Working Together Managing and Securing Enterprise Mobility WHITE PAPER. Larry Klimczyk Digital Defence P:
|
|
- Hilary Austin
- 8 years ago
- Views:
Transcription
1 Working Together Managing and Securing Enterprise Mobility WHITE PAPER Larry Klimczyk Digital Defence P:
2 Contents Executive Summary... 3 Introduction... 4 Security Requirements... 5 Authentication... 5 Encryption... 7 Encryption Type... 8 Encryption Speed Tests... 9 Write Speed Test Read Speed Test Enhanced Encryption with Secure Mobile Secure Mobile Encryption Features Application Lock-Down User Interface Lock-Down Authentication Encryption Application Lockdown External Communications Protection Secure Mobile Feature Summary Table Page 2
3 Executive Summary Enterprise and government organisations are empowering their people with mobile technology at an ever increasing rate of deployment. By itself, the sheer number of devices with access to company resources and valuable data presents a tremendous task for even the best equipped network administration department to contend with. To make the situation even more challenging and complicated are BYOD (Bring Your Own Device) initiatives finding their way into many organizations as a way to decrease overall hardware TCO (Total Cost of Ownership) the enterprise typically bears. Increasingly these organisations need to ensure that the tools used in the field are both effective and secure and can be centrally managed for applications and security. As the risk of loss or theft of the mobile devices is much higher than traditional desk top computers, the data contained in the deployment of mobile devices must be secured. This includes data on the devices themselves and data on any removable storage such as SD cards and USB memory sticks, which are even more likely to be lost or stolen. The two primary players in mobile security and device management are Digital Defence and SOTI. Digital Defence produces Secure Mobil, Secure PC, and Secure Access Control, while SOTI develops industry-leading Mobile Device Management (MDM), Mobile Content Management (MCM), Mobile Management (MEM), Mobile Application Management (MAM) and Mobile Security Management (MSM) solutions. The scope of this paper will focus on a collaboration of Digital Defence Secure Mobile and SOTI MobiControl. Secure Mobile is positioned in the global market for organizations that require mobile security solutions that work without interrupting the day to day mobility needs of the user. Furthermore, Secure Mobile uses a unique architecture that is invisible to the user and won t impede device performance. SOTI boasts over 80,000 customers worldwide using their award-winning MobiControl to enhance enterprise mobility and enable Bring Your Own Device (BYOD) initiatives. MobiControl manages the deployment of mobile devices and contains a set of tools to maintain the protection of data at rest and in transit. This document focuses on the protection of data at rest as this is the functionality provided by Secure Mobile, as well as the protection of Windows Mobile devices, as Page 3
4 this is the platform that is, today supported by Secure Mobile. In addition, this document aims to show how SOTI s MobiControl and Digital Defence s Secure Mobile work together to provide world class mobile device management and comprehensive FIPS approved encryption, authentication and access control. Each sub-section of the Security Requirements section will analyse a security requirement highlight the additional features when MobiControl is enhanced with Secure Mobile. Introduction Digital Defence s Secure Mobile and SOTI s MobiControl each offer a robust set of features as outlined below. However, there are critical areas where Secure Mobile helps improve the capabilities and features of MobiControl. These will be discussed in more detail later. SECURE MOBILE Enterprise Mobility Validated Security Solution from MOTOROLA Central Control of Black and White Listing of Applications and Wireless Connections. Invisible to User by Residing Under the OS. Transparent Technology Not Visible to User. Excellent Device Performance with Less Than 2% CPU cycles during Encrypting or Decrypting operations. Data Encrypted and Decrypted at Bit Level Without Device Interruption. Device authentication through LDAP Integration Allowing Connection to Remote User Credential Validation. First to Market with Fingerprint User Authentication. Back Office Control and Deployment of Security Policies through the Centralized Management Console. Single Sign-On allowing Automatic File Decryption. File and Folder Level Encryption. 100% Customer Support Customer Driven Feedback System that Drives Further Application Page 4
5 Development. Federal Information Processing Standard (FIPS) Accredited Enforceable User Authentication using Password Strength and LDAP Access Criteria. File Level Encryption using either a Simple or AES Algorithm. Mobile Device Application Blockage. Mobile Device Feature Blockage such as ActiveSync, Camera, Bluetooth, Phone, and Infrared. Phone Number Blockage for Incoming and Outgoing Calls. User Interface Lock Down to Customize the Look and Feel of a Mobile Device. Help Desk Remote Control Feature. Web Filter Policy Controls Location and Geofencing Services. Telcom Expense Management Tools. Certificate Management. Asset Management features for both mobile device hardware and software. Multi-Platform Administration including ios, Android, and Windows, Security Requirements In a brief review of both product offerings, it is clear that each has a robust set of features for mobile device deployment in the enterprise environment. However, there are four areas that deserve specific attention. Authentication To help ensure the right person has access to the right resources at the right time, authentication techniques are utilized for appropriate control. SOTI s MobiControl makes numerous provisions for User Authentication. Page 5
6 ActiveSync Protection o Connecting a PC to the Mobile Device using ActiveSync does not require any authentication. Registry entries and files, including encrypted files, are accessible via a connected PC providing a back door approach to access sensitive data and files. o There is no option to ensure only specific PC s can connect to a mobile device. Password Expiration With Secure Mobile there is the additional option of requiring the password to be changed after a specific period. Password History Protection o There is no available method to force users to choose different passwords each time they change the password. Secure Mobile provides for protection of the mobile device password history information. User Inactivity Controls o Numerous mobile device applications, such as Sat-Nav applications, require time interval access that may not work user inactivity policies. Under these conditions, it would not be desirable for the mobile device to lock after a period of inactivity. Secure Mobile allows for the selection of specific applications that can override the user inactivity lockout setting. Grace Period Support o Secure Mobile provides the user with a grace period from the time a mobile device is turned off (standby mode) to the time the mobile device is turned back on. The grace period does not require user authentication. Full Screen, Large Button, Quick Input Customization o Due to the small size of mobile devices, it can be cumbersome to enter a password into a small on-screen keyboard. It is desirable for the full screen to be utilized in order to provide larger input buttons for faster password entry, of which Digital Defence provides for. Biometric Support o Due to the cumbersome nature of entering a password into a small screen, it is desirable to provide an alternative and faster method for user Page 6
7 authentication. Secure Mobile supports the use of biometric input devices such as a fingerprint reader. Encryption S e c u r i t y F e a t u r e s C o m p a r i s o n Password Fingerprint Cryptographic Card LDAP Integration Enforce Password Enforce Password Expiration Enforce Password History Custom Password Full-Screen Input Grace Period Auto-Off Lock Screen Auto-Off-Disabled during specific active applications ActiveSync Authentication Logging Wipe Device After Failed Attempts F = Future Feature Secure Mobile Encryption policies are used to enforce the encryption of files on a mobile device. Once a file is encrypted, it is decrypted in real-time. The Administrator Authentication and User Authentication must be enabled before this security feature can be enabled. The benefits of encryption include individual file management, access control enforcement, data protection using public domain Internet access points, and the prevention of unauthorized access. F F Page 7
8 Once the policy has been sent to a mobile device, the appropriate files are encrypted in the background. Access to the encrypted files is seamless to the user; the user password authenticates access to the encrypted files. An encrypted file contains extra header information at the start of the file. The original contents of the file are encrypted using encryption key information stored on the mobile device. The header details describe which segments of the file have been encrypted. This allows a partially encrypted file to be accessed by the user. The type of encryption can be setup within Digital Defence s Secure Mobile Configuration Profile. ENCRYPTION TYPE o Simple - used for quick encryption (WEAKEST) Page 8
9 o AES256 (Fixed Password) STRONG. Using this type generates a password that will be permanently used to protect the encryption key. This method does not require user intervention. o AES256 STRONGEST. A password is chosen and must be verified by the user of the mobile device. This method requires user intervention. A Configuration Profile can only be setup on a mobile device via barcode provisioning. This presents a potential operational issue. If the security policy of an organisation changes to require a new encryption algorithm, then all mobile devices need to be recalled. The most efficient method to install AES encryption on all mobile devices would be to clone one mobile device and send out the clone to the population of mobile devices. Encryption Speed Tests A very important aspect of any security policy is the enforcement of encryption on sensitive data. In order for an encryption policy to become effective, the encrypted data should be accessed in real-time and be seamless to the user. The efficiency of encryption can be assessed by executing read and write operations and comparing the access times to those achieved by a mobile device without any encryption. While a typical application will not read and write to storage continuously, this test gives an indication to the efficiency, and therefore usability, of the encryption. The encryption test forces each read and write to be completed to the physical storage (i.e. no caching of data). This ensures that the speed of encryption is fully examined. The following tables show the speed test results of SOTI s encryption compared to the default encryption provided by Windows Mobile and the encryption provided by Secure Mobile. The speed tests were completed on a Motorola ES400 device. The SOTI simple encryption algorithm was chosen for comparison to show the most simple, much weaker, encryption access speed. As can be seen by the tests, SOTI encryption has a very large impact on the usability of the mobile device. The general operation of encrypted SOTI files, however, does not appear to have a large impact on the performance of the mobile device. This indicates that SOTI uses caching Page 9
10 of data to improve the speed of the mobile device. This opens up the vulnerability of sensitive data being held in the mobile device s memory in plain unencrypted form. WRITE SPEED TEST File Size 16KB 128KB 1MB 8MB 128MB Performance Hit No x1.00 Encryption WM AES x2.96 SOTI Simple x52.82 Secure Mobile x3.57 READ SPEED TEST File Size 16KB 128KB 1MB 8MB 128MB Performance Hit No x1.00 Encryption WM AES x2.79 SOTI Simple x Secure Mobile x3.26 Enhanced Encryption with Secure Mobile Digital Defence s Secure Mobile offers these market leading features: File types. Encryption happened on any.exe,.dll, or.bin files. o No matter what the contents are, these file types are encrypted by Secure Mobile. The data inside these file types may simply be executable content, however the data may also be sensitive. Particularly in the case of.bin files. Even an executable file can become sensitive, as in the case of proprietary software. o Keeping these file types secure will help achieve a high level security certification. Page 10
11 o Filename encryption. Secure Mobile encrypts the file s contents and the filename. A filename in many cases contains information relating to the content. Simply knowing a filename could lead to targeted decryption attempts. Keeping the filename secure will help achieve a high level security certification. Authentication. Secure mobile enforces User Authentication on the mobile device and also enforces a PC connection (to the mobile device) to require User Authentication. This prevents an attacker from connecting a mobile device to a PC and simply accessing all the encrypted files as if they are plain un-encrypted ones. Encryption Key Duplication. Secure Mobile creates a different encryption key for every file that is encrypted on the device. If one file can be decrypted, which is highly unlikely, only the data contained in that individual file will be accessed. With Secure Mobile, each file has to be separately decrypted using the a unique algorithm and key value. Application White / Black Listing. Secure Mobile sets rules around what applications can be either White Listed (allowed to access encrypted data) or Black Listed (never allowed to access encrypted data). Secure Mobile is agnostic to what applications are on the device, it simply controls what applications can access encrypted data. SECURE MOBILE ENCRYPTION FEATURES Security Feature Secure Mobile Filename Unique Encryption Key.exe encryption.bin encryption.dll encryption ActiveSync authentication Application authentication Guaranteed encryption Benchmark Speed (Write) x3.5 Benchmark Speed (Read) X3.25 Encryption Algorithm AES 128 and 256 bit FIPS 197 Approved Real-time encryption Encryption Support Tools Page 11
12 Device Authentication enforcement Memory Card Encryption Onboard Persistent Storage Encryption Application Lock-Down An Application on a Windows Mobile device is capable of performing many tasks and operations potentially harmful to the mobile device and its connected network. Therefore, it is desirable to disable unnecessary applications from being executed. It may also be desirable to disable applications from accessing encrypted data. Black List. A list of applications that are not allowed to be executed on the mobile device. White List. A list of applications that are allowed to be executed on the mobile device. This is a potentially dangerous list to include on controlled mobile device, as critical platform applications can be disabled from use. Security Feature Secure Mobile Application White List Application Black List Encryption Blocking Block Bluetooth White List Bluetooth Block Wi-Fi (WLAN) White List Wi-Fi Block Cellular Data (WWAN) White List Cellular Data F Block PC Connection (ActiveSync) Block USB White List USB Block Camera Page 12
13 Block Phone Numbers White List Phone Numbers * - Wi-Fi and Cellular Data Networks can be selectively allowed or completely blocked by setting up a Configuration Profile and locking down the User Interface. - ActriveSynccan be blocked by disabling the appropriate application, or selectively blocking the appropriate USB connection type. F Future feature. User Interface Lock-Down A Windows Mobile device is a generic device capable of performing many diverse tasks. This opens up the device to the threat of many types of security attacks. In an operational sense, there is also the possibility that the workforce is not using a mobile device to its full efficiency (i.e. workers using the device for personal related activities). SOTI MobiControl provides the capability to lock down the interface available to the user. This ensures a mobile device is used for its workforce application only, and also prevents the user from introducing security vulnerabilities. This capability is provided by the Lockdown Policy. Authentication Secure Mobile offers large input buttons for fast input and provides fingerprint integration. Secure Mobile enforces device authentication before an ActiveSync connection is being made. Retrieving any encrypted data from the mobile device is not possible via ActiveSync, including encrypted data. Secure Mobile has the feature of forcing user passwords to expire after a period to enforce the use of rolling passwords, adding an additional level of security. Page 13
14 Encryption MobiControl provides the capability to encrypt files on a mobile device. Once the files have been encrypted, they are accessed by any application in real-time without any extra steps required from the application or the user. The requirement for User Authentication ensures that only an authorised user can access any encrypted data; of course it s still possible to connect a PC to the mobile device, via ActiveSync, without any requirement for user authentication.. This vulnerability can be mitigated by disabling the use of ActiveSync. Although MobiControl can enforce the use of encrypted files in any folder of the mobile device, it does not encrypt.exe,.dll, or.bin file extensions. These file types become vulnerable to attack; it s still possible for sensitive data to be contained inside these file types. MobiControl encrypts files in the background, so it is not known when all files are encrypted at a given point in time. When there is a read or write of encrypted data to physical storage, there is a huge impact on system performance. Although the contents of the files are encrypted, the filenames are not; exposing the filename can result in access to sensitive information contained in the filename. MobiControl does not provide a mechanism to prevent specific applications from accessing encrypted data. Summarised MobiControl s Encryption provides good protection for specific files. It does not provide full protection of all data, which is required for many certifications. If does not provide a complete suite of tools to assist the management of encryption. Physical access of encryption is slow; hence much work is done in the background leading to sensitive data held in memory unencrypted. Page 14
15 Application Lockdown MobiControl provides the capability to block applications from being executed; it also provides the capability to setup a list of applications, of which only they can be executed. This provides a method to ensure the users of the mobile devices are only using the devices for work related activities and also prevents rogue applications from being executed. MobiControl does not provide a mechanism to protect encrypted data from unknown applications. Summarised MobiControl effectively locks out applications from being accessed by a user, however if does not provide the same capability to lockout applications from accessing encrypted data. EXTERNAL COMMUNICATIONS PROTECTION MobiControl provides the capability to disable features of a mobile device relating to external data communications. This capability protects security vulnerabilities emanating from external sources. MobiControl does not provide any method for blocking the connection of USB devices, except for the prevention of using ActiveSync. USB devices are capable of sending and receiving data, therefore presenting a security risk. MobiControl does not provide a method for generally or selectively blocking Wi-Fi, Bluetooth, or Cellular Data. MobiControl can lock down the User Interface, thereby blocking any chance for the user to setup any external connections. Pre-defined external connection settings can be setup using a Configuration Profile. This combination is the only way of creating a White List of external connections. Page 15
16 Summarised MobiControl provides the capability to disable some external communications from being used, however it does not provide full disablement nor does it provide customisation for specific external communication channels to be used. It does, however, allow the User Interface to be locked out from the user; thereby effectively providing the customisation of external communication channels (via a Configuration Profile). Secure Mobile Feature Summary Table The following table summarizes the features provided by Digital Defence Secure Mobile. Security Feature Authentication Password Fingerprint Cryptographic Card LDAP Integration Enforce Password Strength Enforce Password expiration Enforce Password History Grace Period Custom Password Full-Screen Input Screen Auto-Off Lock Screen Auto-Off Disabled during specific active applications ActiveSync authentication Logging Wipe Device after x failed attempts Secure Mobile F F Page 16
17 Encryption Filename Unique Encryption Key.exe encryption.bin encryption.dll encryption ActiveSync authentication Application authentication Guaranteed encryption Benchmark Speed (Write) X3.5 Benchmark Speed (Read) X3.25 Encryption Algorithm AES 128bit Real-time encryption Encryption Support Tools Device Authentication enforcement Memory Card Encryption Onboard Persistent Storage Encryption Application Lockdown Application White List Application Black List Encryption Blocking Communications Lockdown Block Bluetooth White List Bluetooth Block Wi-Fi (WLAN) White List Wi-Fi Block Cellular Data (WWAN) White List Cellular Data F Block PC Connection (ActiveSync) Block USB Page 17
18 White List USB Block Camera Block Phone Numbers White List Phone Numbers - ActiveSync can be blocked by disabling the appropriate application, or selectively blocking the appropriate USB connection type. F -Future feature. Page 18
Security Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0
Security Guide BlackBerry Enterprise Service 12 for ios, Android, and Windows Phone Version 12.0 Published: 2015-02-06 SWD-20150206130210406 Contents About this guide... 6 What is BES12?... 7 Key features
More informationBlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note
BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise
More informationRemote MasterMind for Mobility. Mobile Device Management Software
Remote MasterMind for Mobility Mobile Device Management Software Remote MasterMind for Mobility You have mobility devices in locations all across the area, state, or country. They are constantly on the
More informationRemote MasterMind for Mobility 2.5. Mobile Device Management Software
Remote MasterMind for Mobility 2.5 Mobile Device Management Software Remote MasterMind for Mobility 2.5 You have mobility devices in locations all across the area, state, or country. They are constantly
More informationRemote MasterMind 3.0. Mobile Device & Bar Code Scanner Management Solution
3.0 Mobile Device & Bar Code Scanner Management Solution is Honeywell s 3.0 You have mobility and bar code scanning devices in locations all across your enterprise. They are constantly on the move or situated
More informationCOMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING
COMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING INFORMATION TECHNOLOGY STANDARD Name Of Standard: Mobile Device Standard Domain: Security Date Issued: 09/07/2012 Date Revised:
More informationENTERPRISE MOBILITY MANAGEMENT & REMOTE ACCESS SOLUTIONS
ENTERPRISE MOBILITY MANAGEMENT & REMOTE ACCESS SOLUTIONS Secure Remote Desktop & Application Access Mobile Device Management Mobile Content Management Mobile Email & PIM Secure Mobile Containerization
More informationCHOOSING THE RIGHT PORTABLE SECURITY DEVICE. A guideline to help your organization chose the Best Secure USB device
CHOOSING THE RIGHT PORTABLE SECURITY DEVICE A guideline to help your organization chose the Best Secure USB device Introduction USB devices are widely used and convenient because of their small size, huge
More informationSecurely. Mobilize Any Business Application. Rapidly. The Challenge KEY BENEFITS
Mobilize Any Business Application. Rapidly. Securely. The Challenge Today's enterprises are increasingly leveraging mobility solutions to improve productivity, decrease response times and streamline operational
More informationBYOD: BRING YOUR OWN DEVICE.
white paper BYOD: BRING YOUR OWN DEVICE. On-boarding and Securing Devices in Your Corporate Network Preparing Your Network to Meet Device Demand The proliferation of smartphones and tablets brings increased
More informationTechnoLabs Software Services Pvt Ltd. Enterprise Mobility - Mobile Device Security
Enterprise Mobility - Mobile Device Security Story Context: TechnoLabs has been focusing and offers Enterprise Mobility as one of its solution offering. No can deny the fact that mobile computing can bring
More informationAndroid for the Enterprise Ge#ng from Here to There
Android for the Ge#ng from Here to There 1 Overview addresses enterprise needs: security and device management. 2 Overview pla6orm server so4ware 3 Overview 4 Use cases 5 Use cases Loss Remediation Minimize
More informationSecurity Architecture Whitepaper
Security Architecture Whitepaper 2015 by Network2Share Pty Ltd. All rights reserved. 1 Table of Contents CloudFileSync Security 1 Introduction 1 Data Security 2 Local Encryption - Data on the local computer
More informationENTERPRISE MOBILITY MANAGEMENT & REMOTE ACCESS SOLUTIONS
ENTERPRISE MOBILITY MANAGEMENT & REMOTE ACCESS SOLUTIONS Secure Remote Desktop & Application Access Mobile Device Management Mobile Content Management Mobile Email & PIM Secure Mobile Containerization
More informationZenprise Device Manager 6.1.5
Zenprise Device Manager 6.1.5 CLIENT GUIDE Rev 6.1.50 Introduction 2 ZENPRISE DEVICE MANAGER 6.1 CLIENT GUIDE 2011 Zenprise, Inc. All rights reserved. This manual, as well as the software described in
More informationRemote MasterMind 4.0
4.0 Remote Device Management Solution is Honeywell s 4.0 You have a mix of corporate-owned mobile devices and bar code scanning equipment and employeeowned consumer mobile devices in locations all across
More informationSamsung Mobile Security
Samsung Mobile Security offering enhanced core capabilities for enterprise mobility Samsung Enterprise Mobility Enterprise-ready Mobility management for your business Samsung Mobile Security offers enterprise
More informationMobile Data Security Essentials for Your Changing, Growing Workforce
Mobile Data Security Essentials for Your Changing, Growing Workforce White Paper February 2007 CREDANT Technologies Security Solutions White Paper YOUR DYNAMIC MOBILE ENVIRONMENT As the number and diversity
More informationSOTI Inc. Presents. Andrew Aldis - Presale and professional service engineer jayp@soti.net. www.soti.net
SOTI Inc. Presents Andrew Aldis - Presale and professional service engineer jayp@soti.net www.soti.net World s Most Trusted MDM Vendor 12,000+ customers, millions of devices managed worldwide Since 1995,
More informationMobile Mobile Security COPYRIGHT 2014 INTUITION ALL RIGHTS RESERVED. Copyright 2014 Intuition
Mobile Mobile Security COPYRIGHT 2014 INTUITION ALL RIGHTS RESERVED 1 Background Traditionally, security has not been a high priority for e-learning; as such content was hosted and only accessible at the
More informationSolving the Online File-Sharing Problem Replacing Rogue Tools with the Right Tools
White Paper Solving the Online File-Sharing Problem Replacing Rogue Tools with the Right Tools Introduction The modern workforce is on the hunt for tools that help them get stuff done. When the technology
More informationAssessing the Security of Hardware-Based vs. Software-Based Encryption on USB Flash Drives
Assessing the Security of Hardware-Based vs. Software-Based Encryption on USB Flash Drives Main Line / Date / Etc. June May 2008 2nd Line 80-11-01583 xx-xx-xxxx Revision 1.0 Tagline Here Table of Contents
More informationWhitepaper Enhancing BitLocker Deployment and Management with SimplySecure. Addressing the Concerns of the IT Professional Rob Weber February 2015
Whitepaper Enhancing BitLocker Deployment and Management with SimplySecure Addressing the Concerns of the IT Professional Rob Weber February 2015 Page 2 Table of Contents What is BitLocker?... 3 What is
More informationGet Tough with Mobile Device Management
Get Tough with Mobile Device Management Franke Martinez Director, Regulated Industries SOTI Shwetank Bharati Director, OEM SOTI Doug Havemann Solutions Architect Panasonic SOTI is the Worlds Most Trusted
More informationSecuring Corporate Email on Personal Mobile Devices
Securing Corporate Email on Personal Mobile Devices Table of Contents The Impact of Personal Mobile Devices on Corporate Security... 3 Introducing LetMobile Secure Mobile Email... 3 Solution Architecture...
More informationEnterprise Mobility as a Service
Service Description: Insert Title Enterprise Mobility as a Service Multi-Service User Management for Mobility 1. Executive Summary... 2 2. Enterprise Mobility as a Service Overview... 3 3. Pricing Structure...
More informationEnterprise Mobile Device Management
SOTI MobiControl Enterprise Mobile Device Management Manage Support Secure Monitor Track SOTI Inc., a leader in Enterprise Mobile Device Management for over 10 years, has sold millions of licenses to more
More informationManaging Mobile Devices Over Cellular Data Networks
Managing Mobile Devices Over Cellular Data Networks Best Practices Document Best Practices Document www.soti.net We Manage Mobility TABLE OF CONTENTS UNIQUE CHALLENGES OF MANAGING DEVICES OVER CELLULAR
More informationONE Mail Direct for Mobile Devices
ONE Mail Direct for Mobile Devices User Guide Version: 2.0 Document ID: 3292 Document Owner: ONE Mail Product Team Copyright Notice Copyright 2014, ehealth Ontario All rights reserved No part of this document
More informationMobile Device Management for CFAES
Mobile Device Management for CFAES What is Mobile Device Management? As smartphones and other mobile computing devices grow in popularity, management challenges related to device and data security are
More informationFileCloud Security FAQ
is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file
More informationEnsuring the security of your mobile business intelligence
IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive
More informationSecurity Technical. Overview. BlackBerry Enterprise Service 10. BlackBerry Device Service Solution Version: 10.2
BlackBerry Enterprise Service 10 BlackBerry Device Service Solution Version: 10.2 Security Technical Overview Published: 2014-09-10 SWD-20140908123239883 Contents 1 About BlackBerry Device Service solution
More informationFMCS SINGLE SIGN ON Overview and Installation Guide. November 2014. SSO-MNL-v3.0
FMCS SINGLE SIGN ON Overview and Installation Guide November 2014 SSO-MNL-v3.0 CONTENTS Introduction... 3 About Single Sign On... 3 Application Architecture... 4 Implementation Checklist... 5 Component...
More informationThe Encryption Anywhere Data Protection Platform
The Encryption Anywhere Data Protection Platform A Technical White Paper 5 December 2005 475 Brannan Street, Suite 400, San Francisco CA 94107-5421 800-440-0419 415-683-2200 Fax 415-683-2349 For more information,
More informationResco Mobile CRM Security
Resco Mobile CRM Security Out-of-the-box Security 1. Overview The Resco Mobile CRM application (client) communicates directly with the Dynamics CRM server. The communication uses standard Dynamic CRM Web
More informationBYOD Guidance: BlackBerry Secure Work Space
GOV.UK Guidance BYOD Guidance: BlackBerry Secure Work Space Published 17 February 2015 Contents 1. About this guidance 2. Summary of key risks 3. Secure Work Space components 4. Technical assessment 5.
More informationChris Boykin VP of Professional Services
5/30/12 Chris Boykin VP of Professional Services Future Com! 20 years! Trusted Advisors! Best of brand partners! Brand name customers! 1000 s of solutions delivered!! 1 5/30/12 insight to the future, bringing
More informationWICKSoft Mobile Documents for the BlackBerry Security white paper mobile document access for the Enterprise
WICKSoft Mobile Documents for the BlackBerry Security white paper mobile document access for the Enterprise WICKSoft Corporation http://www.wicksoft.com Copyright WICKSoft 2007. WICKSoft Mobile Documents
More informationHow To Secure Your Mobile Devices
SAP White Paper Enterprise Mobility Protect Your Enterprise by Securing All Entry and Exit Points How Enterprise Mobility Management Addresses Modern-Day Security Challenges Table of Contents 4 Points
More informationVs Encryption Suites
Vs Encryption Suites Introduction Data at Rest The phrase "Data at Rest" refers to any type of data, stored in the form of electronic documents (spreadsheets, text documents, etc.) and located on laptops,
More informationSymantec Mobile Management 7.2
Scalable, secure, and integrated device management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices in the workplace is outpacing that of any previous technology
More informationBENEFITS OF MOBILE DEVICE MANAGEMENT
BENEFITS OF MOBILE DEVICE MANAGEMENT White Paper 2013 SUMMARY OVERVIEW This white paper outlines the benefits of Mobile Device Management in different use cases. SyncShield is a Mobile Device Management
More informationiphone in Business Security Overview
iphone in Business Security Overview iphone can securely access corporate services and protect data on the device. It provides strong encryption for data in transmission, proven authentication methods
More informationEnova X-Wall LX Frequently Asked Questions
Enova X-Wall LX Frequently Asked Questions Q: What is X-Wall LX? A: X-Wall LX is the third generation of Enova real-time hard drive cryptographic gateway ASIC (Application Specific Integrated Circuit)
More informationSymantec Mobile Management for Configuration Manager 7.2
Symantec Mobile Management for Configuration Manager 7.2 Scalable, Secure, and Integrated Device Management Data Sheet: Endpoint Management and Mobility Overview The rapid proliferation of mobile devices
More informationSystem Configuration and Deployment Guide
System Configuration and Deployment Guide This guide provides information on...... Configuring an Organization using the Organization Wizard... Setting a default Policy Suite using the Organization Wizard...
More informationBlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 2. Feature and Technical Overview
BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 2 Feature and Technical Overview Published: 2010-06-16 SWDT305802-1108946-0615123042-001 Contents 1 Overview: BlackBerry Enterprise
More informationEMC DATA DOMAIN ENCRYPTION A Detailed Review
White Paper EMC DATA DOMAIN ENCRYPTION A Detailed Review Abstract The proliferation of publicized data loss, coupled with new governance and compliance regulations, is driving the need for customers to
More informationEasiShare Whitepaper - Empowering Your Mobile Workforce
Accessing files on mobile devices and sharing them with external parties presents serious security risks for companies. However, most current solutions are either too cumbersome or not secure enough for
More informationThe Challenge. The Solution. Achieve Greater Employee Productivity & Collaboration...while Protecting Critical Business Data
The Challenge The Solution Today's employees demand mobile access to office information in order to maximize their productivity and they expect that enterprise collaboration and communication tools should
More informationOvercoming Mobile Enterprise Security Challenges WHITE PAPER
` Overcoming Mobile Enterprise Security Challenges WHITE PAPER White Paper www.soti.net We Manage Mobility TABLE OF CONTENTS Executive Summary... 2 Protecting the corporate network and firewall... 3 Managing
More informationipad in Business Security
ipad in Business Security Device protection Strong passcodes Passcode expiration Passcode reuse history Maximum failed attempts Over-the-air passcode enforcement Progressive passcode timeout Data security
More informationSupplier Information Security Addendum for GE Restricted Data
Supplier Information Security Addendum for GE Restricted Data This Supplier Information Security Addendum lists the security controls that GE Suppliers are required to adopt when accessing, processing,
More informationXperia TM. Read about how Xperia TM devices can be administered in a corporate IT environment
peria TM in Business Mobile Device Management Read about how peria TM devices can be administered in a corporate IT environment Device management clients March 2015 Exchange ActiveSync The my peria service
More informationSecuring Corporate Data and Making Life Easier for the IT Admin Benefits of Pre Boot Network Authentication Technology
20140115 Securing Corporate Data and Making Life Easier for the IT Admin Benefits of Pre Boot Network Authentication Technology TABLE OF CONTENTS What s at risk for your organization? 2 Is your business
More informationCloud Services MDM. Email Management Admin Guide
Cloud Services MDM Email Management Admin Guide 10/27/2014 CONTENTS Email Management... 2 Email Compliance Policies... 3 Email Policies... 4 Attachment Security Policies... 8 Attachment Security Policies
More informationSecureD Technical Overview
WHITEPAPER: SecureD Technical Overview WHITEPAPER: SecureD Technical Overview CONTENTS section page 1 The Challenge to Protect Data at Rest 3 2 Hardware Data Encryption Provides Maximum Security 3 3 SecureD
More information1 Mobile Device Management
roduct Service Description 1 Mobile Device Management Mobile Device Management (MDM) is the process of monitoring, configuring, and securing mobile devices over-the-air (OTA). Hardware and software technologies
More informationWe Manage Mobility. www.soti.net. Manage Secure Support Monitor Track. Balhar Dosangh Director, Strategic Alliances balhar@soti.
We Manage Mobility Manage Secure Support Monitor Track Balhar Dosangh Director, Strategic Alliances balhar@soti.net www.soti.net MOBILE DEVICE MANAGEMENT THE LANDSCAPE WE PREDICT THROUGH 2017, 90% OF
More informationSENSE Security overview 2014
SENSE Security overview 2014 Abstract... 3 Overview... 4 Installation... 6 Device Control... 7 Enrolment Process... 8 Authentication... 9 Network Protection... 12 Local Storage... 13 Conclusion... 15 2
More informationTroubleshooting BlackBerry Enterprise Service 10 version 10.1.1 726-08745-123. Instructor Manual
Troubleshooting BlackBerry Enterprise Service 10 version 10.1.1 726-08745-123 Instructor Manual Published: 2013-07-02 SWD-20130702091645092 Contents Advance preparation...7 Required materials...7 Topics
More informationEmbracing BYOD. Without Compromising Security or Compliance. Sheldon Hebert SVP Enterprise Accounts, Fixmo. Sheldon.Hebert@fixmo.
Embracing BYOD Without Compromising Security or Compliance The Mobile Risk Management Company Sheldon Hebert SVP Enterprise Accounts, Fixmo Sheldon.Hebert@fixmo.com New Realities of Enterprise Mobility
More informationDeploying iphone and ipad Security Overview
Deploying iphone and ipad Security Overview ios, the operating system at the core of iphone and ipad, is built upon layers of security. This enables iphone and ipad to securely access corporate services
More informationNavigating Endpoint Encryption Technologies
Navigating Endpoint Encryption Technologies Whitepaper November 2010 THIS WHITE PAPER IS FOR INFORMATIONAL PURPOSES ONLY, AND MAY CONTAIN TYPOGRAPHICAL ERRORS AND TECHNICAL INACCURACIES. THE CONTENT IS
More informationFeature List for Kaspersky Security for Mobile
Feature List for Kaspersky Security for Mobile Contents Overview... 2 Simplified Centralized Deployment... 2 Mobile Anti-Malware... 3 Anti-Theft / Content Security... Error! Bookmark not defined. Compliance
More informationSOOKASA WHITEPAPER SECURITY SOOKASA.COM
SOOKASA WHITEPAPER SECURITY SOOKASA.COM Sookasa Overview Sookasa was founded in 2012 by a team of leading security experts. The company s patented file-level encryption enables enterprises to protect data
More informationFeature and Technical
BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 4 Feature and Technical Overview Published: 2013-11-07 SWD-20131107160132924 Contents 1 Document revision history...6 2 What's
More informationBYOD. and Mobile Device Security. Shirley Erp, CISSP CISA November 28, 2012
BYOD and Mobile Device Security Shirley Erp, CISSP CISA November 28, 2012 Session is currently being recorded, and will be available on our website at http://www.utsystem.edu/compliance/swcacademy.html.
More informationPRIME IDENTITY MANAGEMENT CORE
PRIME IDENTITY MANAGEMENT CORE For secure enrollment applications processing and workflow management. PRIME Identity Management Core provides the foundation for any biometric identification platform. It
More informationInnovative Secure Boot System (SBS) with a smartcard.
Managed Security Services Desktop Security Services Secure Notebook Desktop Security Services. Secure Notebook. Today s business environment demands mobility, and the notebook computer has become an indispensable
More informationSECURING TODAY S MOBILE WORKFORCE
WHITE PAPER SECURING TODAY S MOBILE WORKFORCE Connect, Secure, and Manage Mobile Devices and Users with Junos Pulse and the Junos Pulse Mobile Security Suite Copyright 2011, Juniper Networks, Inc. Table
More informationSECURING ENTERPRISE NETWORK 3 LAYER APPROACH FOR BYOD
SECURING ENTERPRISE NETWORK 3 LAYER APPROACH FOR BYOD www.wipro.com Table of Contents Executive Summary 03 Introduction 03 Challanges 04 Solution 05 Three Layered Approach to secure BYOD 06 Conclusion
More informationGlobal security intelligence. YoUR DAtA UnDeR siege: DeFenD it with encryption. #enterprisesec kaspersky.com/enterprise
Global security intelligence YoUR DAtA UnDeR siege: DeFenD it with encryption #enterprisesec kaspersky.com/enterprise Contents Your Data Under Siege: Defend it with Encryption 3 Steps Taken to Minimise
More informationWindows Phone 8.1 Mobile Device Management Overview
Windows Phone 8.1 Mobile Device Management Overview Published April 2014 Executive summary Most organizations are aware that they need to secure corporate data and minimize risks if mobile devices are
More informationEnterprise Mobility Management
SOTI MobiControl Enterprise Mobility Management MANAGE SUPPORT SECURE MONITOR TRACK SOTI Inc. is the world s most trusted provider of MDM solutions with over 12,000 enterprise deployments, managing millions
More informationSimplySecure TM Architecture & Security
Technical Whitepaper SimplySecure TM Architecture & Security Specifications, compliance and certification considerations for the IT Professional Rob Weber November 2014 Foreward First-in-class web-managed
More informationThree Best Practices to Help Government Agencies Overcome BYOD Challenges
WHITE PAPER This paper discusses how IT managers in government can address the challenges of the new Bring-Your-Own-Device (BYOD) environment as well as best practices for ensuring security and productivity.
More informationCloud Services MDM. ios User Guide
Cloud Services MDM ios User Guide 10/24/2014 CONTENTS Overview... 3 Supported Devices... 3 System Capabilities... 3 Enrollment and Activation... 4 Download the Agent... 4 Enroll Your Device Using the Agent...
More informationHow To Manage A Corporate Device Ownership (Byod) On A Corporate Network (For Employees) On An Iphone Or Ipad Or Ipa (For Non-Usenet) On Your Personal Device
Empowering BYOD and Mobile Security in the Enterprise Jeff Baum, APAC Managing Director Growth of Mobile Mobile worker population will reach 1.3 Billion in 2015 Source: IDC Worldwide Mobile Worker Population
More informationACER ProShield. Table of Contents
ACER ProShield Table of Contents Revision History... 3 Legal Notices... 4 Executive Summary... 5 Introduction... 5 Protection against unauthorized access... 6 Why ACER ProShield... 7 ACER ProShield...
More informationSecuring Patient Data in Today s Mobilized Healthcare Industry. A Good Technology Whitepaper
Securing Patient Data in Today s Mobilized Healthcare Industry Securing Patient Data in Today s Mobilized Healthcare Industry 866-7-BE-GOOD good.com 2 Contents Executive Summary The Role of Smartphones
More informationCPNI VIEWPOINT CONFIGURING AND MANAGING REMOTE ACCESS FOR INDUSTRIAL CONTROL SYSTEMS
CPNI VIEWPOINT CONFIGURING AND MANAGING REMOTE ACCESS FOR INDUSTRIAL CONTROL SYSTEMS MARCH 2011 Acknowledgements This Viewpoint is based upon the Recommended Practice: Configuring and Managing Remote Access
More informationService Overview CloudCare Online Backup
Service Overview CloudCare Online Backup CloudCare s Online Backup service is a secure, fully automated set and forget solution, powered by Attix5, and is ideal for organisations with limited in-house
More informationKaspersky Security for Mobile Administrator's Guide
Kaspersky Security for Mobile Administrator's Guide APPLICATION VERSION: 10.0 SERVICE PACK 1 Dear User, Thank you for choosing our product. We hope that you will find this documentation useful and that
More informationHow To Protect Your Mobile Devices From Security Threats
Back to the Future: Securing your Unwired Enterprise By Manoj Kumar Kunta, Global Practice Leader - Security Back to the Future: Securing your Unwired Enterprise The advent of smartphones and tablets has
More informationRFI Template for Enterprise MDM Solutions
RFI Template for Enterprise MDM Solutions 2012 Zenprise, Inc. 1 About This RFI Template A secure mobile device management solution is an integral part of any effective enterprise mobility program. Mobile
More informationThree Best Practices to Help Enterprises Overcome BYOD Challenges
WHITE PAPER Three Best Practices to Help Enterprises Overcome BYOD Challenges Nearly 80% of white-collar workers in the United States use a mobile device for work and approximately 95% of IT organizations
More informationArchitecture and Data Flow Overview. BlackBerry Enterprise Service 10 721-08877-123 Version: 10.2. Quick Reference
Architecture and Data Flow Overview BlackBerry Enterprise Service 10 721-08877-123 Version: Quick Reference Published: 2013-11-28 SWD-20131128130321045 Contents Key components of BlackBerry Enterprise
More informationHands on, field experiences with BYOD. BYOD Seminar
Hands on, field experiences with BYOD. BYOD Seminar Brussel, 25 september 2012 Agenda Challenges RIsks Strategy Before We Begin Thom Schiltmans Deloitte Risk Services Security & Privacy Amstelveen tschiltmans@deloitte.nl
More informationMaaS360 Mobile Enterprise Gateway
MaaS360 Mobile Enterprise Gateway Administrator Guide Copyright 2014 Fiberlink, an IBM Company. All rights reserved. Information in this document is subject to change without notice. The software described
More informationBest Practice Document Hints and Tips
Marshal Ltd. Date: 02/06/2007 Marshal EndPoint Security From Best Practice Document Hints and Tips Marshal Software Ltd CSL 005 Marshal EndPoint Security Best Practice (2) Privacy Control: None Version:
More informationHow To Manage A Mobile Device Management (Mdm) Solution
Mobile Device Management Buyers Guide IT departments should be perceived as the lubricant in the machine that powers an organization. BYOD is a great opportunity to make life easier for your users. But
More informationSalesforce1 Mobile Security Guide
Salesforce1 Mobile Security Guide Version 1, 1 @salesforcedocs Last updated: December 8, 2015 Copyright 2000 2015 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of salesforce.com,
More informationCortado Corporate Server
Cortado Corporate Server 100 % On Premise Installed & Run Entirely On Your Corporate Network Feature Mobile Device Device Policy Application E-mail Push Wi-Fi Configuration Push Enable secure BYOD and
More informationTouchDown for Android
Information Technology Solutions TouchDown for Android Manage Corporate Exchange Email While Keeping Company Data Safe SECURITY FIRST TouchDown runs on the Android platform and extends the security model
More informationKaspersky Security for Mobile
Kaspersky Security for Mobile See. Control. Protect. MOVING TARGETS Mobile devices play a key role in connectivity and productivity. But they also introduce new risks to the business: in the past 12 months
More informationBYOD BEST PRACTICES GUIDE
BYOD BEST PRACTICES GUIDE 866.926.8746 1 www.xantrion.com TABLE OF CONTENTS 1 Changing Expectations about BYOD... 3 2 Mitigating the Risks... 4 2.1 Establish Clear Policies and Expectations... 4 2.2 Create
More informationKony Mobile Application Management (MAM)
Kony Mobile Application Management (MAM) Kony s Secure Mobile Application Management Feature Brief Contents What is Mobile Application Management? 3 Kony Mobile Application Management Solution Overview
More informationImplementation of Operator Authentication Processes on an Enterprise Level. Mark Heard Eastman Chemical Company
Implementation of Operator Authentication Processes on an Enterprise Level Mark Heard Eastman Chemical Company Presenter Mark Heard, Eastman Chemical Company Control System Engineer Experience with several
More information