Service 10 721-08877-123 Version: 10.2. Quick Reference
Architecture and Data Flow Overview BlackBerry Enterprise Service 10 721-08877-123 Version: Quick Reference Published: 2013-11-28 SWD-20131128130321045 Contents Key components of BlackBerry Enterprise
More informationWindows Phone 8.1 in the Enterprise
Windows Phone 8.1 in the Enterprise Version 1.4 MobileIron 415 East Middlefield Road Mountain View, CA 94043 USA Tel. +1.650.919.8100 Fax +1.650.919.8006 info@mobileiron.com Introduction 3 Why Windows
More informationIBM United States Software Announcement 215-078, dated February 3, 2015
IBM United States Software Announcement 215-078, dated February 3, 2015 solutions provide a comprehensive, secure, and cloud-based enterprise mobility management platform to protect your devices, apps,
More informationThe User is Evolving. July 12, 2011
McAfee Enterprise Mobility Management Securing Mobile Applications An overview for MEEC The User is Evolving 2 The User is Evolving 3 IT s Challenge with Mobile Devices Web 2.0, Apps 2.0, Mobility 2.0
More informationAnswers to these questions will determine which mobile device types and operating systems can be allowed to access enterprise data.
Mobility options and landscapes are evolving quickly for the corporate enterprise. Mobile platform providers such as Apple, Google and Microsoft, and leading device hardware vendors are constantly updating
More informationWhen enterprise mobility strategies are discussed, security is usually one of the first topics
Acronis 2002-2014 Introduction When enterprise mobility strategies are discussed, security is usually one of the first topics on the table. So it should come as no surprise that Acronis Access Advanced
More informationDeploying iphone and ipad Mobile Device Management
Deploying iphone and ipad Mobile Device Management ios supports Mobile Device Management (MDM), giving businesses the ability to manage scaled deployments of iphone and ipad across their organizations.
More informationAddressing NIST and DOD Requirements for Mobile Device Management (MDM) Essential Capabilities for Secure Mobility. www.maas360.
MaaS360.com > White Paper Addressing NIST and DOD Requirements for Mobile Device Management (MDM) Essential Capabilities for Secure Mobility www.maas360.com 1 Copyright 2014 Fiberlink Communications Corporation.
More informationCOMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING
COMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING INFORMATION TECHNOLOGY STANDARD Name Of Standard: Mobile Device Standard Domain: Security Date Issued: 09/07/2012 Date Revised:
More informationZenprise Device Manager 6.1.5
Zenprise Device Manager 6.1.5 CLIENT GUIDE Rev 6.1.50 Introduction 2 ZENPRISE DEVICE MANAGER 6.1 CLIENT GUIDE 2011 Zenprise, Inc. All rights reserved. This manual, as well as the software described in
More informationSECURING TODAY S MOBILE WORKFORCE
WHITE PAPER SECURING TODAY S MOBILE WORKFORCE Connect, Secure, and Manage Mobile Devices and Users with Junos Pulse and the Junos Pulse Mobile Security Suite Copyright 2011, Juniper Networks, Inc. Table
More informationMobile Security: The good, the bad, the way forward
Mobile Security: The good, the bad, the way forward Get the most out of HP s Mobility Protection Services Jan De Clercq, Felix Martin, HP TC, December, 2013 Today s Presenter Name Jan De Clercq Title &
More informationBring Your Own Device:
Bring Your Own Device: Finding the perfect balance between Security, Performance, Flexibility & Manageability SECURELINK WHITEPAPER 2012 By Frank Staut Management summary This white paper discusses some
More informationSamsung Mobile Security
Samsung Mobile Security offering enhanced core capabilities for enterprise mobility Samsung Enterprise Mobility Enterprise-ready Mobility management for your business Samsung Mobile Security offers enterprise
More informationWICKSoft Mobile Documents for the BlackBerry Security white paper mobile document access for the Enterprise
WICKSoft Mobile Documents for the BlackBerry Security white paper mobile document access for the Enterprise WICKSoft Corporation http://www.wicksoft.com Copyright WICKSoft 2007. WICKSoft Mobile Documents
More informationipad in Business Mobile Device Management
ipad in Business Mobile Device Management ipad supports Mobile Device Management, giving businesses the ability to manage scaled deployments of ipad across their organizations. These Mobile Device Management
More informationMcAfee Enterprise Mobility Management Versus Microsoft Exchange ActiveSync
McAfee Enterprise Mobility Management Versus Microsoft Secure, easy, and scalable mobile device management Table of Contents What Can Do? 3 The smartphone revolution is sweeping the enterprise 3 Can enterprises
More informationDell Bring Your Own Device
Dell Bring Your Own Device 2 easy steps to secure BYOD/PC Jason Moody Jason_Moody@Software.Dell.com The trend: Of BYOD very large businesses said securing corporate data on mobile devices was their most
More informationSystems Manager Cloud Based Mobile Device Management
Datasheet Systems Manager Systems Manager Cloud Based Mobile Device Management Overview Meraki Systems Manager provides cloud-based over-the-air centralized management, diagnostics, and monitoring of the
More informationXperia TM. Read about how Xperia TM devices can be administered in a corporate IT environment
peria TM in Business Mobile Device Management Read about how peria TM devices can be administered in a corporate IT environment Device management clients March 2015 Exchange ActiveSync The my peria service
More informationSymantec Mobile Management Suite
Symantec Mobile Management Suite One Solution For All Enterprise Mobility Needs Data Sheet: Mobile Security and Management Introduction Most enterprises have multiple mobile initiatives spread across the
More informationDid you know your security solution can help with PCI compliance too?
Did you know your security solution can help with PCI compliance too? High-profile data losses have led to increasingly complex and evolving regulations. Any organization or retailer that accepts payment
More informationAndroid Security. Device Management and Security. by Stephan Linzner & Benjamin Reimold
Android Security Device Management and Security by Stephan Linzner & Benjamin Reimold Introducing Stephan Linzner Benjamin Reimold Consultant, Software Engineer Mobile Developer Founder of Stuttgart GTUG
More informationHow To Write A Mobile Device Policy
BYOD Policy Implementation Guide BYOD Three simple steps to legally secure and manage employee-owned devices within a corporate environment We won t bore you with the typical overview that speaks to the
More informationConfiguration Guide. BlackBerry Enterprise Service 12. Version 12.0
Configuration Guide BlackBerry Enterprise Service 12 Version 12.0 Published: 2014-12-19 SWD-20141219132902639 Contents Introduction... 7 About this guide...7 What is BES12?...7 Key features of BES12...
More informationIntegrating Cisco ISE with GO!Enterprise MDM Quick Start
Integrating Cisco ISE with GO!Enterprise MDM Quick Start GO!Enterprise MDM Version 3.x Overview 1 Table of Contents Overview 3 Getting GO!Enterprise MDM Ready for ISE 5 Grant ISE Access to the GO!Enterprise
More informationCourse: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems
Course: Information Security Management in e-governance Day 1 Session 5: Securing Data and Operating systems Agenda Introduction to information, data and database systems Information security risks surrounding
More informationNetwork and Device Level Mobile Security Controls IT Considera-ons in the BYOD Era
Network and Device Level Mobile Security Controls IT Considera-ons in the BYOD Era Sco$ Gordon CISSP- ISSMP Vice President, ForeScout June 14, 2012 2012 ForeScout, Page 1 Bring Your Own Device BYOD Many
More informationSecurity Technical. Overview. BlackBerry Enterprise Service 10. BlackBerry Device Service Solution Version: 10.2
BlackBerry Enterprise Service 10 BlackBerry Device Service Solution Version: 10.2 Security Technical Overview Published: 2014-09-10 SWD-20140908123239883 Contents 1 About BlackBerry Device Service solution
More informationAddressing NIST and DOD Requirements for Mobile Device Management
Addressing NIST and DOD Requirements for Mobile Device Management Whitepaper 2013 ForeScout Technologies, Inc. All rights reserved. Call Toll-Free: 1.866.377.8771 www.forescout.com Contents 1. OVERVIEW
More informationHands on, field experiences with BYOD. BYOD Seminar
Hands on, field experiences with BYOD. BYOD Seminar Brussel, 25 september 2012 Agenda Challenges RIsks Strategy Before We Begin Thom Schiltmans Deloitte Risk Services Security & Privacy Amstelveen tschiltmans@deloitte.nl
More informationBYOD @ Stefan Dürnberger. Consulting Systems Engineer Cisco Deutschland. sduernbe@cisco.com. Co-Author Bitkom Leitfaden BYOD
BYOD @ Stefan Dürnberger Consulting Systems Engineer Cisco Deutschland sduernbe@cisco.com CCIE Security #16458 Co-Author Bitkom Leitfaden BYOD http://www.bitkom.org/files/documents/20130404_lf_byod_2013_v2.pdf
More informationiphone in Business How-To Setup Guide for Users
iphone in Business How-To Setup Guide for Users iphone is ready for business. It supports Microsoft Exchange ActiveSync, as well as standards-based services, delivering email, calendars, and contacts over
More informationConfiguration Guide BES12. Version 12.2
Configuration Guide BES12 Version 12.2 Published: 2015-07-07 SWD-20150630131852557 Contents About this guide... 8 Getting started... 9 Administrator permissions you need to configure BES12... 9 Obtaining
More informationWhite Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0
White Paper Enterprise File Serving 2.0 Anywhere, Any Device File Access with IT in Control Like it or not, cloud- based file sharing services have opened up a new world of mobile file access and collaborative
More informationIbrahim Yusuf Presales Engineer at Sophos ibz@sophos.com. Smartphones and BYOD: what are the risks and how do you manage them?
Ibrahim Yusuf Presales Engineer at Sophos ibz@sophos.com Smartphones and BYOD: what are the risks and how do you manage them? Tablets on the rise 2 Diverse 3 The Changing Mobile World Powerful devices
More informationMECS: Mobile Enterprise Compliance and Security Server
MECS: Mobile Enterprise Compliance and Security Server Mobile Active Defense locks down, secures and puts your iphones, ipads, Androids, other smartphones and tablets into regulatory compliance. By employing
More informationLabTech Mobile Device Management Overview
You are here: Using LabTech > Mobile Device Management > Mobile Device Management Overview LabTech Mobile Device Management Overview Features LabTech mobile device management (MDM) is a fully integrated
More informationDeploy secure, corporate access for mobile device users with the Junos Pulse Mobile Security Suite
WHITE PAPER Mobile Device Security in the Enterprise Deploy secure, corporate access for mobile device users with the Junos Pulse Mobile Security Suite Copyright 2010, Juniper Networks, Inc. Table of Contents
More informationSecuring mobile devices in the business environment
IBM Global Technology Services Thought Leadership White Paper October 2011 Securing mobile devices in the business environment By I-Lung Kao, Global Strategist, IBM Security Services 2 Securing mobile
More informationProtecting Criminal Justice Information: Achieving CJIS Compliance on Mobile Devices
Protecting Criminal Justice Information: Achieving CJIS Compliance on Mobile Devices Protecting Criminal Justice Information: Achieving CJIS Compliance on Mobile Devices It s common today for law enforcement
More informationMobile Security & BYOD Policy
Mobile Security & BYOD Policy Sarkis Daglian Assistant Manager, Desktop Support Office of Information Technology Isaac Straley UCI Information Security Officer Office of Information Technology Speakers
More informationSecurity Considerations for Enterprise Mobility / BYOD
Security Considerations for Enterprise Mobility / BYOD Scott Gordon (CISSP-ISSMP) Vice President ForeScout Technologies January, 2013 2013 ForeScout Technologies, Page 1 Framing Enterprise Mobility and
More informationEnsuring the security of your mobile business intelligence
IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive
More informationMobility Challenges & Trends The Financial Services Point Of View
Mobility Challenges & Trends The Financial Services Point Of View Nikos Theodosiou Cloud Computing Solutions Presales/Marketing Engineer The New World Agenda The Mobile World The Challenges The Solutions
More informationTroubleshooting BlackBerry Enterprise Service 10 version 10.1.1 726-08745-123. Instructor Manual
Troubleshooting BlackBerry Enterprise Service 10 version 10.1.1 726-08745-123 Instructor Manual Published: 2013-07-02 SWD-20130702091645092 Contents Advance preparation...7 Required materials...7 Topics
More informationEnd User Devices Security Guidance: Apple OS X 10.10
GOV.UK Guidance End User Devices Security Guidance: Apple OS X 10.10 Published Contents 1. Changes since previous guidance 2. Usage scenario 3. Summary of platform security 4. How the platform can best
More informationSecure Your Mobile Device Access with Cisco BYOD Solutions
Solution Overview Secure Your Mobile Device Access with Cisco BYOD Solutions BENEFITS The Cisco Meraki solution (cloud managed) and Cisco BYOD Solution (on-premises management) help you secure multiple
More informationCortado Corporate Server
Cortado Corporate Server 100 % On Premise Installed & Run Entirely On Your Corporate Network Feature Mobile Device Device Policy Application E-mail Push Wi-Fi Configuration Push Enable secure BYOD and
More information