The Seven Habits of State-of-the-Art Mobile App Security
|
|
- Job Cross
- 8 years ago
- Views:
Transcription
1 #mstrworld The Seven Habits of State-of-the-Art Mobile App Security Mobile Security 8 July 2014 Anand Dwivedi, Product Manager, MicroStrategy strworld
2 Agenda - Seven Habits of State of the Art Mobile App Security Mobile Security in General Risks 7 Pillars to be Considered Modern Protocols and Methods Secure Architecture Models VPN HTTPS Enhanced MicroStrategy Model MicroStrategy Configuration Options Device Application Mobile Server
3 Mobile Security Risks? Yet another exposure point Devices may be lost or stolen BYOD (Bring your own device) Jailbreak/rooting easy to achieve Not so Much! Control Technical community is actively searching for weaknesses in smart-phone security Malware threat is growing Hackers may compromise confidential data from the device and recover passwords
4 Mobile Security Risks? - Cont d Servers exposed to the Internet are subject to web-based attacks Unauthorized users may gain access to your system Impostors may engage in deception under a false identity Denial of service may bring down the server WiFi connections can be compromised WEP (Wired Equivalent Privacy) Most common protocol Currently considered not secure WPA (WiFi Protected Access) Used in commercial WiFi systems Extremely difficult to compromise
5 What kind of data can be compromised? Names, Telephone Numbers - Contact Information Addresses Text Messages Notes Browser history Application Data (Financial Numbers, Forecasts) Trade Secrets...And On
6 How can Mobile Security Risks be Mitigated? Seven Pillars of a Mobile Security Model: ISP Router 1. Communications Security 2. Authentication 3. Device Security 4. Data Security 5. Network Security 6. Application Security 7. Operations Security Processes LDAP Server DMZ MicroStrategy Mobile Server Firewall Firewall MicroStrategy Intelligence Server Communication - Information Flow MD DWH
7 Mobile Security - Custom Models, A Balancing Act Seven Pillars of a Mobile Security Model: Fully Open - Unsecured 1. Communications Security 2. Authentication 3. Device Security 4. Data Security 5. Network Security 6. Application Security 7. Operations Security Full Lock Down Least Secure Most Secure Tolerance to Risk vs. Corporate and User Needs Security Functionality Ease of Use
8 Tools Used to Mitigate Security Risks Tool Usage Example(s) Symmetric Encryption Protect data at rest or in transit AES, RC4,RC2,Blowfish Asymmetric Encryption Secure Hash Function Bricks and Pipes Single sign on (SSO) Exchange Symm. Keys Digital Signature Authentication (x509 certificates) Validate Passwords for user authorization Restrict/protect data traffic flow Authorizes users into enterprise network RSA Algorithm Diffie-Hellman SHA-1, MD5 Firewalls, Routers, proxy servers Siteminder Tivoli, RSA
9 Symmetric vs. Asymmetric Cryptography (The Key Difference is the Key) Hello! 6&%3!aO! Hello! Hello! 6&%3!aO! Hello! Symmetric Encryption Asymmetric Encryption
10 Symmetric Encryption Things to Note Not all symmetric algorithms provide the same degree of protection - DES (Data Encryption Standard) generally considered as vulnerable - RC4 weaknesses have been identified (may be ok for short transmissions) - AES (Advaned Encryption Standard) generally considered to be strong Protection of the key is vital to security - Key exchange must be as secure as possible Performance of crypto-algorithms on mobile devices can be an issue - For Apple devices, encrypting and decrypting information is implemented at the hardware level so there is as little impact as possible to the performance of applications when using symmetric encryption.
11 Asymmetric Encryption - Things to Note Also known as Public Key Cryptography Key Points - Relies on two keys one for encryption, one for decryption - Computationally difficult to derive encryption key knowing only decryption key and algorithm Common Uses - Creates and distributes electronic session key for Symmetric Encryption - Provides Digital Signature to prove data comes from a trusted source
12 Public Key Cryptography - Operation Encrypt Data p(m) Encrypt Data q(m) Server - Sender 1. Generate Private/Public Key Pair p, q 2. Give Public Key to Receiver (q) 3. Protect Private Key (p) 4. Encrypt /Decrypt message using private key Device - Receiver 5. Store Public Key of Server (q) 6. Encrypt/Decrypt message using public key
13 Asymmetric Encryption X.509 Certificates Certificate Authority Collects Applicant s Money Validates Applicant s Identity Issues Digital Certificate Issues Private Key X.509 Certificate Private Key Version Unique Serial Number Certificate Signature Algorithm CA Name Validity Period Subject Name Public Key Algorithm Subject Public Key CA Signature 13
14 Secure Hash Function - Checks integrity of files and encrypts passwords Characteristics - Converts an arbitrary string of text into a fixed-size string ( hash ) - Easy to compute - Given the hash value it is computationally infeasible to produce the original text - Impossible (or nearly so) to find two different strings that produce the same hash Applications - Password verification (store hash instead of password) - Message integrity Example: SHA-1 (160 fixed bit value)
15 Secure Hash Function - Application User provides credentials, password is hashed ray/pswd1! Secure Hash ray 19OPLL7XXYR@ User password is checked against the hashed version not the actual value Compromised hash value is not a security threat ray/pswd1! ray Hash(pswd1!)= 19OPLL7XXYR@
16 Network Layer: Firewalls, Routers, and Proxy Servers (Bricks and Pipes) Firewall Filters traffic at the network layer (prevent certain data from reaching the internet) Can be used in combination to isolate sensitive traffic internally and prevent external access to internal resources Latest firewalls can work at application level Can thwart denial of service attacks Router Basic plumbing for data traffic on internal network Moves data between computers Moves data between internal networks Proxy Server Can hide internal addresses from external internet Can filter based on incoming IP address Provide SSL connectivity
17 Single SignOn - The Basic Mechanism Device side Application Supports: HTML Forms Consumption Allows Custom Logon Screen Work-flow
18 Single SignOn - Microstrategy SDK (Extending OOB Capabilities) Application Device Side X-Code allows edits of uncompiled Objective C code Source code is protected but several customizations are possible: - Rebranding - Springboard icon - Splash image page - Opening logo animation - Method Swizzling Mobile Server Side Java Task Framework - Mobile Logon Task...Can edit to run against virtually any 3rd party or custom authentication authority Supported OOB Tivoli Siteminder Most Custom 3rd Party Options XML Configuration Files
19 Putting it all together - Transport Layer Security (TLS), also SSL Hello! Hello Back!, Server sends Certificate Asymmetric Client Cert, Key Exchange, Verify Creates Session Key Trust Established Encrypted Communication Symmetric Uses Session Key to Encrypt
20 Authentication Layer - Virtual Private Network (VPN)
21 Authentication Layer - Virtual Private Network (VPN)
22 Authentication Layer - Virtual Private Network (VPN)
23 HTTPS
24 HTTPS - A Sample Client Architecture
25 MicroStrategy Enhanced Mobile Security Architecture Firewall MicroStrategy Cer?ficate Server Firewall LDAP Server X.509 Cer?ficate Request CRL Cer?ficate Revoca?on List MD HTTPS (AES) MicroStrategy Mobile Server MicroStrategy Intelligence Server DWH
26 Comparison of Mobile System Security Solutions
27 Mobile Device Level Security - Leverage native protection features Passcode Protec?on Require Alpha Character Minimum Length Minimum Number of Complex Characters Expira?on (1-730 days) Auto- Lock (1-5 minutes, or none) Grace Period for Device Lock Passcode History Maximum number of Failed A[empts iphone/ipad devices provide the necessary tools to protect informa?on in an efficient way Hardware Encryp?on/Decryp?on (iphone 3GS and later) (All ipads)
28 Data Security - MicroStrategy /Database Security - Implementation Objects Privileges Relates to a user s ability to perform certain functions/tasks Mobile Exporting Drilling Object Permissions via ACL (Access Control List) Provides user, group, role access/restriction on project metadata objects Security Filters (Could use System User Prompt) Introduces column in database tables for user or group or role End user only sees that row if they have explicit access
29 Data Security - MicroStrategy /Database Security - Users, Groups, Roles Users Are iden?fied by a Unique Login and User Name Users are Defined in the Metadata Repository User Exist Across Mul?ple Projects User Groups Are a Set of Users Privileges and ACLs can be Assigned to User Groups User Group Privileges Apply to All Projects Security Roles Are a Set of Privileges Security Roles can be assigned to Users and/or Specific Groups Security Roles Apply to Specified Individual Projects and ACLs can be Assigned to User Groups
30 Network/Emissions Security Data Encryption (WiFi Protected Access) - WPA - WPA2 Can use AES encryption Disable identifier broadcasting Maintain wireless emissions within corporate boundaries
31 MicroStrategy Application Security MicroStrategy Mobile Server MicroStrategy Intelligence Server Web User Authen?ca?on Support for SSO Integra?on Link Encryp?on User Authen?ca?on Standard LDAP Database NT Expira?on can be set to force entering MicroStrategy user creden?als when opening the applica?on. User creden?als are stored encrypted on device. Creden?als can op?onally be cleared when opera?ng with single sign- on solu?ons. Applica?on data is encrypted on device. Caches can be cleared when exi?ng the applica?on. ios isola?on protects App data from other Apps. Apps are signed to ensure the App is authen?c. Run?me checks enforce App Security. Password required a`er?meout or suspended state (Confiden?al Project Mode) Single sign- on support. LDAP, Kerberos, NT Integra?on. Independent Third Party Security Tes?ng
32 Mobile Server and Device Authentication Device Level and Application Authentication Device ios Profile Logon Network Logon (if using VPN or Tunnel) Microstrategy Project Meta-Data Logon Standard Windows LDAP Database Mobile Server Authentication Account/Logon that Mobile Server Web Pool Runs Under Anonymous Basic Windows (Service Account)
33 Mobile Server Configuration - Admin Settings
34 User Configuration for the Microstrategy Mobile Application
35 Operational Security Establish Security Policy - Passcode Required - Passcode Complexity Procedures for Reporting Lost/Stolen Device Device Management - Proactive Monitoring - Response to lost/stolen device report Information Management - Policies for handling of sensitive data - Sensitivity Reduction - Information Deception Situational Awareness - Keep users informed of the importance and impact of their actions Ensure proper placement and operation of WiFi Equipment
36 36 Multiple Layers of Protection = Low Vulnerability
37 MDM - Mobile Device Management An MDM Strategy would support: Benefits of an MDM Integration:
38 MicroStrategy App Passcode
39 For More Details
40 El fin! Thank You for Attending!! Anand Dwivedi Product Manager, Mobile Ray Bennett Director, Mobile Center of Excellence
Mobile App Security Take Any Mobile App and Make It Secure
Mobile App Security Take Any Mobile App and Make It Secure Ray Bennett Microstrategy - Director, Mobile Service Line World, Las Vegas, 2015 Agenda - State of the Art Mobile App Security Introduction -
More informationSecurity. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1
Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions
More informationWHITE PAPER Secure mobile computing and business intelligence on Apple and Android mobile devices
WHITE PAPER Secure mobile computing and business intelligence on Apple and Android mobile devices Mobile App Platform Copyright Information All Contents Copyright 2014 Incorporated. All Rights Reserved.
More informationWHITE PAPER Secure mobile computing and business intelligence on Apple and Android mobile devices
WHITE PAPER Secure mobile computing and business intelligence on Apple and Android mobile devices MicroStrategy Mobile App Platform Copyright Information All Contents Copyright 2014 MicroStrategy Incorporated.
More informationFileCloud Security FAQ
is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file
More informationDeploying iphone and ipad Security Overview
Deploying iphone and ipad Security Overview ios, the operating system at the core of iphone and ipad, is built upon layers of security. This enables iphone and ipad to securely access corporate services
More informationEnsuring the security of your mobile business intelligence
IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive
More informationEnsuring the security of your mobile business intelligence
IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive
More informationipad in Business Security
ipad in Business Security Device protection Strong passcodes Passcode expiration Passcode reuse history Maximum failed attempts Over-the-air passcode enforcement Progressive passcode timeout Data security
More informationSecurity Technical. Overview. BlackBerry Enterprise Service 10. BlackBerry Device Service Solution Version: 10.2
BlackBerry Enterprise Service 10 BlackBerry Device Service Solution Version: 10.2 Security Technical Overview Published: 2014-09-10 SWD-20140908123239883 Contents 1 About BlackBerry Device Service solution
More information7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?
7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk
More informationChapter 10. Cloud Security Mechanisms
Chapter 10. Cloud Security Mechanisms 10.1 Encryption 10.2 Hashing 10.3 Digital Signature 10.4 Public Key Infrastructure (PKI) 10.5 Identity and Access Management (IAM) 10.6 Single Sign-On (SSO) 10.7 Cloud-Based
More informationBlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note
BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise
More informationCornerstones of Security
Internet Security Cornerstones of Security Authenticity the sender (either client or server) of a message is who he, she or it claims to be Privacy the contents of a message are secret and only known to
More informationHow To Protect Your Mobile Devices From Security Threats
Back to the Future: Securing your Unwired Enterprise By Manoj Kumar Kunta, Global Practice Leader - Security Back to the Future: Securing your Unwired Enterprise The advent of smartphones and tablets has
More informationSecure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213
Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213 UNCLASSIFIED Example http ://www. greatstuf f. com Wants credit card number ^ Look at lock on browser Use https
More informationSecurity Awareness. Wireless Network Security
Security Awareness Wireless Network Security Attacks on Wireless Networks Three-step process Discovering the wireless network Connecting to the network Launching assaults Security Awareness, 3 rd Edition
More informationMySQL Security: Best Practices
MySQL Security: Best Practices Sastry Vedantam sastry.vedantam@oracle.com Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes
More informationOverview of CSS SSL. SSL Cryptography Overview CHAPTER
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers
More informationSecurity Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0
Security Guide BlackBerry Enterprise Service 12 for ios, Android, and Windows Phone Version 12.0 Published: 2015-02-06 SWD-20150206130210406 Contents About this guide... 6 What is BES12?... 7 Key features
More informationHow To Encrypt Data With Encryption
USING ENCRYPTION TO PROTECT SENSITIVE INFORMATION Commonwealth Office of Technology Security Month Seminars Alternate Title? Boy, am I surprised. The Entrust guy who has mentioned PKI during every Security
More informationEnd User Devices Security Guidance: Apple OS X 10.10
GOV.UK Guidance End User Devices Security Guidance: Apple OS X 10.10 Published Contents 1. Changes since previous guidance 2. Usage scenario 3. Summary of platform security 4. How the platform can best
More informationGuidance End User Devices Security Guidance: Apple OS X 10.9
GOV.UK Guidance End User Devices Security Guidance: Apple OS X 10.9 Published 23 January 2014 Contents 1. Changes since previous guidance 2. Usage Scenario 3. Summary of Platform Security 4. How the Platform
More informationArchitecture and Data Flow Overview. BlackBerry Enterprise Service 10 721-08877-123 Version: 10.2. Quick Reference
Architecture and Data Flow Overview BlackBerry Enterprise Service 10 721-08877-123 Version: Quick Reference Published: 2013-11-28 SWD-20131128130321045 Contents Key components of BlackBerry Enterprise
More informationSavitribai Phule Pune University
Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter
More informationComputer Networks. Secure Systems
Computer Networks Secure Systems Summary Common Secure Protocols SSH HTTPS (SSL/TSL) IPSec Wireless Security WPA2 PSK vs EAP Firewalls Discussion Secure Shell (SSH) A protocol to allow secure login to
More informationSalesforce1 Mobile Security Guide
Salesforce1 Mobile Security Guide Version 1, 1 @salesforcedocs Last updated: December 8, 2015 Copyright 2000 2015 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of salesforce.com,
More informationSecure Business Intelligence on Apple Mobile Devices
Secure Business Intelligence on Apple Mobile Devices MicroStrategy Mobile for iphone and ipad MOBILE INTELLIGENCE Copyright Information All Contents Copyright 2011 MicroStrategy Incorporated. All Rights
More informationiphone in Business Security Overview
iphone in Business Security Overview iphone can securely access corporate services and protect data on the device. It provides strong encryption for data in transmission, proven authentication methods
More informationUsing etoken for SSL Web Authentication. SSL V3.0 Overview
Using etoken for SSL Web Authentication Lesson 12 April 2004 etoken Certification Course SSL V3.0 Overview Secure Sockets Layer protocol, version 3.0 Provides communication privacy over the internet. Prevents
More informationContent Teaching Academy at James Madison University
Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect
More informationTopics in Network Security
Topics in Network Security Jem Berkes MASc. ECE, University of Waterloo B.Sc. ECE, University of Manitoba www.berkes.ca February, 2009 Ver. 2 In this presentation Wi-Fi security (802.11) Protecting insecure
More informationThe following chart provides the breakdown of exam as to the weight of each section of the exam.
Introduction The CWSP-205 exam, covering the 2015 objectives, will certify that the successful candidate understands the security weaknesses inherent in WLANs, the solutions available to address those
More informationWorkday Mobile Security FAQ
Workday Mobile Security FAQ Workday Mobile Security FAQ Contents The Workday Approach 2 Authentication 3 Session 3 Mobile Device Management (MDM) 3 Workday Applications 4 Web 4 Transport Security 5 Privacy
More informationWireless Encryption Protection
Wireless Encryption Protection We re going to jump around a little here and go to something that I really find interesting, how do you secure yourself when you connect to a router. Now first and foremost
More information{ipad Security} for K-12. Understanding & Mitigating Risk. plantemoran.com
{ipad Security} plantemoran.com for K-12 Understanding & Mitigating Risk Plante Moran The ipad is in K-12. Since its debut in April 2010, the ipad has quickly become the most popular tablet, outselling
More informationCS 348: Computer Networks. - Security; 30 th - 31 st Oct 2012. Instructor: Sridhar Iyer IIT Bombay
CS 348: Computer Networks - Security; 30 th - 31 st Oct 2012 Instructor: Sridhar Iyer IIT Bombay Network security Security Plan (RFC 2196) Identify assets Determine threats Perform risk analysis Implement
More information12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust
Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or
More informationCourse Content Summary ITN 262 Network Communication, Security and Authentication (4 Credits)
Page 1 of 5 Course Content Summary ITN 262 Network Communication, Security and Authentication (4 Credits) TNCC Cybersecurity Program web page: http://tncc.edu/programs/cyber-security Course Description:
More informationThick Client Application Security
Thick Client Application Security Arindam Mandal (arindam.mandal@paladion.net) (http://www.paladion.net) January 2005 This paper discusses the critical vulnerabilities and corresponding risks in a two
More informationConfiguration Guide. BlackBerry Enterprise Service 12. Version 12.0
Configuration Guide BlackBerry Enterprise Service 12 Version 12.0 Published: 2014-12-19 SWD-20141219132902639 Contents Introduction... 7 About this guide...7 What is BES12?...7 Key features of BES12...
More informationIBM Cognos Mobile Overview
IBM Cognos Business Intelligence 10.2.1 IBM Cognos Mobile Overview Agenda IBM Cognos Mobile Overview Analysis on Mobile Security + Configuration Deploying Good Technology Latest Updates IBM Confidential
More informationSecure web transactions system
Secure web transactions system TRUSTED WEB SECURITY MODEL Recently, as the generally accepted model in Internet application development, three-tier or multi-tier applications are used. Moreover, new trends
More informationQuestion Name C 1.1 Do all users and administrators have a unique ID and password? Yes
Category Question Name Question Text C 1.1 Do all users and administrators have a unique ID and password? C 1.1.1 Passwords are required to have ( # of ) characters: 5 or less 6-7 8-9 Answer 10 or more
More informationQLIKVIEW MOBILE SECURITY
QLIKVIEW MOBILE SECURITY QlikView Technical Brief Published: March, 2011 qlikview.com QlikView Mobile Security Mobile devices are convenient, versatile and, for many employees, they are indispensable.
More informationWindows Remote Access
Windows Remote Access A newsletter for IT Professionals Education Sector Updates Issue 1 I. Background of Remote Desktop for Windows Remote Desktop Protocol (RDP) is a proprietary protocol developed by
More informationThe Pitfalls of Encrypted Networks in Banking Operations Compliance Success in two industry cases
The Pitfalls of Encrypted Networks in Banking Operations Compliance Success in two industry cases Elba Horta Regional Sales Manager, Southern Europe SSH Communica1ons Security elba.horta@ssh.com ENABLE,
More informationInformation Security Basic Concepts
Information Security Basic Concepts 1 What is security in general Security is about protecting assets from damage or harm Focuses on all types of assets Example: your body, possessions, the environment,
More informationNetwork Access Security. Lesson 10
Network Access Security Lesson 10 Objectives Exam Objective Matrix Technology Skill Covered Exam Objective Exam Objective Number Firewalls Given a scenario, install and configure routers and switches.
More informationQuestion How do I access the router s web-based setup page? Answer
http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=3676 Question How do I access the router s web-based setup page? Answer All Linksys routers have a built-in web-based setup
More informationSecurity Protocols: SSH. Michael E. Locasto University of Calgary
Security Protocols: SSH Michael E. Locasto University of Calgary Agenda Philosophy: data protec?on on the network Discussion of SSH SSH history Authen?ca?on Mechanisms SSH2 design overview / architecture
More informationFINAL DoIT 04.01.2013- v.8 APPLICATION SECURITY PROCEDURE
Purpose: This procedure identifies what is required to ensure the development of a secure application. Procedure: The five basic areas covered by this document include: Standards for Privacy and Security
More informationSecure remote access to your applications and data. Secure Application Access
Secure Application Access Secure remote access to your applications and data Accops HySecure is an application access gateway that enables secure access to corporate applications, desktops and network
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure
More informationLecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References
Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions
More informationConfiguration Guide BES12. Version 12.1
Configuration Guide BES12 Version 12.1 Published: 2015-04-22 SWD-20150422113638568 Contents Introduction... 7 About this guide...7 What is BES12?...7 Key features of BES12... 8 Product documentation...
More informationConfiguration Guide BES12. Version 12.2
Configuration Guide BES12 Version 12.2 Published: 2015-07-07 SWD-20150630131852557 Contents About this guide... 8 Getting started... 9 Administrator permissions you need to configure BES12... 9 Obtaining
More informationEnterprise Security with mobilecho
Enterprise Security with mobilecho Enterprise Security from the Ground Up When enterprise mobility strategies are discussed, security is usually one of the first topics on the table. So it should come
More informationCentral Desktop Enterprise Edition (Security Pack)
Central Desktop Enterprise Edition (Security Pack) The Central Desktop Security Pack is included in the Enterprise Edition of Central Desktop. The Enterprise Edition is for companies and organizations
More informationSecurity Goals Services
1 2 Lecture #8 2008 Freedom from danger, risk, etc.; safety. Something that secures or makes safe; protection; defense. Precautions taken to guard against crime, attack, sabotage, espionage, etc. An assurance;
More informationPMDP is simple to set up, start using, and maintain
Product Datasheet IBELEM, SA ITS Group - 5, boulevard des Bouvets 92741 Nanterre Cedex - FRANCE Tel: +33(0)1.55.17.45.75 Fax: +33(0)1.73.72.34.08 - www.ibelem.com - info@ibelem.com PMDP is simple to set
More informationISM/ISC Middleware Module
ISM/ISC Middleware Module Lecture 13: Security for Middleware Applications Dr Geoff Sharman Visiting Professor in Computer Science Birkbeck College Geoff Sharman Sept 07 Lecture 13 Aims to: 2 Show why
More informationCS5008: Internet Computing
CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is
More informationSAP Mobile - Webinar Series SAP Mobile Platform 3.0 Security Concepts and Features
SAP Mobile - Webinar Series SAP Mobile Platform 3.0 Security Concepts and Features Dirk Olderdissen Solution Expert, Regional Presales EMEA SAP Brought to you by the Customer Experience Group 2014 SAP
More informationConfiguring Security Solutions
CHAPTER 3 This chapter describes security solutions for wireless LANs. It contains these sections: Cisco Wireless LAN Solution Security, page 3-2 Using WCS to Convert a Cisco Wireless LAN Solution from
More informationSharePlus Enterprise: Security White Paper
INFRAGISTICS, INC. SharePlus Enterprise: Security White Paper Security Overview Anand Raja, Gustavo Degeronimi 6/29/2012 SharePlus ensures Enterprise data security by implementing and interoperating with
More informationa) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)
MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file
More informationChapter 8. Network Security
Chapter 8 Network Security Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security Some people who
More informationThe increasing popularity of mobile devices is rapidly changing how and where we
Mobile Security BACKGROUND The increasing popularity of mobile devices is rapidly changing how and where we consume business related content. Mobile workforce expectations are forcing organizations to
More informationZenprise Device Manager 6.1.5
Zenprise Device Manager 6.1.5 CLIENT GUIDE Rev 6.1.50 Introduction 2 ZENPRISE DEVICE MANAGER 6.1 CLIENT GUIDE 2011 Zenprise, Inc. All rights reserved. This manual, as well as the software described in
More informationRecommended 802.11 Wireless Local Area Network Architecture
NATIONAL SECURITY AGENCY Ft. George G. Meade, MD I332-008R-2005 Dated: 23 September 2005 Network Hardware Analysis and Evaluation Division Systems and Network Attack Center Recommended 802.11 Wireless
More informationFeature and Technical
BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 4 Feature and Technical Overview Published: 2013-11-07 SWD-20131107160132924 Contents 1 Document revision history...6 2 What's
More informationMaaS360 Mobile Enterprise Gateway
MaaS360 Mobile Enterprise Gateway Administrator Guide Copyright 2014 Fiberlink, an IBM Company. All rights reserved. Information in this document is subject to change without notice. The software described
More informationSymantec App Center. Mobile Application Management and Protection. Data Sheet: Mobile Security and Management
Mobile Application Management and Protection Data Sheet: Mobile Security and Management Overview provides integrated mobile application and device management capabilities for enterprise IT to ensure data
More informationMcAfee Firewall Enterprise 8.2.1
Configuration Guide FIPS 140 2 Revision A McAfee Firewall Enterprise 8.2.1 The McAfee Firewall Enterprise FIPS 140 2 Configuration Guide, version 8.2.1, provides instructions for setting up McAfee Firewall
More informationDigital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University
Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University October 2015 1 List of Figures Contents 1 Introduction 1 2 History 2 3 Public Key Infrastructure (PKI) 3 3.1 Certificate
More informationSENSE Security overview 2014
SENSE Security overview 2014 Abstract... 3 Overview... 4 Installation... 6 Device Control... 7 Enrolment Process... 8 Authentication... 9 Network Protection... 12 Local Storage... 13 Conclusion... 15 2
More informationDeploying iphone and ipad Mobile Device Management
Deploying iphone and ipad Mobile Device Management ios supports Mobile Device Management (MDM), giving businesses the ability to manage scaled deployments of iphone and ipad across their organizations.
More informationThe Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency
logo The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency Understanding the Multiple Levels of Security Built Into the Panoptix Solution Published: October 2011
More informationOverview. Edvantage Security
Overview West Virginia Department of Education (WVDE) is required by law to collect and store student and educator records, and takes seriously its obligations to secure information systems and protect
More informationYou re FREE Guide SSL. (Secure Sockets Layer) webvisions www.webvisions.com +65 6868 1168 sales@webvisions.com
SSL You re FREE Guide to (Secure Sockets Layer) What is a Digital Certificate? SSL Certificates, also known as public key certificates or Digital Certificates, are essential to secure Internet browsing.
More informationNetwork-Enabled Devices, AOS v.5.x.x. Content and Purpose of This Guide...1 User Management...2 Types of user accounts2
Contents Introduction--1 Content and Purpose of This Guide...........................1 User Management.........................................2 Types of user accounts2 Security--3 Security Features.........................................3
More informationSSL Overview for Resellers
Web Security Enterprise Security Identity Verification Services Signing Services SSL Overview for Resellers What We ll Cover Understanding SSL SSL Handshake 101 Market Opportunity for SSL Obtaining an
More informationEntrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0
Entrust Managed Services PKI Getting started with digital certificates and Entrust Managed Services PKI Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust
More informationEMR Link Server Interface Installation
EMR Link Server Interface Installation Version 1.0 ** INTRODUCTION ** If you would like assistance with installation, please contact our preferred support provider at support@bonecomputer.com, or call
More informationChapter 10. Network Security
Chapter 10 Network Security 10.1. Chapter 10: Outline 10.1 INTRODUCTION 10.2 CONFIDENTIALITY 10.3 OTHER ASPECTS OF SECURITY 10.4 INTERNET SECURITY 10.5 FIREWALLS 10.2 Chapter 10: Objective We introduce
More informationExecutive Summary and Purpose
ver,1.0 Hardening and Securing Opengear Devices Copyright Opengear Inc. 2013. All Rights Reserved. Information in this document is subject to change without notice and does not represent a commitment on
More informationGuidance End User Devices Security Guidance: Apple ios 7
GOV.UK Guidance End User Devices Security Guidance: Apple ios 7 Updated 10 June 2014 Contents 1. Changes since previous guidance 2. Usage Scenario 3. Summary of Platform Security 4. How the Platform Can
More informationSkoot Secure File Transfer
Page 1 Skoot Secure File Transfer Sharing information has become fundamental to organizational success. And as the value of that information whether expressed as mission critical or in monetary terms increases,
More informationRSA Authentication Manager 7.1 Security Best Practices Guide. Version 2
RSA Authentication Manager 7.1 Security Best Practices Guide Version 2 Contact Information Go to the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com. Trademarks
More informationDRAFT Standard Statement Encryption
DRAFT Standard Statement Encryption Title: Encryption Standard Document Number: SS-70-006 Effective Date: x/x/2010 Published by: Department of Information Systems 1. Purpose Sensitive information held
More informationHosted Microsoft Exchange Client Setup & Guide Book
Hosted Microsoft Exchange Client Setup & Guide Book Section 1 Microsoft Outlook Web Access (OWA) access directions Section 2 Windows 10 Mail App setup & configuration Section 3 Windows Mobile Phone ActiveSync
More informationSonicWALL PCI 1.1 Implementation Guide
Compliance SonicWALL PCI 1.1 Implementation Guide A PCI Implementation Guide for SonicWALL SonicOS Standard In conjunction with ControlCase, LLC (PCI Council Approved Auditor) SonicWall SonicOS Standard
More informationSecure Socket Layer. Introduction Overview of SSL What SSL is Useful For
Secure Socket Layer Secure Socket Layer Introduction Overview of SSL What SSL is Useful For Introduction Secure Socket Layer (SSL) Industry-standard method for protecting web communications. - Data encryption
More informationCrashPlan Security SECURITY CONTEXT TECHNOLOGY
TECHNICAL SPECIFICATIONS CrashPlan Security CrashPlan is a continuous, multi-destination solution engineered to back up mission-critical data whenever and wherever it is created. Because mobile laptops
More informationMANAGED FILE TRANSFER: 10 STEPS TO PCI DSS COMPLIANCE
WHITE PAPER MANAGED FILE TRANSFER: 10 STEPS TO PCI DSS COMPLIANCE 1. OVERVIEW Do you want to design a file transfer process that is secure? Or one that is compliant? Of course, the answer is both. But
More informationMOVEIT: SECURE, GUARANTEED FILE DELIVERY BY JONATHAN LAMPE, GCIA, GSNA
MOVEIT: SECURE, GUARANTEED FILE DELIVERY BY JONATHAN LAMPE, GCIA, GSNA The MOVEit line of secure managed file transfer software products by Ipswitch File Transfer consists of two flagship products, the
More informationChapter 7 Transport-Level Security
Cryptography and Network Security Chapter 7 Transport-Level Security Lectured by Nguyễn Đức Thái Outline Web Security Issues Security Socket Layer (SSL) Transport Layer Security (TLS) HTTPS Secure Shell
More informationSBClient SSL. Ehab AbuShmais
SBClient SSL Ehab AbuShmais Agenda SSL Background U2 SSL Support SBClient SSL 2 What Is SSL SSL (Secure Sockets Layer) Provides a secured channel between two communication endpoints Addresses all three
More informationRelease Notes. NCP Secure Entry Mac Client. Major Release 2.01 Build 47 May 2011. 1. New Features and Enhancements. Tip of the Day
NCP Secure Entry Mac Client Major Release 2.01 Build 47 May 2011 1. New Features and Enhancements Tip of the Day A Tip of the Day field for configuration tips and application examples is incorporated in
More information