The Workplace of the Future and Mobile Device Risk ISACA Pittsburgh. May 20 th, 2013

Size: px
Start display at page:

Download "The Workplace of the Future and Mobile Device Risk ISACA Pittsburgh. May 20 th, 2013"

Transcription

1 The Workplace of the Future and Mobile Device Risk ISACA Pittsburgh May 20 th, 2013

2 Companies are leveraging mobile computing today Three major consumption models: 1. Improving productivity Improving employee productivity by extending reach of existing apps. Ex. mobile timesheets 2. Enabling employees Enabling employees via new or more efficient business processes. Ex. mobile field support, mobile CRM. 3. Enabling new business Targeting new markets or offering clients new products/services. Ex mobile commerce apps. Transform infrastructure by changing application delivery method. Arming your people with the best tools to increase productivity. Deliver a new service, or existing service to a new market. [2] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

3 The future mobile workplace will be driven by an empowered employee Work will be done by open, interconnected, global communities where knowledge is collective and accessible The workforce will be more mobile, flexible, agile, and adaptable to the changing business needs The tools of work will be easy to use, seamless and always available The Old World: Corporate Owned Device The New World: Employee Owned Device Anytime Anywhere Any Connection Any Trusted Device [3] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

4 Mobile nirvana? Make getting work done easier by empowering the employee Any Trusted Device Public Private Any Connection Access to the Information they Need Anytime Anywhere Enablement Platforms Cloud IT Apps [4] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

5 The big picture the mobile security risk surface Devices Jailbreak or rooting NFC/Bluetooth exploits Privacy legislation Industry regulations Cloud Service Theft and Data Extraction Social Engineering Apps Malware Data Leakage Unencrypted Local Storage Application Vulnerabilities Unencrypted data in transit Third party data leakage Insecure service configuration External Unsecure MDM Configuration Application Vulnerabilities Insecure Services Internal Mobile Device Management Enterprise Mobile Applications Private Cloud / Services [5] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

6 How can your organization strike a balance between risk and reward? Employee view: Corporate devices are oldfashioned Many employees already own as their personal device and bring to work Some C-level executives may already be using one for business as a special request Arguments for increased innovation, flexibility and productivity I want one for work too! Enterprise view: Devices built for the consumer market Concern regarding device management, security, scalability and data protection Impact on meeting regulatory compliance obligations What happens if we don t support? Is it secure and reliable enough for handling corporate information? [6] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

7 There is no one size fits all solution; instead, organizations should focus on addressing risk within four core areas Area 1 Securing mobile devices Goal Ensure that lost and stolen devices are handled securely, and that access to data is protected 2 Addressing application risk Minimize risk of malware and insecure mobile apps affecting the organization s data 3 Managing the mobile environment Address risk tied to enrollment, deprovisioning, patching and monitoring 4 Addressing governance and compliance Proactively handle regulatory risk tied to industry regulations and in-country privacy legislation [7] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

8 Securing mobile devices [8] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

9 The greatest mobile risk is still device loss/theft but the risks are shifting as a function of new usage scenarios Mobile device loss Lost device recovery rate Finder voyeurism Employee data access More data/access + more devices + more theft/loss = Increased risk [9] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

10 The evolution of threats Device security controls should be tailored based on mobile use cases and threats [10] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

11 8 steps to secure your devices 1. Evaluate current and future usage scenarios 2. Invest in a MDM solution 3. Enforce the Big 4 security policies as a minimum 4. Set a device security baseline 5. Layer the infrastructure 6. Consider more stringent access controls to critical business apps 7. Monitor usage and access 8. Amend the organization s awareness program The Big 4 Device encryption PIN Wipe after 10 failed PIN attempts Remote wipe [11] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

12 Addressing application risk [12] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

13 Mobile banking malware in the wild: Sophisticated malware modus operandi Malware sample: Eurograbber Victim clicks on a link sent via spam or available on a malicious website Victim downloads malware to desktop. Malware waits until user begins banking session The bank implements two factor authentication. To complete a transaction, a transaction authorization number (TAN) is needed. TAN is sent to end-users via SMS Malware creates fake pages during the session requesting user to install a security upgrade. The link to this upgrade is sent via SMS Victim clicks on the upgrade link and installs mobile malware. This malware now waits for the user to receive a TAN number Malware intercepts the TAN number and processes transactions [13] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

14 5 steps to counter application risk 1. Protect malware-prone mobile operating systems with antivirus 2. Ensure your secure development lifecycle contains security processes to cover mobile application development 3. Manage applications through an in-house app store, and monitor external apps 4. Proactively bring in or develop services that enables data sharing between devices 5. Continually assess the need for apps to increase productivity and security [14] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

15 Managing the mobile environment [15] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

16 Failing to handle the management issue will ensure ballooning risk 3000 devices ios Android Mobile operating system distribution [16] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

17 Mobile Device Management (MDM) is a first step for risk mitigation in diverse mobile deployments Without MDM With MDM Limited security controls Consistent controls Inability to securely wipe devices Secure, confirmed remote wipe No application management No way to restrict devices based on security settings Compartmentalization and app management Restrict based on policy Hard to control enrollment / deprovisioning Control enrollment and deprovisioning Limited manageability Better manageability Difficult to manage devices Little or no control over device status Easier to manage and support diverse devices Better control over device status Doesn t scale Scales to many types of devices [17] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

18 6 Steps to securely manage mobile devices 1. Create a cross-functional mobile working group and a mobile strategy 2. Create a BYOD policy (if applicable) and invest in a MDM 3. Re-vamp existing support processes 4. Create a patch education process to encourage users to update their mobile devices 5. Monitor deviations from security baseline 6. Implement a wiki/knowledge base employee self-service support solution [18] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

19 Addressing governance and compliance [19] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

20 Mobile deployments must account for global privacy regulation (and surveillance) risks Relevant U.S. / international regulations: PCI-DSS recently published on BYOD HIPAA HITECH refers to NIST standards, but will likely change FINRA SOX Core EU privacy concepts: Privacy governance Data protection Monitoring (privacy at work) Breach investigation and notification Right to be forgotten and erasure Data ownership and recovery The trend is for more specific regulation around mobile data protection to be released [20] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

21 5 steps to handle regulatory/compliance risk 1. Engage legal and HR in the respective countries where devices are to be supported 2. Create tiered policies per geographical segment 3. Ensure that local management has the right processes in place to support the policy 4. Monitor and revise policies regularly 5. Segment business environments and data from personal employee data as much as possible [21] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

22 Using these four areas to scope your audit will help you focus on the right risks 1 2 Securing mobile devices Addressing application risk 3 Mobile audit scope 4 Managing the mobile environment Addressing governance and compliance [22] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

23 Questions? [23] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

24 Ernst & Young contacts Paul Chabot Senior Manager IT Transformation San Francisco, CA Michael Janosko Senior Manager, Advanced Security Center New York, NY Carsten Maartmann-Moe Manager, Advanced Security Center New York, NY carsten [24] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

25 BYOD pitfalls and leading practices [25] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

26 BYOD Strategy Pitfalls and leading practices when developing your BYOD strategy Scope Pitfalls Leading Practices User segments Device Certification One size fits all strategy Considering only currently available devices Analyze the requirements of different user types and define user segments Keep the number of segments manageable to reduce the complexity of your BYOD strategy Consider long-term plans to use mobile enterprise applications as part of your usage scenarios New devices are introduced into the market every 3-6 months The certification process must be ongoing and continually evolving IT must become an expert on device and operating system evolution [26] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

27 BYOD Strategy Scope Pitfalls Leading Practices Mobile TCO Cost savings Usage Variation Ignoring TCO and expected benefits can result in a very costly BYOD solution. Ignoring regional or internation al diversity Develop a business case Quantify the expected BYOD benefits. - Don t focus only on cost savings as costs will likely increase by 7-10% - Focus on increased employee productivity and satisfaction Multi-national firms should consider the impact of device availability, usage habits, provider capabilities on use cases for different user types [27] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

28 BYOD Design Pitfalls and leading practices when developing your BYOD solution Scope Pitfalls Leading Practices Policy BYOD Program Describing technical standards that users do not understand or focusing on what is not allowed Treating BYOD as a one time project and not considering ongoing operations Create a BYOD policy that is easy to understand Augment the policy with education and communications so users understand their options and can better select devices to meet their needs This will improve adoption, increases satisfaction, and decreases support calls Define processes and allocate sufficient resources to support ongoing operations and mature the BYOD program Support continuous improvement of policies and solutions to maintain a positive end-to-end experience and continue to realize BYOD benefits Establish a team that can monitor and evaluate new technology Maintain relationships with device and technology providers [28] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

29 BYOD Design Scope Pitfalls Leading Practices Mobile risk and cost Regulatory risk Policy design BYOD exposes company to security and regulatory risks Trying to design a policy that covers all possible scenarios Design BYOD strategy with both security and regulatory compliance in mind Plan for security monitoring and regular testing of devices and infrastructure Consider in-country data requirements Establishing a governing body and processes for ruling on the inevitable exceptions to the policy Devise a policy with a dimension of Ownership where personal and corporate data each have different sets of policies for security, privacy, and apps [29] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

30 BYOD Deployment Pitfalls and leading practices when deploying BYOD in your organization Scope Pitfalls Leading Practices Employee communication Resistance to change Big bang deployment Creating a negative perception that BYOD is designed to shift the cost burden to the employee Not involving key stakeholders early Neglecting to test the waters with a pilot before doing a more extensive rollout Don t underestimate the required communication and change management- validate that communications are working and adjust your plans as necessary Be ultimately accountable for providing a positive end-to-end user experience Educate employees on mobile data security, scams, phishing schemes, etc By engaging key stakeholders early, you will ultimately overcome resistance to change Have representation from: Executives, HR, Support, Finance, Legal and User groups/segments to ensure concerns are addressed during design Perform a pilot before doing a more extensive roll out Capture lessons learned and adjust you BYOD solution and deployment plans to increase adoption and user satisfaction Identify early adopters that can become champions the greater deployment [30] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

31 BYOD Deployment Scope Pitfalls Leading Practices Mobile support Measured benefit Support costs Not monitoring adoption and usage Ballooning support costs Establish success metrics and targets as part of the deployment plan: Adoption metrics (#devices, #user, data usage) Benefit realization metrics (user satisfaction, employee productivity, cost/user) Make sure your support model makes extensive use of: Self help - web help, FAQs, support workflow automation Community support use social technology to enable peer support, leverage early adopter champions [31] ISACA Pittsburgh - The Workplace of the Future and Mobile Device Risk

Mobile computing. Does your organisation have any safe options? The better the question. The better the answer. The better the world works.

Mobile computing. Does your organisation have any safe options? The better the question. The better the answer. The better the world works. Mobile computing Does your organisation have any safe options? The better the question. The better the answer. The better the world works. The big picture The mobile security risk surface Devices Jailbreak

More information

Enterprise Mobility & BYOD: Four Biggest Challenges And How to Solve Them WHITE PAPER

Enterprise Mobility & BYOD: Four Biggest Challenges And How to Solve Them WHITE PAPER Enterprise Mobility & BYOD: Four Biggest Challenges And How to Solve Them WHITE PAPER WHITE PAPER 2 Enterprise Mobility & BYOD: Four Biggest Challenges And How to Solve Them Business success is highly

More information

A number of factors contribute to the diminished regard for security:

A number of factors contribute to the diminished regard for security: TrendLabs Enterprises cite security as their number one concern with regard to consumerization. During the actual execution of a consumerization strategy, however, IT groups find that the increasing demand

More information

Symantec Mobile Management 7.2

Symantec Mobile Management 7.2 Scalable, secure, and integrated device management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any previous technology

More information

BYOD Policy Implementation Guide. BYOD Three simple steps to legally secure and manage employee-owned devices within a corporate environment

BYOD Policy Implementation Guide. BYOD Three simple steps to legally secure and manage employee-owned devices within a corporate environment BYOD Policy Implementation Guide BYOD Three simple steps to legally secure and manage employee-owned devices within a corporate environment We won t bore you with the typical overview that speaks to the

More information

White Paper. Data Security. The Top Threat Facing Enterprises Today

White Paper. Data Security. The Top Threat Facing Enterprises Today White Paper Data Security The Top Threat Facing Enterprises Today CONTENTS Introduction Vulnerabilities of Mobile Devices Alarming State of Mobile Insecurity Security Best Practices What if a Device is

More information

BYOD. and Mobile Device Security. Shirley Erp, CISSP CISA November 28, 2012

BYOD. and Mobile Device Security. Shirley Erp, CISSP CISA November 28, 2012 BYOD and Mobile Device Security Shirley Erp, CISSP CISA November 28, 2012 Session is currently being recorded, and will be available on our website at http://www.utsystem.edu/compliance/swcacademy.html.

More information

Cisco Mobile Collaboration Management Service

Cisco Mobile Collaboration Management Service Cisco Mobile Collaboration Management Service Cisco Collaboration Services Business is increasingly taking place on both personal and company-provided smartphones and tablets. As a result, IT leaders are

More information

A number of factors contribute to the diminished regard for security:

A number of factors contribute to the diminished regard for security: TrendLabs Enterprises cite security as their number one concern with regard to consumerization. During the actual execution of a consumerization strategy, however, IT groups find that the increasing demand

More information

Elevation of Mobile Security Risks in the Enterprise Threat Landscape

Elevation of Mobile Security Risks in the Enterprise Threat Landscape March 2014, HAPPIEST MINDS TECHNOLOGIES Elevation of Mobile Security Risks in the Enterprise Threat Landscape Author Khaleel Syed 1 Copyright Information This document is an exclusive property of Happiest

More information

SECURITY OF HANDHELD DEVICES TAKE CONTROL OF THE MOBILE DEVICE

SECURITY OF HANDHELD DEVICES TAKE CONTROL OF THE MOBILE DEVICE SECURITY OF HANDHELD DEVICES TAKE CONTROL OF THE MOBILE DEVICE Michael CLICK TO Albek EDIT MASTER - SecureDevice SUBTITLE STYLE 2011 Driven by changing trends and increasing globalization, the needs of

More information

Mobile Protection. Driving Productivity Without Compromising Protection. Brian Duckering. Mobile Trend Marketing

Mobile Protection. Driving Productivity Without Compromising Protection. Brian Duckering. Mobile Trend Marketing Driving Productivity Without Compromising Protection Brian Duckering Mobile Trend Marketing Mobile Device Explosion Paves Way for BYOD 39% 69% 340% 2,170% 2010 177M corp PCs 2015 246M corp PCs 2010 173

More information

Hands on, field experiences with BYOD. BYOD Seminar

Hands on, field experiences with BYOD. BYOD Seminar Hands on, field experiences with BYOD. BYOD Seminar Brussel, 25 september 2012 Agenda Challenges RIsks Strategy Before We Begin Thom Schiltmans Deloitte Risk Services Security & Privacy Amstelveen tschiltmans@deloitte.nl

More information

Symantec Mobile Management 7.2

Symantec Mobile Management 7.2 Scalable, secure, and integrated device management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any previous technology

More information

Symantec Mobile Management 7.1

Symantec Mobile Management 7.1 Scalable, secure, and integrated device management for healthcare Data Sheet: Industry Perspectives Healthcare Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any

More information

AirWatch Solution Overview

AirWatch Solution Overview AirWatch Solution Overview Marenza Altieri-Douglas - AirWatch Massimiliano Moschini Brand Specialist Itway 2014 VMware Inc. All rights reserved. Cloud Computing 2 BYOD 3 Device aziendali? 4 From Client/Server

More information

Mobile Device Management Buyers Guide

Mobile Device Management Buyers Guide Mobile Device Management Buyers Guide IT departments should be perceived as the lubricant in the machine that powers an organization. BYOD is a great opportunity to make life easier for your users. But

More information

EOH Cloud Mobile Device Management. EOH Cloud Services - EOH Cloud Mobile Device Management

EOH Cloud Mobile Device Management. EOH Cloud Services - EOH Cloud Mobile Device Management EOH Cloud EOH Cloud Services - EOH Cloud Page 1 EOH Mobile Device Management Manage a fleet of diverse mobile devices, support new secure mobile workflows and effectively distribute apps. The evolving

More information

Security and Compliance challenges in Mobile environment

Security and Compliance challenges in Mobile environment Security and Compliance challenges in Mobile environment Emerging Technologies November 19, 2013 Bob Bastani Introductions Bob Bastani, Security & Compliance Program Manager, IBM, 301-803-6078, bbastani@us.ibm.com

More information

BYOD Guidelines A practical guide for implementing a successful BYOD Management program in an organization of any size.

BYOD Guidelines A practical guide for implementing a successful BYOD Management program in an organization of any size. April 2014 BYOD Guidelines A practical guide for implementing a successful BYOD Management program in an organization of any size. Bring your own device (BYOD) refers to the policy of permitting employees

More information

Data Protection Act 1998. Bring your own device (BYOD)

Data Protection Act 1998. Bring your own device (BYOD) Data Protection Act 1998 Bring your own device (BYOD) Contents Introduction... 3 Overview... 3 What the DPA says... 3 What is BYOD?... 4 What are the risks?... 4 What are the benefits?... 5 What to consider?...

More information

Cyber Security in the Mobile Era KEEPING ENTERPRISE DATA SAFE IN THE BYOD ERA.

Cyber Security in the Mobile Era KEEPING ENTERPRISE DATA SAFE IN THE BYOD ERA. Cyber Security in the Mobile Era KEEPING ENTERPRISE DATA SAFE IN THE BYOD ERA. What is Mobile Security? Mobile security is the protection of both personal and business information stored on and transmitted

More information

Best Practices for a BYOD World

Best Practices for a BYOD World Face Today s Threats Head-On: Best Practices for a BYOD World Chris Vernon CISSP, VTSP Security Specialist Agenda Mobile Threats Overview 2013 State of Mobility Survey Canada BYOD Best Practices 2 Mobile

More information

BYOD Strategies: Chapter I

BYOD Strategies: Chapter I Building Bring-Your-Own-Device (BYOD) Strategies This is the first part in a series designed to help organizations develop their BYOD (bring-your-own-device) strategies for personally-owned smartphones

More information

Data Security Best Practices & Reasonable Methods

Data Security Best Practices & Reasonable Methods Data Security Best Practices & Reasonable Methods September 2013 Mike Tassey Technical Security Advisor Privacy Technical Assistance Center (PTAC) http://ptac.ed.gov/ E-mail: PrivacyTA@ed.gov Phone: 855-249-3072

More information

MAKING BUSINESS MOBILITY BETTER Best practices for business mobility management

MAKING BUSINESS MOBILITY BETTER Best practices for business mobility management MAKING BUSINESS MOBILITY BETTER Best practices for business mobility management -1- THE MOBILE REVOLUTION - OPPORTUNITIES AND CONCERNS The CIO today faces a versatile environment where cloud and mobility

More information

Answers to these questions will determine which mobile device types and operating systems can be allowed to access enterprise data.

Answers to these questions will determine which mobile device types and operating systems can be allowed to access enterprise data. Mobility options and landscapes are evolving quickly for the corporate enterprise. Mobile platform providers such as Apple, Google and Microsoft, and leading device hardware vendors are constantly updating

More information

EasiShare Whitepaper - Empowering Your Mobile Workforce

EasiShare Whitepaper - Empowering Your Mobile Workforce Accessing files on mobile devices and sharing them with external parties presents serious security risks for companies. However, most current solutions are either too cumbersome or not secure enough for

More information

Why Email Encryption is Essential to the Safety of Your Business

Why Email Encryption is Essential to the Safety of Your Business Why Email Encryption is Essential to the Safety of Your Business What We ll Cover Email is Like a Postcard o The Cost of Unsecured Email 5 Steps to Implement Email Encryption o Know Your Compliance Regulations

More information

Mobility, Security Concerns, and Avoidance

Mobility, Security Concerns, and Avoidance By Jorge García, Technology Evaluation Centers Technology Evaluation Centers Mobile Challenges: An Overview Data drives business today, as IT managers and security executives face enormous pressure to

More information

A path to improving the end-user experience

A path to improving the end-user experience BEST PRACTICES WHITE PAPER A path to improving the end-user experience By David Williams, Vice President of Strategy, Office of the CTO, BMC Software TABLE OF CONTENTS EXECUTIVE SUMMARY...............................................

More information

What Is BYOD? Challenges and Opportunities

What Is BYOD? Challenges and Opportunities Wor k s pac es Mobi l i t ysol ut i ons Bl uewi r esol ut i ons www. bl uewi r e. c o. uk What Is BYOD? Challenges and Opportunities What is BYOD How Secure is Your BYOD Environment? Bring your own device

More information

Symantec Mobile Management 7.1

Symantec Mobile Management 7.1 Scalable, secure, and integrated device management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any previous technology,

More information

Addressing the BYOD Challenge with Okta Mobility Management. Okta Inc. 301 Brannan Street San Francisco, CA 94107. info@okta.

Addressing the BYOD Challenge with Okta Mobility Management. Okta Inc. 301 Brannan Street San Francisco, CA 94107. info@okta. Addressing the BYOD Challenge with Okta Mobility Management Okta Inc. 301 Brannan Street San Francisco, CA 94107 info@okta.com 1-888-722-7871 Executive Summary The Impact of BYOD BYOD can be a very polarizing

More information

10 BEST PRACTICES FOR MOBILE DEVICE MANAGEMENT (MDM)

10 BEST PRACTICES FOR MOBILE DEVICE MANAGEMENT (MDM) 10 BEST PRACTICES FOR MOBILE DEVICE MANAGEMENT (MDM) CONTENT INTRODUCTION 2 SCOPE OF BEST PRACTICES 2 1. HAVE A POLICY THAT IS REALISTIC 3 2. TAKE STOCK USING A MULTIPLATFORM REPORTING AND INVENTORY TOOL...3

More information

Cyber Security, Fraud and Corporate Account Takeovers LBA Bank Counsel Conference December 2014

Cyber Security, Fraud and Corporate Account Takeovers LBA Bank Counsel Conference December 2014 Cyber Security, Fraud and Corporate Account Takeovers LBA Bank Counsel Conference December 2014 Lisa D. Traina, CPA, CITP, CGMA Lisa Traina utilizes her 30+ years of experience as a CPA, CITP and CGMA

More information

BYOD: Should Convenience Trump Security? Francis Tam, Partner Kevin Villanueva, Senior Manager

BYOD: Should Convenience Trump Security? Francis Tam, Partner Kevin Villanueva, Senior Manager BYOD: Should Convenience Trump Security? Francis Tam, Partner Kevin Villanueva, Senior Manager 1 AGENDA Mobile Explosion Mobile Trends BYOD Benefits, Challenges and Threats BYOD Security BYOD Strategy

More information

5 TIPS FOR HIPAA COMPLIANT MOBILE DEVICES

5 TIPS FOR HIPAA COMPLIANT MOBILE DEVICES White paper 5 TIPS FOR HIPAA COMPLIANT MOBILE DEVICES PROTECTING PHI ON PORTABLE DEVICES 2016 SecurityMetrics 5 TIPS FOR HIPAA COMPLIANT MOBILE DEVICES 1 5 TIPS FOR HIPAA COMPLIANT MOBILE DEVICES PROTECTING

More information

Symantec Mobile Management Suite

Symantec Mobile Management Suite Symantec Mobile Management Suite One Solution For All Enterprise Mobility Needs Data Sheet: Mobile Security and Management Introduction Most enterprises have multiple mobile initiatives spread across the

More information

Email Compliance in 5 Steps

Email Compliance in 5 Steps Email Compliance in 5 Steps Introduction For most businesses, email is a vital communication resource. Used to perform essential business functions, many organizations rely on email to send sensitive confidential

More information

Mobile Medical Devices and BYOD: Latest Legal Threat for Providers

Mobile Medical Devices and BYOD: Latest Legal Threat for Providers Presenting a live 90-minute webinar with interactive Q&A Mobile Medical Devices and BYOD: Latest Legal Threat for Providers Developing a Comprehensive Usage Strategy to Safeguard Health Information and

More information

BYOD and Mobile Device Dependency

BYOD and Mobile Device Dependency BYOD and Mobile Device Dependency Thursday, November 8, 2012 Brian Thomas, CISA, CISSP & Shohn Trojacek, CISSP Brian Thomas, CISA, CISSP Partner, IT Advisory Services at Weaver Provides security, IT audit

More information

Mobile Security Checklist. An Easy, Achievable Plan for Security and Compliance

Mobile Security Checklist. An Easy, Achievable Plan for Security and Compliance Mobile Security Checklist An Easy, Achievable Plan for Security and Compliance Introduction Are mobile devices the weak link in your security defenses? Today, organizations are pouring millions of dollars

More information

Mobile Security BYOD and Consumer Apps

Mobile Security BYOD and Consumer Apps Mobile Security BYOD and Consumer Apps Adam Shnider, Managing Director, Coalfire October 16, 2012 Agenda I. The Mobile World - Trends I. Mobile devices - threats and risks I. BYOD Security Top Five I.

More information

Top. Enterprise Reasons to Select kiteworks by Accellion

Top. Enterprise Reasons to Select kiteworks by Accellion Top 10 Enterprise Reasons to Select kiteworks by Accellion Top 10 Enterprise Reasons to Select kiteworks Accellion enables enterprise organizations to enhance business productivity, while ensuring data

More information

Secure Your Mobile Workplace

Secure Your Mobile Workplace Secure Your Mobile Workplace Sunny Leung Senior System Engineer Symantec 3th Dec, 2013 1 Agenda 1. The Threats 2. The Protection 3. Q&A 2 The Mobile Workplaces The Threats 4 Targeted Attacks up 42% in

More information

ONE DEVICE TO RULE THEM ALL! AUDITING MOBILE DEVICES / BYOD NSAA IT CONFERENCE OCTOBER 2, 2014

ONE DEVICE TO RULE THEM ALL! AUDITING MOBILE DEVICES / BYOD NSAA IT CONFERENCE OCTOBER 2, 2014 ONE DEVICE TO RULE THEM ALL! 1993 2013 1 AUDITING MOBILE DEVICES / BYOD NSAA IT CONFERENCE OCTOBER 2, 2014 2 1 AGENDA Mobile Devices / Smart Devices Implementation Models Risks & Threats Audit Program

More information

RFI Template for Enterprise MDM Solutions

RFI Template for Enterprise MDM Solutions RFI Template for Enterprise MDM Solutions 2012 Zenprise, Inc. 1 About This RFI Template A secure mobile device management solution is an integral part of any effective enterprise mobility program. Mobile

More information

If you can't beat them - secure them

If you can't beat them - secure them If you can't beat them - secure them v1.0 October 2012 Accenture, its logo, and High Performance delivered are trademarks of Accenture. Preface: Mobile adoption New apps deployed in the cloud Allow access

More information

BYOD BEST PRACTICES GUIDE

BYOD BEST PRACTICES GUIDE BYOD BEST PRACTICES GUIDE 866.926.8746 1 www.xantrion.com TABLE OF CONTENTS 1 Changing Expectations about BYOD... 3 2 Mitigating the Risks... 4 2.1 Establish Clear Policies and Expectations... 4 2.2 Create

More information

CA Enterprise Mobility Management MSO

CA Enterprise Mobility Management MSO SERVICES DESCRIPTION CA Enterprise Mobility Management MSO At a Glance Today, your customers are more reliant on mobile technologies than ever. They re also more exposed by mobile technologies than ever.

More information

DEPLOYMENT. ASSURED. SEVEN ELEMENTS OF A MOBILE TEST STRATEGY. An Olenick & Associates White Paper

DEPLOYMENT. ASSURED. SEVEN ELEMENTS OF A MOBILE TEST STRATEGY. An Olenick & Associates White Paper DEPLOYMENT. ASSURED. SEVEN ELEMENTS OF A MOBILE TEST STRATEGY An Olenick & Associates White Paper July 2013 Contents Executive Summary... 1 Mobile Vision... 3 QA Methodology and Process... 4 Deployment

More information

What We Do: Simplify Enterprise Mobility

What We Do: Simplify Enterprise Mobility What We Do: Simplify Enterprise Mobility AirWatch by VMware is the global leader in enterprise-grade mobility solutions across every device, every operating system and every mobile deployment. Our scalable

More information

Back to the Future: Securing your Unwired Enterprise

Back to the Future: Securing your Unwired Enterprise Back to the Future: Securing your Unwired Enterprise By Manoj Kumar Kunta, Global Practice Leader - Security Back to the Future: Securing your Unwired Enterprise The advent of smartphones and tablets has

More information

SOLUTION BRIEF Enterprise Mobility Management. Critical Elements of an Enterprise Mobility Management Suite

SOLUTION BRIEF Enterprise Mobility Management. Critical Elements of an Enterprise Mobility Management Suite SOLUTION BRIEF Enterprise Mobility Management Critical Elements of an Enterprise Mobility Management Suite CA Technologies is unique in delivering Enterprise Mobility Management: the integration of the

More information

Symantec Mobile Management for Configuration Manager 7.2

Symantec Mobile Management for Configuration Manager 7.2 Symantec Mobile Management for Configuration Manager 7.2 Scalable, Secure, and Integrated Device Management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices

More information

White Paper. Data Security. journeyapps.com

White Paper. Data Security. journeyapps.com White Paper Data Security CONTENTS The JourneyApps Commitment to Security Geographic Location of Cloud Hosting Infrastructure-Level Security Protection of Data Through Encryption Data Life Cycle Management

More information

Consumerization. Managing the BYOD trend successfully. Harish Krishnan, General Manager, Wipro Mobility Solutions WWW.WIPRO.COM

Consumerization. Managing the BYOD trend successfully. Harish Krishnan, General Manager, Wipro Mobility Solutions WWW.WIPRO.COM Consumerization Managing the BYOD trend successfully WWW.WIPRO.COM Harish Krishnan, General Manager, Wipro Mobility Solutions Employees dictate IT Enterprises across the world are giving in to the Consumerization

More information

The BYOD of Tomorrow: BYOD 2.0. What is BYOD 1.0? What is BYOD 2.0? 3/27/2014. Cesar Picasso, MBA SOTI Inc. April 02, 2014

The BYOD of Tomorrow: BYOD 2.0. What is BYOD 1.0? What is BYOD 2.0? 3/27/2014. Cesar Picasso, MBA SOTI Inc. April 02, 2014 The BYOD of Tomorrow: BYOD 2.0 Cesar Picasso, MBA SOTI Inc. April 02, 2014 What is BYOD 1.0? BYOD 1.0 was the first wave of mobile device management that controlled the entire device BYOD 1.0 was inadequate

More information

Healthcare Buyers Guide: Mobile Device Management

Healthcare Buyers Guide: Mobile Device Management Healthcare Buyers Guide: Mobile Device Management Physicians and other healthcare providers see value in using mobile devices on the job. BYOD is a great opportunity to provide better and more efficient

More information

Stress-free mobility A mobile framework for the extended enterprise. April 29, 2015

Stress-free mobility A mobile framework for the extended enterprise. April 29, 2015 Stress-free mobility A mobile framework for the extended enterprise April 29, 2015 Presenter: Tony Winston Senior Manager EY Advisory Digital & Enabling Technology tony.winston@ey.com www.ey.com www.linkedin.com/in/tonywinston

More information

Whitepaper. How MSPs are Increasing Revenues by Solving BYOD Issues. nfrascaletm. Infrascale Phone: +1.877.896.3611 Web: www.infrascale.

Whitepaper. How MSPs are Increasing Revenues by Solving BYOD Issues. nfrascaletm. Infrascale Phone: +1.877.896.3611 Web: www.infrascale. Whitepaper How MSPs are Increasing Revenues by Solving BYOD Issues nfrascaletm Solving the BYOD Problem with Endpoint Data Management and Protection The prolific use of Bring Your Own Device (BYOD) in

More information

Dell s Five Best Practices for Maximizing Mobility Benefits while Maintaining Compliance with Data Security and Privacy Regulations

Dell s Five Best Practices for Maximizing Mobility Benefits while Maintaining Compliance with Data Security and Privacy Regulations Dell s Five Best Practices for Maximizing Mobility Benefits while Maintaining Compliance with Data Security and Privacy Regulations Inside ü Tips for deploying or expanding BYOD programs while remaining

More information

FIVE KEY BUSINESS INSIGHTS FOR MOBILE SECURITY IN A BYOD WORLD

FIVE KEY BUSINESS INSIGHTS FOR MOBILE SECURITY IN A BYOD WORLD FIVE KEY BUSINESS INSIGHTS FOR MOBILE SECURITY IN A BYOD WORLD IT managers report on today s mobile protection and management challenges ONE FRONT STREET. SUITE 2700 SAN FRANCISCO CA 94111 P +1.414.456.7891

More information

Certified Identity and Access Manager (CIAM) Overview & Curriculum

Certified Identity and Access Manager (CIAM) Overview & Curriculum Identity and access management (IAM) is the most important discipline of the information security field. It is the foundation of any information security program and one of the information security management

More information

Splunk Enterprise Log Management Role Supporting the ISO 27002 Framework EXECUTIVE BRIEF

Splunk Enterprise Log Management Role Supporting the ISO 27002 Framework EXECUTIVE BRIEF Splunk Enterprise Log Management Role Supporting the ISO 27002 Framework EXECUTIVE BRIEF Businesses around the world have adopted the information security standard ISO 27002 as part of their overall risk

More information

Embracing BYOD. Without Compromising Security or Compliance. Sheldon Hebert SVP Enterprise Accounts, Fixmo. Sheldon.Hebert@fixmo.

Embracing BYOD. Without Compromising Security or Compliance. Sheldon Hebert SVP Enterprise Accounts, Fixmo. Sheldon.Hebert@fixmo. Embracing BYOD Without Compromising Security or Compliance The Mobile Risk Management Company Sheldon Hebert SVP Enterprise Accounts, Fixmo Sheldon.Hebert@fixmo.com New Realities of Enterprise Mobility

More information

IT Resource Management & Mobile Data Protection vs. User Empowerment

IT Resource Management & Mobile Data Protection vs. User Empowerment Enterprise Mobility Management Buyers Guide IT Resource Management & Mobile Data Protection vs. User Empowerment Business leaders and users are embracing mobility and enjoying the flexibility and productivity

More information

Ibrahim Yusuf Presales Engineer at Sophos ibz@sophos.com. Smartphones and BYOD: what are the risks and how do you manage them?

Ibrahim Yusuf Presales Engineer at Sophos ibz@sophos.com. Smartphones and BYOD: what are the risks and how do you manage them? Ibrahim Yusuf Presales Engineer at Sophos ibz@sophos.com Smartphones and BYOD: what are the risks and how do you manage them? Tablets on the rise 2 Diverse 3 The Changing Mobile World Powerful devices

More information

The Oracle Mobile Security Suite: Secure Adoption of BYOD

The Oracle Mobile Security Suite: Secure Adoption of BYOD An Oracle White Paper April 2014 The Oracle Mobile Security Suite: Secure Adoption of BYOD Executive Overview BYOD (Bring Your Own Device) is the new mobile security imperative and every organization will

More information

STRONGER AUTHENTICATION for CA SiteMinder

STRONGER AUTHENTICATION for CA SiteMinder STRONGER AUTHENTICATION for CA SiteMinder Adding Stronger Authentication for CA SiteMinder Access Control 1 STRONGER AUTHENTICATION for CA SiteMinder Access Control CA SITEMINDER provides a comprehensive

More information

Control Issues and Mobile Devices

Control Issues and Mobile Devices Control Issues and Mobile Devices ACC 626 Term Paper Ramandip Kaur June 27, 2014 Page Table of Contents Executive Summary...ii 1.0 Introduction... 1 2.0 Current Trends... 1 2.1 Employee Owned Devices and

More information

"Secure insight, anytime, anywhere."

Secure insight, anytime, anywhere. "Secure insight, anytime, anywhere." THE MOBILE PARADIGM Mobile technology is revolutionizing the way information is accessed, distributed and consumed. This 5th way of computing will dwarf all others

More information

Bell Mobile Device Management (MDM)

Bell Mobile Device Management (MDM) Bell MDM Business FAQs 1 Bell Mobile Device Management (MDM) Frequently Asked Questions INTRODUCTION Bell Mobile Device Management provides business customers an all in one device administration tool to

More information

s Software as a Service (SaaS) offering: T-Suite Making your hard costs soft

s Software as a Service (SaaS) offering: T-Suite Making your hard costs soft s Software as a Service (SaaS) offering: T-Suite Making your hard costs soft T-Suite and Telstra T-Suite means you can: Rapidly deploy business applications when and where you need them Reduce capital

More information

Top. Reasons Federal Government Agencies Select kiteworks by Accellion

Top. Reasons Federal Government Agencies Select kiteworks by Accellion Top 10 Reasons Federal Government Agencies Select kiteworks by Accellion Accellion Government Customers Include: Top 10 Reasons Federal Government Agencies Select kiteworks Accellion provides government

More information

IT Resource Management vs. User Empowerment

IT Resource Management vs. User Empowerment Mobile Device Management Buyers Guide IT Resource Management vs. User Empowerment Business leaders and users are embracing mobility and enjoying the flexibility and productivity leading to rising mobile

More information

Hosted Virtual Desktops (VDI)

Hosted Virtual Desktops (VDI) Hosted Virtual Desktops (VDI) Secure and cost-effective delivery of Windows desktops and applications as a cloud service, to any device, anywhere, with predictable costs Hosted by Powered by Features Hosted

More information

Solving the Online File-Sharing Problem Replacing Rogue Tools with the Right Tools

Solving the Online File-Sharing Problem Replacing Rogue Tools with the Right Tools White Paper Solving the Online File-Sharing Problem Replacing Rogue Tools with the Right Tools Introduction The modern workforce is on the hunt for tools that help them get stuff done. When the technology

More information

My CEO wants an ipad now what? Mobile Security for the Enterprise

My CEO wants an ipad now what? Mobile Security for the Enterprise My CEO wants an ipad now what? Mobile Security for the Enterprise Agenda Introductions Emerging Mobile Trends Mobile Risk Landscape Response Framework Closing Thoughts 2 Introductions Amandeep Lamba Manager

More information

Kaspersky Security for Mobile

Kaspersky Security for Mobile Kaspersky Security for Mobile See. Control. Protect. MOVING TARGETS Mobile devices play a key role in connectivity and productivity. But they also introduce new risks to the business: in the past 12 months

More information

A CIO s Guide To Mobility Management

A CIO s Guide To Mobility Management The Complimentary Reprint Of This Syndicated Research Report Has Been Sponsored By: A CIO s Guide To Mobility Management Written By: Maribel Lopez March 2013 Lopez Research LLC 2269 Chestnut Street #202

More information

allchoice We are XMA. Empowering employee device choice within the workplace

allchoice We are XMA. Empowering employee device choice within the workplace allchoice Empowering employee device choice within the workplace We are XMA. We are XMA. We deliver innovative IT solutions that enhance how people learn, teach, govern, deliver healthcare and do business.

More information

Introducing KASPERSKY ENDPOINT SECURITY FOR BUSINESS.! Guyton Thorne! Sr. Manager System Engineering! guyton.thorne@kaspersky.com

Introducing KASPERSKY ENDPOINT SECURITY FOR BUSINESS.! Guyton Thorne! Sr. Manager System Engineering! guyton.thorne@kaspersky.com Introducing KASPERSKY ENDPOINT SECURITY FOR BUSINESS! Guyton Thorne! Sr. Manager System Engineering! guyton.thorne@kaspersky.com 1 Business drivers and their impact on IT AGILITY! Move fast, be nimble

More information

Business Case for Voltage SecureMail Mobile Edition

Business Case for Voltage SecureMail Mobile Edition WHITE PAPER Business Case for Voltage SecureMail Mobile Edition Introduction Mobile devices such as smartphones and tablets have become mainstream business productivity tools with email playing a central

More information

Enterprise on the Go. How enterprises can leverage mobile apps

Enterprise on the Go. How enterprises can leverage mobile apps Enterprise on the Go How enterprises can leverage mobile apps Vivek Narasimhan June 2012 Contents I. Project Scope II. Consumerization of IT drives demand for apps III. Enterprise App Considerations IV.

More information

Get Tough with Mobile Device Management

Get Tough with Mobile Device Management Get Tough with Mobile Device Management Franke Martinez Director, Regulated Industries SOTI Shwetank Bharati Director, OEM SOTI Doug Havemann Solutions Architect Panasonic SOTI is the Worlds Most Trusted

More information

IT Self Service and BYOD Markku A Suistola

IT Self Service and BYOD Markku A Suistola IT Self Service and BYOD Markku A Suistola Principal Presales Consultant Why IT Service need to evolve? David Coyle, research vice president at Gartner, 2010**: "IT self-service is a great concept, enabling

More information

Avoiding the Top 5 Vulnerability Management Mistakes

Avoiding the Top 5 Vulnerability Management Mistakes WHITE PAPER Avoiding the Top 5 Vulnerability Management Mistakes The New Rules of Vulnerability Management Table of Contents Introduction 3 We ve entered an unprecedented era 3 Mistake 1: Disjointed Vulnerability

More information

Identity and Access Management (IAM)

Identity and Access Management (IAM) Identity and Access Management (IAM) Emerging risks a look beyond compliance October 2013 Page 0 Agenda Why we have to think about IAM differently 2 Emerging IAM solution options 8 Solution deployment

More information

Virtual Desktop Infrastructure Optimization with SysTrack Monitoring Tools and Login VSI Testing Tools

Virtual Desktop Infrastructure Optimization with SysTrack Monitoring Tools and Login VSI Testing Tools A Software White Paper December 2013 Virtual Desktop Infrastructure Optimization with SysTrack Monitoring Tools and Login VSI Testing Tools A Joint White Paper from Login VSI and Software 2 Virtual Desktop

More information

BYOD: Bring Your Own Policy. Bring Your Own Device (BYOD) is already making a significant impact on the way the private sector works.

BYOD: Bring Your Own Policy. Bring Your Own Device (BYOD) is already making a significant impact on the way the private sector works. BYOD: Bring Your Own Policy Bring Your Own Device (BYOD) is already making a significant impact on the way the private sector works. BYOD: Bring Your Own Policy Bring Your Own Device (BYOD) is already

More information

Securing Virtual Desktop Infrastructures with Strong Authentication

Securing Virtual Desktop Infrastructures with Strong Authentication Securing Virtual Desktop Infrastructures with Strong Authentication whitepaper Contents VDI Access Security Loopholes... 2 Secure Access to Virtual Desktop Infrastructures... 3 Assessing Strong Authentication

More information

CREATING AN EFFECTIVE SUPPORT PLAN FOR BYOD: A BEST PRACTICE GUIDE

CREATING AN EFFECTIVE SUPPORT PLAN FOR BYOD: A BEST PRACTICE GUIDE CREATING AN EFFECTIVE SUPPORT PLAN FOR BYOD: A BEST PRACTICE GUIDE Delivering The Connected Enterprise Workforce Enablement Asset Management Customer Engagement Network Infrastructure Introduction Bring

More information

BLACKBERRY COBO: ULTIMATE MOBILE SECURITY AND CONTROL

BLACKBERRY COBO: ULTIMATE MOBILE SECURITY AND CONTROL WHITEPAPER BLACKBERRY COBO: ULTIMATE MOBILE SECURITY AND CONTROL Corporate-Owned, Business-Only Enterprise Mobility Option for Regulated and High-Security Environments 2 BLACKBERRY COBO: ENTERPRISE MOBILITY

More information

Mobility Challenges & Trends The Financial Services Point Of View

Mobility Challenges & Trends The Financial Services Point Of View Mobility Challenges & Trends The Financial Services Point Of View Nikos Theodosiou Cloud Computing Solutions Presales/Marketing Engineer The New World Agenda The Mobile World The Challenges The Solutions

More information

Securing Corporate Email on Personal Mobile Devices

Securing Corporate Email on Personal Mobile Devices Securing Corporate Email on Personal Mobile Devices Table of Contents The Impact of Personal Mobile Devices on Corporate Security... 3 Introducing LetMobile Secure Mobile Email... 3 Solution Architecture...

More information

Enabling Seamless & Secure Mobility in BYOD, Corporate-Owned and Hybrid Environments

Enabling Seamless & Secure Mobility in BYOD, Corporate-Owned and Hybrid Environments Enabling Seamless & Secure Mobility in BYOD, Corporate-Owned and Hybrid Environments Efficiently and Cost- Effectively Managing Mobility Risks in the Age of IT Consumerization Table of Contents EXECUTIVE

More information

ADDING STRONGER AUTHENTICATION for VPN Access Control

ADDING STRONGER AUTHENTICATION for VPN Access Control ADDING STRONGER AUTHENTICATION for VPN Access Control Adding Stronger Authentication for VPN Access Control 1 ADDING STRONGER AUTHENTICATION for VPN Access Control A VIRTUAL PRIVATE NETWORK (VPN) allows

More information