MOBILE SECURITY ROCK SOLID OR AT RISK?
|
|
- Oliver Paul
- 8 years ago
- Views:
Transcription
1 MOBILE SECURITY Today s handheld devices offer remarkable opportunity along with significant risk. Sound security practices are paramount. ENTERPRISE MOBILE SECURITY ROCK SOLID OR AT RISK? ver the last few years, a not-so-quiet revolution in computing has unfolded. Smartphones and tablets have transformed business and provided ways for employees, business partners and customers to access, manage and use data in new and noteworthy ways. It s safe to say that this new mobile order has created enormous opportunities. However, it s also ratcheted up the risks to the enterprise with data increasingly flowing outside the organization and residing on numerous devices. To be sure, managing mobility is no minor challenge. As the bringyour-own-device (BYOD) movement takes shape and employees use their own smartphones, tablets and notebooks to access enterprise data often from public Wi-Fi hotspots it s critical to put robust security protection in place and ensure that data doesn t wind up lost or stolen. How can an organization maximize the potential of mobile technology while minimizing the risk of a security lapse or data breach? While the solutions vary, one thing is certain. Organizations that adopt a best practice approach using a wide variety of tools and technologies 10
2 ranging from virtual private networks (VPNs) and virtual desktops to mobile device management (MDM) systems are far more likely to succeed. Connecting to Security Over the last few years, enterprise IT has changed more profoundly than at any point since the introduction of the personal computer. In the past, organizations held the reins and decided which devices would be used and how they would access data. Today, employees aren t just asking to use smartphones and tablets, they re demanding them and in many cases bringing their own devices into the enterprise. Corporate executives also demand ipads and other tablet devices. As a result, IT has no choice but to support these consumer devices and incorporate them into the IT infrastructure. Make no mistake, the BYOD movement has rocked the foundation of enterprise computing. The tech analyst firm Forrester reports that more than 50 percent of the organizations it surveyed now support employee-owned mobile devices and smartphones. This empowered workforce uses groundswell technologies such as mobile devices to drive increased productivity, innovation and improved customer services, it notes in a 2011 report, Managing the Security and Risk Challenges of Personal Devices in the Workplace. Meanwhile, a 2011 Accenture report, titled Jumping the Boundaries of Corporate IT, found that 87 percent of U.S Millennials decide where they will work based on their ability to use state-ofthe-art technology. Moreover, these individuals expect to use their own technology at work and tap into their preferred technology apps regardless of any compliance policy. A staggering 61 percent use social networking services that aren t supported by their IT department. In addition, 43 percent tap into non-supported IM, 31 percent rely on rogue open source technologies, and 26 percent use their own online collaboration tools. Then there s the fact that mobile devices are easily lost and stolen. A 2011 Ponemon Institute study found that the average cost of a data breach rose to $214 per compromised record in Worse, the figure hit $258 per record for mobile devices. Today, it s estimated that 70 percent of enterprise data resides somewhere on a mobile device. As employees tap into public Wi-Fi networks and exchange data device to device, oftentimes through social media applications, the challenges and risks to the enterprise grow exponentially. Risk Vectors These risks come in a number of forms. First, there s the danger of physical access to information when a device is lost or stolen. Once holding a device, a sophisticated thief can bypass a passcode and circumvent encryption. In addition to obtaining sensitive enterprise data, the attacker may wind up with passwords to other systems on the network. Physical access essentially renders most security protections including intrusion detection and antivirus useless. Device attacks are another serious concern, particularly on the Windows, Symbian and Android platforms. These may take the form of browser-based attacks as well as viruses or other malware sent through text messages or . Hackers and thieves may want to gain control of a device or the data residing on it, or they may use the device to get inside the enterprise network. Once a device harbors a botnet or malicious code, it can also infect other systems. Juniper Networks reported that malware for the Android operating system alone rose by 400 percent from 2010 to The growing use of public Wi-Fi presents serious risks as well. Hackers may eavesdrop on transmissions or use the network as a way to gain access to devices and use them for more serious attacks on a network. Unencrypted Wi-Fi networks can support so-called man-in-the-middle attacks, which allow a hacker to intercept communication and relay messages between two parties. Because the participants may think that they are privately communicating with the other person, they may provide sensitive data. An attacker within range of a Wi-Fi access point can use this method if mutual authentication between the parties hasn t taken place. Finally, there s the risk of insider threats. A March 2012 survey conducted by Ponemon Institute and Trend Micro found that security tools alone cannot protect systems and networks. Only 8 percent of all breaches are caused by external cyber-attacks. The top three reasons for breaches are employees losing notebooks or other mobile data-bearing devices (35 percent), third-party mishaps or errors (32 percent), and system glitches (29 percent). Larry Ponemon, chairman and founder of Ponemon Institute, noted that an increasingly mobile workforce is a key contributor to the problem. John Kuhn, director of product management for the Enterprise Mobility Group at Symantec, says that the number of platforms and devices an enterprise must support has skyrocketed over the last few years. What makes things especially difficult is that most organizations cannot dictate a device, he says. You have people using BlackBerry devices, iphones, Androids and other systems. You also have them sharing files and data through services such as Dropbox and Box.net. /// 35% AMOUNT OF BREACHES CAUSED BY EMPLOYEES LOSING NOTEBOOKS OR OTHER MOBILE DATA-BEARING DEVICES. \\\ SOURCE: Juniper Networks >>> 11
3 MOBILE SECURITY 8 WAYS TO AMP UP MOBILE SECURITY The complexities of mobile security haven t been lost on enterprise business and IT executives. Here are eight ways to improve protection and reduce risk: Develop an enterprise mobile security strategy. It s essential to understand what returns and risks devices and apps create and how mobility fits into the overall framework of the organization. A comprehensive audit should lead to a security policy that addresses issues as diverse as jailbreaking and what happens when a device is lost or stolen. It should also classify employees and data to ensure that sensitive and confidential information remains in the right hands. Focus on data rather than devices. The ultimate goal for an enterprise is to protect data. The cost of a lost device is minimal but lost data could compromise the entire business. As part of this approach, adopt solutions that provide maximum abstraction between data and specific devices and operating systems. This approach reduces complexity and risk. View each security tool as only part of the overall picture. An effective security strategy incorporates a wide range of solutions to create a security fabric that extends throughout the organization and onto mobile devices. Understand how these tools interact and look for any gaps that could lead to vulnerabilities. Provide education and awareness training. Although today s employees are typically savvy about using mobile devices, they may not be clear on security risks associated with their actions and behaviors. It s critical to provide education and training and understand what practices to avoid. Adopt a robust mobile device management (MDM) solution. MDM greatly simplifies device administration by providing a centralized view of resources and making it easier to use diagnostics, remote configuring and provisioning, apply patches, use backup and restore functions, asset tracking, provide network support, logging and reporting, and GPS tracking. Don t neglect conventional security tools. Understandably, most organizations focus heavily on mobile-specific security such as mobile device management solutions. However, antivirus, web filtering, virtual private networks (VPNs), data loss prevention (DLP), file encryption, authentication and other tools are the foundation of any security strategy. Focus on privacy issues. Security and privacy are deeply intertwined. A data breach could reveal private employee or customer information and lead to legal problems. In addition, the use of personally owned mobile devices in the workplace raises key questions particularly for companies that scan devices to ensure that they do not create risks or contain confidential company data. Stay agile. Conventional three- to five-year technology plans do not work in the mobile arena. It s critical to create an agile framework and continually reevaluate the way employees and others access data, what devices they use and what risks result. A six-month strategy isn t unreasonable. Developing a Mobile Security Strategy Building a comprehensive security strategy begins with an analysis and understanding of how people use applications and data and the role of the network in delivering information to users. It s also important to understand possible theft and loss scenarios and know the value of data residing on devices so that it can be classified accordingly. Best practice organizations typically create data tiers to determine the appropriate defense and level of protection. Security experts say that it s critical to focus on protecting data rather than devices. The cost of a lost device might top $500, but the loss of the data residing on the device could extend into millions of dollars. It could also result in bad press, fleeing customers, fines or lawsuits and a tarnished reputation and brand. Trying to build the ultimate padlock is both impractical and inefficient, explains Clinton Smith, manager of IT risk and compliance for Grant Thornton, LLP. Chenxi Wang, vice president and principal analyst for security and risk at Forrester, points out that basic protection such as enforceable password-based entry, autolock and remote-wipe capabilities are the starting point for a mobile security strategy. These tools allow an enterprise to retain some control over lost or compromised devices. Virtually all mobile devices now support these features and a 12
4 growing array of third party software applications allow IT administrators to remotely wipe data from mobile devices. In many cases, the ability to wipe a device within seconds can determine whether the incident winds up being a minor headache or a major security breach. Other basic considerations include the ability for IT to maintain and control security settings from a single location; have application and data controls, including automatic data encryption and secure transfers through a VPN (the Apple ios platform has built in support for encryption whereas many others, including Android, do not); and deploy other standard security protections, including antivirus, data loss prevention (DLP), web filtering and authentication. In some cases, a virtual desktop interface (VDI) streamlines security by eliminating data storage on a thin client or zero client device and instead keeping the files on a central server. VMware and Citrix are key vendors in this space. However, the primary security focus for many organizations is now mobile device management. Offered by a number of vendors, including AirWatch, BoxTone, McAfee, Microsoft, MobileIron and Symantec, it provides an enterprise view of devices, application rollouts and data use patterns. These applications support different mobile devices deployed across different carriers and service providers. In many instances they provide diagnostics, remote configuring and provisioning, backup and restore functions, asset tracking, network support, diagnostics, logging and reporting and GPS tracking. Symantec Mobile Management (SMM), for example, offers comprehensive visibility and control for iphones, ipads, Androids and other popular mobile devices using a single console and a highly scalable approach. It allows network administrators to establish policy controls that encompass everything from passwords to remote-wipe capabilities. It also offers endpoint management that helps an organization standardize on a single platform across all enterprise applications. For instance, an administrator can switch off a camera or control access to public app stores. The software is also able to separate corporate and personal data on devices to comply with regulatory requirements. Forrester s Wang believes that MDM, while providing a highly useful way to oversee different platforms and devices within a consistent management interface, can sometimes provide a false sense of security. It can distract business and IT leaders from thinking about the big picture, Wang explains. In addition, Forrester notes that a one-size-fits-all approach to device management can create problems and inhibit productivity particularly if classifications and user access issues aren t clearly analyzed and defined up front. Other security management tools also play a key role in thwarting data loss and theft. Websense TRITON, for example, integrates web, and data security in order to provide unified content analysis on a mobile platform. The firm s enterpriseclass DLP works on iphones, ipads and the Android platform over carrier networks and Wi-Fi. What s more, the company continually analyzes mobile apps available for ios, Android and other platforms and provides insights into potential risks. It s crucial to take an integrated approach that addresses mobile applications, data theft and web security, says Tom Clare, senior director of product marketing at Websense. 13
5 MOBILE SECURITY Authentication applications are also a valuable piece of the security puzzle. Vendors such as Symantec, DigitalPersona and Imprivata offer solutions to help control and manage network access, including from mobile devices. For instance, Imprivata s OneSign for Healthcare offers a number of key capabilities, including a single sign-on access management tool for EMR access on personal computers as well as various mobile devices. The solution provides a high level of functionality, flexibility and scalability across an organization. The system is designed to improve clinician workflow and reduce IT administration tasks. Organizations, particularly in healthcare, face enormous challenges, notes David Ting, CTO for Imprivata. Wang believes that it is crucial to balance user needs and security. At the end of the day, both IT operations and security want business owners and business users to see them as partners in their mobility needs. If you take too conservative of an approach to mitigating security and risk concerns on personally owned devices, users will once again see security as just a policy function, she notes. Policy Matters All the leading-edge technology in the world won t guarantee security, Wang says. It s important to develop sound policies that address a wide array of issues, including device standards, IT management and support, acceptable usage guidance, financial responsibilities, operational security and legal implications. Within this umbrella, key issues include: organizational accountability, awareness training and developing solid communication with employees and other system users. Remarkably, a Ponemon Institute study found that 53 percent of companies it surveyed have no mobile policy in place and a mere 16 percent had a policy that encompassed the entire enterprise. One way to mitigate risk, Wang says, is to build an internal app store for distributing software internally. It s a strategy that a growing number of organizations are embracing. This approach can help guarantee the quality and safety of apps distributed to employees. It also creates a viable way to distribute apps internally and let employees know which apps are the most popular and most useful. 14
6 No less important: it s possible to control the apps employees download based on their role and privileges. Ultimately, Wang says, it s critical to recognize that the policies an enterprise deploys affect how it builds out its infrastructure, including mobile support. As a result, it s essential for IT to develop a strategy and solutions with input from different business units and build a framework for agile mobile deployment and change. For each corporate application or resource that users will access via his or her mobile device, you must create a similar checklist, she points out. Regulated organizations, meanwhile, must ensure that additional controls and reporting tools exist. ABI Research Practice Director Dan Shey says that it s important to recognize that there is no such thing as foolproof security. Today s state-of-the-art security systems and processes may prove inadequate tomorrow. In a mobile arena that s evolving rapidly, the risks are ratcheted up further. It s important to create an enterprise-wide security policy and a security governance roadmap that provides an enterprise vision as well as a way to maintain control moving forward, he explains. In the end, organizations must be vigilant about external and internal threats relating to mobile security. There s no simple path to protection and there s no silver bullet. It s essential to incorporate an array of security tools and technologies but also focus on the human factor. Today s business and IT environment requires an entirely different security mindset, including a thorough understanding of how employees factor into overall data use and security. Concludes Symantec s Kuhn: The most successful organizations integrate mobile protection solutions into the overall framework of security. WHAT S IN A SOUND BYOD POLICY? THERE S NO TURNING BACK THE CLOCK ON MOBILITY. Consumers now dictate many of the technologies, tools and solutions that enterprises adopt. As a result, it s critical to have a policy in place for employees using their own smartphones and tablets. Here are several key components: DEVICE USE It s essential to define which devices will be allowed. Today, this usually means Apple s ios, Google s Android and, in many cases, BlackBerry and Microsoft devices. AUTHENTICATION User names and passwords aren t enough to provide adequate security. Devices must have digital certificates installed and support end-to-end encryption through a VPN. What s more, the organization must be able to track the user s identity, device, location and have a record of access. REMOTE WIPE An organization should use remote wipe software in case the device is lost or stolen or the employee leaves the company. USER DATA It s essential to spell out who owns and controls what data, including files, images and audio files. APPS The organization should provide employees with a list of apps that are allowed as well as those that can t be used. The latter should only be apps that pose a clear security risk. AN APPROVAL PROCEDURE It s important to offer a procedure for approving new devices and apps. The mobile environment is changing rapidly. ASSESSMENTS Security Assessment Assists with Data Loss Prevention Our solution architects will conduct a comprehensive security assessment to protect against loss both inside and out. Included is a set of security remediation recommendations that are prioritized by risk, cost and business impact. Stop information and reputation loss with DLP solutions. Call us today to find out how we can help. 15
Kaspersky Security for Mobile
Kaspersky Security for Mobile See. Control. Protect. MOVING TARGETS Mobile devices play a key role in connectivity and productivity. But they also introduce new risks to the business: in the past 12 months
More informationChris Boykin VP of Professional Services
5/30/12 Chris Boykin VP of Professional Services Future Com! 20 years! Trusted Advisors! Best of brand partners! Brand name customers! 1000 s of solutions delivered!! 1 5/30/12 insight to the future, bringing
More informationMobile Device Management for CFAES
Mobile Device Management for CFAES What is Mobile Device Management? As smartphones and other mobile computing devices grow in popularity, management challenges related to device and data security are
More informationSECURITY OF HANDHELD DEVICES TAKE CONTROL OF THE MOBILE DEVICE
SECURITY OF HANDHELD DEVICES TAKE CONTROL OF THE MOBILE DEVICE Michael CLICK TO Albek EDIT MASTER - SecureDevice SUBTITLE STYLE 2011 Driven by changing trends and increasing globalization, the needs of
More informationSecurity. Mobile Device FOR. by Rich Campagna, Subbu Iyer, and Ashwin Krishnan. John Wiley & Sons, Inc. Foreword by Mark Bauhaus.
Mobile Device Security FOR by Rich Campagna, Subbu Iyer, and Ashwin Krishnan Foreword by Mark Bauhaus Executive Vice President, Device and Network Systems Business Group, Juniper Networks WILEY John Wiley
More informationSECURING TODAY S MOBILE WORKFORCE
WHITE PAPER SECURING TODAY S MOBILE WORKFORCE Connect, Secure, and Manage Mobile Devices and Users with Junos Pulse and the Junos Pulse Mobile Security Suite Copyright 2011, Juniper Networks, Inc. Table
More informationMobile Security Challenge Emerges Smart IT Leaders Evaluating Pervasive Security Options
Mobile Security Challenge Emerges Smart IT Leaders Evaluating Pervasive Security Options By Robin Gareiss Executive Vice President and Founder, Nemertes Research Executive Summary As more employees bring
More informationMy CEO wants an ipad now what? Mobile Security for the Enterprise
My CEO wants an ipad now what? Mobile Security for the Enterprise Agenda Introductions Emerging Mobile Trends Mobile Risk Landscape Response Framework Closing Thoughts 2 Introductions Amandeep Lamba Manager
More informationHow To Secure Your Mobile Devices
SAP White Paper Enterprise Mobility Protect Your Enterprise by Securing All Entry and Exit Points How Enterprise Mobility Management Addresses Modern-Day Security Challenges Table of Contents 4 Points
More informationSymantec Mobile Management 7.2
Scalable, secure, and integrated device management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any previous technology
More informationThe User is Evolving. July 12, 2011
McAfee Enterprise Mobility Management Securing Mobile Applications An overview for MEEC The User is Evolving 2 The User is Evolving 3 IT s Challenge with Mobile Devices Web 2.0, Apps 2.0, Mobility 2.0
More informationA number of factors contribute to the diminished regard for security:
TrendLabs Enterprises cite security as their number one concern with regard to consumerization. During the actual execution of a consumerization strategy, however, IT groups find that the increasing demand
More informationSimplifying the Challenges of Mobile Device Security
WHITE PAPER Three Steps to Reduce Mobile Device Security Risks Table of Contents Executive Overview 3 Mobile Device Security: 3 Just as Critical as Security for Desktops, Servers, and Networks 3 Find the
More informationEnterprise Mobility & BYOD: Four Biggest Challenges And How to Solve Them WHITE PAPER
Enterprise Mobility & BYOD: Four Biggest Challenges And How to Solve Them WHITE PAPER WHITE PAPER 2 Enterprise Mobility & BYOD: Four Biggest Challenges And How to Solve Them Business success is highly
More information10 best practice suggestions for common smartphone threats
10 best practice suggestions for common smartphone threats Jeff R Fawcett Dell SecureWorks Security Practice Executive M Brandon Swain Dell SecureWorks Security Practice Executive When using your Bluetooth
More informationMobile Security: Controlling Growing Threats with Mobile Device Management
Mobile Security: Controlling Growing Threats with Mobile Device Management As the use of mobile devices continues to grow, so do mobile security threats. Most people use their mobile devices for both work
More information"Secure insight, anytime, anywhere."
"Secure insight, anytime, anywhere." THE MOBILE PARADIGM Mobile technology is revolutionizing the way information is accessed, distributed and consumed. This 5th way of computing will dwarf all others
More informationHow To Protect Your Mobile Devices From Security Threats
Back to the Future: Securing your Unwired Enterprise By Manoj Kumar Kunta, Global Practice Leader - Security Back to the Future: Securing your Unwired Enterprise The advent of smartphones and tablets has
More informationDISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention. symantec.com
DISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention symantec.com One of the interesting things we ve found is that a lot of the activity you d expect to be malicious
More informationSimplifying the Challenges of Mobile Device Security Three Steps to Reduce Mobile Device Security Risks
Smartphones and tablets are invading the workplace along with the security risks they bring with them. Every day these devices go unchecked by standard vulnerability management processes, even as malware
More informationSymantec Mobile Management 7.1
Scalable, secure, and integrated device management for healthcare Data Sheet: Industry Perspectives Healthcare Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any
More informationThree Best Practices to Help Government Agencies Overcome BYOD Challenges
WHITE PAPER This paper discusses how IT managers in government can address the challenges of the new Bring-Your-Own-Device (BYOD) environment as well as best practices for ensuring security and productivity.
More informationWHITE PAPER. Mobile Security. Top Five Security Threats for the Mobile Enterprise and How to Address Them
Mobile Security Top Five Security Threats for the Mobile Enterprise and How to Address Them Today s countless mobile devices present tangible opportunities to drive measurable and substantial value for
More informationMobile Medical Devices and BYOD: Latest Legal Threat for Providers
Presenting a live 90-minute webinar with interactive Q&A Mobile Medical Devices and BYOD: Latest Legal Threat for Providers Developing a Comprehensive Usage Strategy to Safeguard Health Information and
More information{ipad Security} for K-12. Understanding & Mitigating Risk. plantemoran.com
{ipad Security} plantemoran.com for K-12 Understanding & Mitigating Risk Plante Moran The ipad is in K-12. Since its debut in April 2010, the ipad has quickly become the most popular tablet, outselling
More information4 Steps to Effective Mobile Application Security
Mobile Application Security Whitepaper 4 Steps to Effective Mobile Application Security Table of Contents Executive Summary 3 Mobile Security Risks in Enterprise Environments 4 The Shortcomings of Traditional
More informationEasiShare Whitepaper - Empowering Your Mobile Workforce
Accessing files on mobile devices and sharing them with external parties presents serious security risks for companies. However, most current solutions are either too cumbersome or not secure enough for
More informationWhite Paper. Data Security. The Top Threat Facing Enterprises Today
White Paper Data Security The Top Threat Facing Enterprises Today CONTENTS Introduction Vulnerabilities of Mobile Devices Alarming State of Mobile Insecurity Security Best Practices What if a Device is
More informationA 3-STEP PLAN FOR MOBILE SECURITY
A 3-STEP PLAN FOR MOBILE SECURITY A 3-STEP PLAN FOR MOBILE SECURITY 2 A complex problem that requires a holistic approach Mobility is here. Mobility is now. Mobility (along with cloud and social media)
More informationSymantec Mobile Management for Configuration Manager 7.2
Symantec Mobile Management for Configuration Manager 7.2 Scalable, Secure, and Integrated Device Management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices
More informationA number of factors contribute to the diminished regard for security:
TrendLabs Enterprises cite security as their number one concern with regard to consumerization. During the actual execution of a consumerization strategy, however, IT groups find that the increasing demand
More informationHands on, field experiences with BYOD. BYOD Seminar
Hands on, field experiences with BYOD. BYOD Seminar Brussel, 25 september 2012 Agenda Challenges RIsks Strategy Before We Begin Thom Schiltmans Deloitte Risk Services Security & Privacy Amstelveen tschiltmans@deloitte.nl
More informationIbrahim Yusuf Presales Engineer at Sophos ibz@sophos.com. Smartphones and BYOD: what are the risks and how do you manage them?
Ibrahim Yusuf Presales Engineer at Sophos ibz@sophos.com Smartphones and BYOD: what are the risks and how do you manage them? Tablets on the rise 2 Diverse 3 The Changing Mobile World Powerful devices
More informationCodeproof Mobile Security & SaaS MDM Platform
Codeproof Mobile Security & SaaS MDM Platform info@codeproof.com https://codeproof.com Mobile devices have been transformed into multi-faceted, multi-tasking, multimedia tools for personal expression,
More informationMDM and beyond: Rethinking mobile security in a BYOD world
MDM and beyond: Rethinking mobile security in a BYOD world 2013 Citrix and TechTarget Table of Contents Summary.... 3 Introduction... 3 Current business challenges with BYOD... 4 Securing mobile devices
More informationMobile Security: Top Five Security Threats for the Mobile Enterprise and How to Address Them
Mobile Security: Top Five Security Threats for the Mobile Enterprise and How to Address Them Today s countless mobile devices present tangible opportunities to drive measurable and substantial value for
More informationSymantec Mobile Management 7.2
Scalable, secure, and integrated device management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any previous technology
More informationThe Maximum Security Marriage:
The Maximum Security Marriage: Mobile File Management is Necessary and Complementary to Mobile Device Management The bring your own device (BYOD) trend in the workplace is at an all-time high, and according
More informationSecurely Yours LLC IT Hot Topics. Sajay Rai, CPA, CISSP, CISM sajayrai@securelyyoursllc.com
Securely Yours LLC IT Hot Topics Sajay Rai, CPA, CISSP, CISM sajayrai@securelyyoursllc.com Contents Background Top Security Topics What auditors must know? What auditors must do? Next Steps [Image Info]
More informationIntroducing KASPERSKY ENDPOINT SECURITY FOR BUSINESS.! Guyton Thorne! Sr. Manager System Engineering! guyton.thorne@kaspersky.com
Introducing KASPERSKY ENDPOINT SECURITY FOR BUSINESS! Guyton Thorne! Sr. Manager System Engineering! guyton.thorne@kaspersky.com 1 Business drivers and their impact on IT AGILITY! Move fast, be nimble
More informationSecurity Overview Enterprise-Class Secure Mobile File Sharing
Security Overview Enterprise-Class Secure Mobile File Sharing Accellion, Inc. 1 Overview 3 End to End Security 4 File Sharing Security Features 5 Storage 7 Encryption 8 Audit Trail 9 Accellion Public Cloud
More informationBYOD THE SMALL BUSINESS GUIDE TO BRING YOUR OWN DEVICE
BYOD THE SMALL BUSINESS GUIDE TO BRING YOUR OWN DEVICE INTRODUCTION The technological revolution has made us dependent on our mobile devices, whether we re at home, in the office, on the go or anywhere
More informationThe Bring Your Own Device Era:
The Bring Your Own Device Era: Benefits Clearly Justify BYOD, but Businesses Must Mitigate Security, Compliance and Application Performance Risks Executive Overview The Bring-Your-Own-Device (BYOD) era
More informationWindows Phone 8.1 in the Enterprise
Windows Phone 8.1 in the Enterprise Version 1.4 MobileIron 415 East Middlefield Road Mountain View, CA 94043 USA Tel. +1.650.919.8100 Fax +1.650.919.8006 info@mobileiron.com Introduction 3 Why Windows
More informationConquering PCI DSS Compliance
Any organization that stores, processes or transmits information related to credit and debit card payments has a responsibility to protect each cardholder s personal data. To help accomplish this goal,
More informationRunning Head: AWARENESS OF BYOD SECURITY CONCERNS 1. Awareness of BYOD Security Concerns. Benjamin Tillett-Wakeley. East Carolina University
Running Head: AWARENESS OF BYOD SECURITY CONCERNS 1 Awareness of BYOD Security Concerns Benjamin Tillett-Wakeley East Carolina University AWARENESS OF BYOD SECURITY CONCERNS 2 Abstract This paper will
More informationState of Mobility Survey. France Results
State of Mobility Survey France Results Methodology Survey performed by Applied Research 6,275 global organizations 43 countries NAM 2 LAM 14 EMEA 13 APJ 14 SMBs: Individuals in charge of computers Enterprises:
More informationBeyond Mobile Device Security: Why Comprehensive Endpoint Security and Management is a Must-Have for Small and Medium Enterprises
Beyond Mobile Device Security: Why Comprehensive Endpoint Security and Management is a Must-Have for Small and Medium Enterprises www.earthlink.com 1 Are you prepared to bear the cost of mitigation if
More informationReducing the cost and complexity of endpoint management
IBM Software Thought Leadership White Paper October 2014 Reducing the cost and complexity of endpoint management Discover how midsized organizations can improve endpoint security, patch compliance and
More informationHow To Manage A Mobile Device Management (Mdm) Solution
Mobile Device Management Buyers Guide IT departments should be perceived as the lubricant in the machine that powers an organization. BYOD is a great opportunity to make life easier for your users. But
More informationSymantec Mobile Management 7.1
Scalable, secure, and integrated device management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any previous technology,
More informationThe Cost of Insecure Mobile Devices in the Workplace Sponsored by AT&T
The Cost of Insecure Mobile Devices in the Workplace! Sponsored by AT&T Independently conducted by Ponemon Institute LLC Publication Date: March 2014 Part 1. Introduction The Cost of Insecure Mobile Devices
More informationENTERPRISE MOBILITY USE CASES AND SOLUTIONS
ENTERPRISE MOBILITY USE CASES AND SOLUTIONS ENTERPRISE MOBILITY USE CASES AND SOLUTIONS Mobility is no longer a trend it s how business gets done. With employees using multiple mobile devices and the availability
More informationA 5-STEP PLAN TO PREPARE FOR HEALTHCARE. A Complimentary White Paper from
A 5-STEP PLAN TO PREPARE FOR BYOD IN HEALTHCARE A Complimentary White Paper from A 5-step plan to prepare for BYOD in health care A Complimentary White Paper from Healthcare Business & Technology Nearly
More informationSecuring mobile devices in the business environment
IBM Global Technology Services Thought Leadership White Paper October 2011 Securing mobile devices in the business environment By I-Lung Kao, Global Strategist, IBM Security Services 2 Securing mobile
More informationDeploy secure, corporate access for mobile device users with the Junos Pulse Mobile Security Suite
WHITE PAPER Mobile Device Security in the Enterprise Deploy secure, corporate access for mobile device users with the Junos Pulse Mobile Security Suite Copyright 2010, Juniper Networks, Inc. Table of Contents
More informationMOBILE SECURITY: DON T FENCE ME IN
MOBILE SECURITY: DON T FENCE ME IN Apart from the known and the unknown, what else is there? 18 Harold Pinter, Nobel Prize-winning playwright, screenwriter, director, actor 32 INTRODUCTION AND METHODOLOGY
More informationWhat Do You Mean My Cloud Data Isn t Secure?
Kaseya White Paper What Do You Mean My Cloud Data Isn t Secure? Understanding Your Level of Data Protection www.kaseya.com As today s businesses transition more critical applications to the cloud, there
More informationConducting a Risk Assessment for Mobile Devices
Conducting a Assessment for Mobile Devices May 9, 2012 David Frei Director, Digital/Information Security Specialist The Changing Environment Today s Discussion Available Industry Assessment Models Unique
More informationFeature List for Kaspersky Security for Mobile
Feature List for Kaspersky Security for Mobile Contents Overview... 2 Simplified Centralized Deployment... 2 Mobile Anti-Malware... 3 Anti-Theft / Content Security... Error! Bookmark not defined. Compliance
More informationEmerging threats for the healthcare industry: The BYOD. By Luca Sambucci www.deepsecurity.us
Emerging threats for the healthcare industry: The BYOD Revolution By Luca Sambucci www.deepsecurity.us Copyright 2013 Emerging threats for the healthcare industry: The BYOD REVOLUTION Copyright 2013 Luca
More informationMobile Workforce. Connect, Protect, and Manage Mobile Devices and Users with Junos Pulse and the Junos Pulse Mobile Security Suite.
White Paper Securing Today s Mobile Workforce Connect, Protect, and Manage Mobile Devices and Users with Junos Pulse and the Junos Pulse Mobile Security Suite Copyright 2012, Juniper Networks, Inc. 1 Table
More informationIT Resource Management & Mobile Data Protection vs. User Empowerment
Enterprise Mobility Management Buyers Guide IT Resource Management & Mobile Data Protection vs. User Empowerment Business leaders and users are embracing mobility and enjoying the flexibility and productivity
More informationGuideline on Safe BYOD Management
CMSGu2014-01 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius Guideline on Safe BYOD Management National Computer Board Mauritius Version
More informationIBM Endpoint Manager for Mobile Devices
IBM Endpoint Manager for Mobile Devices A unified platform for managing mobile devices together with your traditional endpoints Highlights Address business and technology issues of security, complexity
More informationBYOD Guidelines A practical guide for implementing a successful BYOD Management program in an organization of any size.
April 2014 BYOD Guidelines A practical guide for implementing a successful BYOD Management program in an organization of any size. Bring your own device (BYOD) refers to the policy of permitting employees
More informationMobile security and your EMR. Presented by: Shawn Tester & Allen Cornwall
Mobile security and your EMR Presented by: Shawn Tester & Allen Cornwall Date: October 14, 2011 Overview General Security Challenges & best practices Mobile EMR interfaces - EMR Access - Today & Future
More informationWHITE PAPER KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST PROTECTING THE PROTECTOR
KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST Protecting Identities. Enhancing Reputations. IDT911 1 DATA BREACHES AND SUBSEQUENT IDENTITY THEFT AND FRAUD THREATEN YOUR ORGANIZATION
More informationAthena Mobile Device Management from Symantec
Athena Mobile Device Management from Symantec Scalable, Secure, and Integrated Device Management for ios and Android Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile
More informationEverything You Need to Know About Effective Mobile Device Management. mastering the mobile workplace
Everything You Need to Know About Effective Mobile Device Management mastering the mobile workplace Table of Contents Introduction... 3 1. What exactly is Mobility Management Anyway?... 4 Impenetrable
More informationMobile First Government
Mobile First Government An analysis of NIST and DISA requirements for the adoption of commercially available mobility platforms by government agencies August 2013 415 East Middlefield Road Mountain View,
More informationManaging Web Security in an Increasingly Challenging Threat Landscape
Managing Web Security in an Increasingly Challenging Threat Landscape Cybercriminals have increasingly turned their attention to the web, which has become by far the predominant area of attack. Small wonder.
More informationSecurity for the Road Warrior
Security for the Road Warrior Mark K. Mellis Associate Information Security Officer Stanford University Information Security Office Version 1.1 We are all mobile We all travel from home to campus or from
More informationEnabling Secure BYOD How Fortinet Provides a Secure Environment for BYOD
Enabling Secure BYOD How Fortinet Provides a Secure Environment for BYOD FORTINET Enabling Secure BYOD PAGE 2 Executive Summary Bring Your Own Device (BYOD) is another battle in the war between security
More informationIf you can't beat them - secure them
If you can't beat them - secure them v1.0 October 2012 Accenture, its logo, and High Performance delivered are trademarks of Accenture. Preface: Mobile adoption New apps deployed in the cloud Allow access
More informationEndpoint protection for physical and virtual desktops
datasheet Trend Micro officescan Endpoint protection for physical and virtual desktops In the bring-your-own-device (BYOD) environment, protecting your endpoints against ever-evolving threats has become
More information10 Quick Tips to Mobile Security
10 Quick Tips to Mobile Security 10 Quick Tips to Mobile Security contents 03 Introduction 05 Mobile Threats and Consequences 06 Important Mobile Statistics 07 Top 10 Mobile Safety Tips 19 Resources 22
More informationInternet threats: steps to security for your small business
Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential
More informationHealthcare Buyers Guide: Mobile Device Management
Healthcare Buyers Guide: Mobile Device Management Physicians and other healthcare providers see value in using mobile devices on the job. BYOD is a great opportunity to provide better and more efficient
More informationMobile Data Leakage Prevention
Mobile Data Leakage Prevention Three Best Practices for Liberating Users, Not Data A Z E N P R I S E W H I T E P A P E R Contents Mobile Opportunities... 2 Mobile Security Concerns... 2 There is an explosion
More informationSecure Your Mobile Workplace
Secure Your Mobile Workplace Sunny Leung Senior System Engineer Symantec 3th Dec, 2013 1 Agenda 1. The Threats 2. The Protection 3. Q&A 2 The Mobile Workplaces The Threats 4 Targeted Attacks up 42% in
More informationPreparing your network for the mobile onslaught
IBM Global Technology Services Thought Leadership White Paper Preparing your network for the mobile onslaught How networks can overcome the security, delivery challenges posed by mobile devices 2 Preparing
More informationEnabling Business Beyond the Corporate Network. Secure solutions for mobility, cloud and social media
Enabling Business Beyond the Corporate Network Secure solutions for mobility, cloud and social media 3 Trends Transforming Networks and Security Are you dealing with these challenges? Enterprise networks
More informationDECISION MAKER S GUIDE: DEVELOPING A BRING YOUR OWN DEVICE STRATEGY
GUIDE DECISION MAKER S GUIDE: DEVELOPING A BRING YOUR OWN DEVICE STRATEGY Giving you a head start in successfully developing and supporting the right BYOD strategy for your organisation TRANSFORMING COMMUNICATIONS
More informationFive Best Practices for Secure Enterprise Content Mobility
A N A C C E L L I O N W H I T E P A P E R Five Best Practices for Secure Enterprise Content Mobility Accellion, Inc. Tel +1 650 485-4300 1804 Embarcadero Road Fax +1 650 485-4308 Suite 200 www.accellion.com
More informationCyber Security. John Leek Chief Strategist
Cyber Security John Leek Chief Strategist AGENDA The Changing Business Landscape Acknowledge cybersecurity as an enterprise-wide risk management issue not just an IT issue How to develop a cybersecurity
More informationNorth Carolina Health Information Management Association February 20, 2013 Chris Apgar, CISSP
Mobile Device Management Risky Business in Healthcare North Carolina Health Information Management Association February 20, 2013 Chris Apgar, CISSP Agenda HIPAA/HITECH & Mobile Devices Breaches Federal
More informationMobile Protection. Driving Productivity Without Compromising Protection. Brian Duckering. Mobile Trend Marketing
Driving Productivity Without Compromising Protection Brian Duckering Mobile Trend Marketing Mobile Device Explosion Paves Way for BYOD 39% 69% 340% 2,170% 2010 177M corp PCs 2015 246M corp PCs 2010 173
More informationBEST PRACTICE GUIDE MOBILE DEVICE MANAGEMENT AND MOBILE SECURITY.
BEST PRACTICE GUIDE MOBILE DEVICE MANAGEMENT AND MOBILE SECURITY. With Kaspersky, now you can. kaspersky.com/business Be Ready for What s Next CONTENTS 1. OPEN ALL HOURS...2 Page 2. MOBILE DEVICE MANAGEMENT
More informationSeven Tips for Securing Mobile Workers
Seven Tips for Securing Mobile Workers Sponsored by Sophos Published by Ponemon Institute LLC Ponemon Institute Research Report Seven Tips for Securing Mobile Workers Ponemon Institute, May 2011 Part 1.
More informationProtecting Content and Securing the Organization Through Smarter Endpoint Choices
Protecting Content and Securing the Organization Through Smarter Endpoint Choices Prepared by Dan O Farrell Dell Cloud Client-Computing Finally a practical approach to protecting content and securing desktops
More informationThe 12 Essentials of PCI Compliance How it Differs from HIPPA Compliance Understand & Implement Effective PCI Data Security Standard Compliance
Date: 07/19/2011 The 12 Essentials of PCI Compliance How it Differs from HIPPA Compliance Understand & Implement Effective PCI Data Security Standard Compliance PCI and HIPAA Compliance Defined Understand
More informationBYOD in the Enterprise
BYOD in the Enterprise MDM. The solution to BYOD? Context Information Security whitepapers@contextis.co.uk October 2013 Context Information Security 30 Marsh Wall, London, E14 9TP +44 (0) 207 537 7515
More informationHow To Support Bring Your Own Device (Byod)
WHITE PAPER: EXPLOITING THE BUSINESS POTENTIAL OF BYOD........................................ Exploiting the business potential of BYOD (bring your own device) Who should read this paper This paper addresses
More informationSecure Your Mobile Device Access with Cisco BYOD Solutions
Solution Overview Secure Your Mobile Device Access with Cisco BYOD Solutions BENEFITS The Cisco Meraki solution (cloud managed) and Cisco BYOD Solution (on-premises management) help you secure multiple
More information5 Considerations for a Successful BYOD Strategy Vincent Vanbiervliet
5 Considerations for a Successful BYOD Strategy Vincent Vanbiervliet Sr. Sales Engineer 1 What we ll talk about What is BYOD? Mobile Revolution, the Post PC era? BYOD: What to consider 1. Users 2. Devices
More informationMobile computing. Does your organisation have any safe options? The better the question. The better the answer. The better the world works.
Mobile computing Does your organisation have any safe options? The better the question. The better the answer. The better the world works. The big picture The mobile security risk surface Devices Jailbreak
More informationEnsuring Enterprise Data Security with Secure Mobile File Sharing.
A c c e l l i o n S e c u r i t y O v e r v i e w Ensuring Enterprise Data Security with Secure Mobile File Sharing. Accellion, Inc. Tel +1 650 485-4300 1804 Embarcadero Road Fax +1 650 485-4308 Suite
More informationData Security in a Mobile, Cloud-Based World
Data Security in a Mobile, Cloud-Based World Jacob Buckley-Fortin CEO ehana What we ll cover Trends Risks Recommendations 1 Trends Mobile Has Taken Over Trend #1 2 3 450 million users worldwide Adopted
More informationHow to Secure Your Environment
End Point Security How to Secure Your Environment Learning Objectives Define Endpoint Security Describe most common endpoints of data leakage Identify most common security gaps Preview solutions to bridge
More information