How to Create and Secure Your Mobile Infrastructure Session EM B27 Mike Littleton Manager, EndPoint Infrastructure Kelly Services John Engels Principal Product Manager, Symantec Enterprise Mobility
Typical Mobile Needs Enable email Access Device security Web apps configuration Application delivery & updates Content wipe Provide network access Asset data & ownership Enterprise doc/media distribution File sharing & productivity Remote assistance Device inventory/ configuration Presentation Identifier Goes Here SYMANTEC VISION 2012 3
Dividing Mobility Security Business Unit Endpoint Mgmt/ Mobile User App Developers Support Presentation Identifier Goes Here SYMANTEC VISION 2012 4
What are your key applications? Email Social Media Productivity apps Enterprise Apps Collaboration apps Web services Presentation Identifier Goes Here SYMANTEC VISION 2012 5
Understanding Managed & Unmanaged Mobility Customers need to provide a solution for both the managed and unmanaged use cases within the enterprise Managed MDM enables device management & compliance MDM is a foundation for policy management Data separation solutions evolve through APIs Enterprise Use Cases Unmanaged Applications must be protected individually Data between applications must be secure Corporate / Personal separation becomes a non-issue Manage The Device Secure Apps & Data Symantec Advances Enterprise Mobility Strategy SYMANTEC VISION 2012
Who Owns Mobile Management? Managed MDM enables device management & compliance Endpoint Management Telco/Mobility Endpoint Security Help Desk MDM is a foundation for policy management Data separation solutions evolve through APIs Manage The Device Symantec Advances Enterprise Mobility Strategy SYMANTEC VISION 2012
Who Owns Unmanaged Mobility Use? Enterprise Use Cases Unmanaged Applications must be protected individually Business Unit Application Developers Security Team Endpoint/Mobility Mgmt Help desk Data between applications must be secure Corporate / Personal separation becomes a non-issue Secure Apps & Data Symantec Advances Enterprise Mobility Strategy SYMANTEC VISION 2012
Defining Enterprise Mobility Management 5 key areas of investment Device/User Management Enterprise Mobility Management Secure Container Threat Protection Expense Management Enterprise/Cloud Integration Configuration, control and management of mobile devices Corporate data separation and delivery of IT services Core security functionality across platforms Management and control of mobile expenses Integration Managed Devices across the enterprise, SYMANTEC O Security/protection agents 3 Unmanaged Devices including DLP, Datacenter/Priva Public te-cloud PKI, VIP & Cloud Services Security/protection agents Endpoint Management Advancing compliance automation Security, Secure collaboration Business Units App Developers Security Best in class Mobile security Telecom Enterprise app store & expense control Endpoint Mgmt Security, DLP Compliance for Mobile; service brokering identity Endpoint Mgmt Symantec Confidential and Proprietary SYMANTEC VISION 2012 9
Symantec Mobile Solutions Agents Management, Security & Identity Control Point Management Portal SMP (Altiris) / SCCM Symantec Confidential and Proprietary SYMANTEC VISION 2012 10
Mobile Management Comprehensive Enterprise Mobility Management - MDM Enable Activate enterprise access, apps and data easily and automatically > ios, Win Mobile, BB, Symbian Secure Protect enterprise data and infrastructure from attack and theft > Prevent JB, ensure passcodes, Manage Control inventory and configuration with massive scalability > Integrated via SMP / Altiris Symantec Confidential and Proprietary SYMANTEC VISION 2012 11
Tablet DLP Overview (January 2012) Corporate Network Mobile Management configuration and enforcement (7.1 SP1) Network Traffic Email Web Top Apps Proxy VPN at all times Internet Tablet Direct access to Internet Symantec DLP Mobile Server Key Benefits Reduce risk of data loss from ipads, assuming data WILL be on device Supports consumerization - coverage for personal and corporate use cases Lay groundwork for future tablet DLP solution enhancements Symantec Confidential - DLP for Tablets - Strategy, Roadmap & Delivery Update SYMANTEC VISION 2012 12
Investments Defining Enterprise Mobility Management 5 key areas of investment Device/User Management Enterprise Mobility Management Secure Container Threat Protection Expense Management Enterprise/Cloud Integration Configuration, control and management of mobile devices Core security functionality across platforms Management and control of mobile expenses Integration Managed Devices across the enterprise, SYMANTEC O Security/protection agents 3 Unmanaged Devices including DLP, Datacenter/Priva Public te-cloud PKI, VIP & Cloud Services Security/protection agents Advancing compliance automation Secure collaboration Best in class Mobile security Enterprise app store & expense control DLP for Mobile; service brokering identity Symantec Confidential and Proprietary SYMANTEC VISION 2012 13
Understanding Managed & Unmanaged Mobility Customers need to provide a solution for both the managed and unmanaged use cases within the enterprise Managed MDM enables device management & compliance MDM is a foundation for policy management Data separation solutions evolve through APIs Enterprise Use Cases Unmanaged Applications must be protected individually Data between applications must be secure Corporate / Personal separation becomes a non-issue Manage The Device Secure Apps & Data Symantec Advances Enterprise Mobility Strategy SYMANTEC VISION 2012
Nukona Mobile Application Management & Security Comprehensive App Wrapping Tech App Store Repository for internal and external mobile applications App Policy Protect app against data loss through encryption, removal control and separation of corporate data Content Center Protect and deploy content across mobile devices Deployed SaaS or On Prem Symantec Confidential and Proprietary SYMANTEC VISION 2012 15
How It Works: Policy Management Security or Endpoint Team Create Security Policies Developer creates.ipa or.apk file with standard libraries Secure App Delivered To Users SYMANTEC VISION 2012 16
Investments Defining Enterprise Mobility Management 5 key areas of investment Device/User Management Enterprise Mobility Management Secure Container Threat Protection Expense Management Enterprise/Cloud Integration Configuration, control and management of mobile devices Corporate data separation and delivery of IT services Management and control of mobile expenses Integration Managed Devices across the enterprise, SYMANTEC O Security/protection agents 3 Unmanaged Devices including DLP, Datacenter/Priva Public te-cloud PKI, VIP & Cloud Services Security/protection agents Advancing compliance automation Secure collaboration Best in class Mobile security Enterprise app store & expense control DLP for Mobile; service brokering identity Symantec Confidential and Proprietary SYMANTEC VISION 2012 17
Mobile Security for Android Android Security Agent Jun 12 Add to existing stable of Windows Mobile and Symbian device security Reputation based security Scheduled/Manual Anti-malware scanning App blacklist/whitelist enforcement Uninstall protection, resilience Basic locate/lock/passcode reset/wipe and anti-theft features managed centrally Single console mgmt/licensing/reporting, integrated with Mobile Management Mobile Security for WP7/8 or ios (under consideration for 2013) Symantec Confidential and Proprietary SYMANTEC VISION 2012 18
Investments Defining Enterprise Mobility Management 5 key areas of investment Device/User Management Enterprise Mobility Management Secure Container Threat Protection Expense/App Management Enterprise/Cloud Integration Configuration, control and management of mobile devices Corporate data separation and delivery of IT services Core security functionality across platforms Management and control of mobile expenses Managed Devices SYMANTEC O 3 Security/protection agents Datacenter/Priva te-cloud Unmanaged Devices Public Cloud Services Security/protection agents Advancing compliance automation Secure collaboration Best in class Mobile security Enterprise app store & expense control DLP for Mobile; service brokering identity Symantec Confidential and Proprietary SYMANTEC VISION 2012 19
Symantec O3: The New Cloud Control Point O 3 Identity & Access Control Layer Control Cloud Information Security Layer Security Privat Private e Cloud Cloud Cloud Information Management Layer Compliance Extend internal security policies to public and private cloud services accessed from mobile devices SYMANTEC VISION 2012 Symantec Advances Enterprise 20 Mo
Mobile Device and Application Management Kelly Services Customer Experience Presentation Identifier Goes Here SYMANTEC VISION 2012 21
About Kelly Services Kelly Services, Inc. (NASDAQ: KELYA, KELYB) is a leader in providing workforce solutions. Kelly offers a comprehensive array of outsourcing and consulting services as well as world-class staffing on a temporary, temporary-to-hire and direct-hire basis. Serving clients around the globe, Kelly provides employment to more than 530,000 employees annually. Revenue in 2011 was $5.6 billion. Visit www.kellyservices.com and connect with us on Facebook, LinkedIn, & Twitter. SYMANTEC VISION 2012
Count the ways Kelly employees have: Packaged Nike tennis shoes Assembled treadmills Scored standardized student assessments Handled ebay customer services calls Assisted in creating a vaccine to combat biological agent anthrax Upgraded Colleague infusion pumps used in hospitals Made Tombstone or Kraft pizza Assisted with R&D for new contact lenses Presentation Identifier Goes Here SYMANTEC VISION 2012 23
Kelly Services Spans the Globe AMERICAS EMEA APAC Canada Belgium Netherlands Australia New Zealand United States Denmark Norway China Philippines Mexico France Poland Hong Kong South Korea Puerto Rico Germany Portugal India Singapore Hungary Russia Indonesia Thailand Ireland Sweden Malaysia Italy Switzerland Luxembourg United Kingdom 12,000 computers globally, 1600 active EAS users SYMANTEC VISION 2012
Thoughts on Mobility Attended Mobility conference in Chicago involving 20 of the Fortune 500 Less than half (8) use an MDM tool None are in the cloud completely MDM is used for device wipe, inventory, provisioning, alerts on jailbroken devices and app deployments Little differentiation with ios management None of the companies integrate data coming from MDM with asset or systems management tools All would switch their MDM tool if they could All 20 companies agreed that, at the moment, interface and cost are the primary determining factors when choosing an MDM tool Presentation Identifier Goes Here SYMANTEC VISION 2012 25
Everyone has lots to do Windows 7 migration Altiris 7.1 migration BPOS to O365 migration Cloud file storage and sharing Introduction of Macs to the Enterprise Split-tunnel BYOD VDI Mobile device provisioning Ivy Bridge qualification Daily maintenance of current platforms And we re going to do MDM Presentation Identifier Goes Here SYMANTEC VISION 2012 26
What Kelly was looking for Needed to meet a basic set of requirements ios configuration support Expand on EAS security policies Selective wipe capabilities Deploys apps and content Detects jailbroken devices Integration with AD Integrates with our asset and systems management tools Relatively low cost Relatively easy to use Choose a vendor who would be around for awhile Decided on Symantec Mobile Management (SMM) Presentation Identifier Goes Here SYMANTEC VISION 2012 27
Why SMM? SMM has comprehensive MDM capabilities, including policy enforcement, inventory, jailbreak detection, selective wipe and content deployment SMM leverages the Symantec Management Console SMM is tightly integrated with other Symantec products we use; ITMS and Workflow Symantec s mobile security products, such as authentication and data security solutions, complement SMM well Our research shows that SMM is cost competitive Use what we know! Presentation Identifier Goes Here SYMANTEC VISION 2012 28
Symantec Management Console Integration Presentation Identifier Goes Here SYMANTEC VISION 2012 29
Symantec Management Console Integration Presentation Identifier Goes Here SYMANTEC VISION 2012 30
Demonstration Presentation Identifier Goes Here SYMANTEC VISION 2012 31
What s to Come Review current EAS policies and determine if we should strengthen them with SMM Migration to O365 will allow us to provision mobile device access to corporate email with SMM. Since you can provision email with SMM, a selective wipe will remove it Looking forward to new releases of SMM that will add additional ios and Android capabilities Determine how Nukona acquisition compliments SMM Deploy Kelly branded SMM agent and Kelly Sales App later this year to mobile salesforce Presentation Identifier Goes Here SYMANTEC VISION 2012 40
Kelly Enterprise App Store on personal iphone Presentation Identifier Goes Here SYMANTEC VISION 2012 41
Enterprise App Store Presentation Identifier Goes Here SYMANTEC VISION 2012 42
App Authorization Controls Presentation Identifier Goes Here SYMANTEC VISION 2012 43
Summary Presentation Symantec Identifier Confidential Goes Here and Proprietary 44
Bringing Management, Security & Identify Together in a Post-PC Era Combining MDM, mobile app management and identity allows Symantec to offer a comprehensive enterprise mobility solution Device Protection Mobile Management: Centralized Console for MDM SCCM: MDM for Microsoft System Center Mobile Security: App insight for Android Trad. Security: SEP, DLP, Backup etc App/Data Protection App Center: Centralized policy and security wrapping for Apple, Android, BB and WP7/8 Zones: Secure data sharing and collaboration O3: Federated Identity Enterprise Mobility Management Identity O3: Federated Identity mpki: certificate integration and deployment SYMANTEC VISION 2012
Thank you! John Engels Principal Product Manager Copyright 2011 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Symantec Confidential and Proprietary 46