Security of Mobile Platforms, BYOD and MDM for the Solution of their Administration November 22 nd 2012, Marek Deml
Security of Mobile Platforms
Situation Worldwide 3,50% 6,90% Google Android 4,80% Apple ios 16,90% RIM Black Berry 68,10% Microsoft Windows Phone / Windows Mobile Others Source: IDC Worldwide Mobile Phone Tracker, August 8, 2012 3 2012 Deloitte Česká republika
Android 4 2012 Deloitte Česká republika
72% 5 2012 Deloitte Česká republika
1,80% 0,10% 0,40% 3,40% 1,90% 23,70% 12,90% 55,80% 1.5 Cupcake 1.6 Donut 2.1 Eclair 2.2 Froyo 2.3 Gingerbread 3.1 Honeycomb 4.0 Ice Cream Sandwich 4.1 Jelly Bean Source: developer.android.com, October 2012 6 2012 Deloitte Česká republika
Security Authentication Application Encryption Enterprise functions Root of the device 7 2012 Deloitte Česká republika
ios 8 2012 Deloitte Česká republika
20% 9 2012 Deloitte Česká republika
1% 9% 4% 61% 25% ios 4 ios 5.0 ios 5.1 ios 6 Other ios Source: chtika.com, October 2012 10 2012 Deloitte Česká republika
Security Authentication Application Encryption Enterprise functions Jailbreak of the device 11 2012 Deloitte Česká republika
BlackBerry 12 2012 Deloitte Česká republika
Security Authentication Application Encryption Enterprise functions 13 2012 Deloitte Česká republika
Windows Phone 14 2012 Deloitte Česká republika
Security Authentication Application Encryption Enterprise functions 15 2012 Deloitte Česká republika
Ranking of platforms Security Security + cool factor BlackBerry ios ios BlackBerry Android Android Windows Phone Windows Phone 16 2012 Deloitte Česká republika
Look ahead 17 2012 Deloitte Česká republika
Permanently-connected Students Source: Cisco 2011 Annual Security Report & Cisco Connected World Technology Report are not thrilled by working for someone who bans them from access to social networks at work.... are not very interested in protecting their passwords. prefer having an internet connection to a car. do not want to work only in the office, as they believe that they are more productive when they work outside the office. 81% of university students believe that they will have the opportunity to choose the devices for work. let other people use their notebook, mobile phone or ipad. check Facebook at least once a day. want to bring their own devices to the office. 18 2012 Deloitte Česká republika
Trends in Mobile Equipment Employees work at different places and require mobile support Requirement for the support of personal devices (Bring Your Own Device - BYOD) Pressure on the development of mobile applications and acceptance of socially connected applications Use of applications without knowledge of the risks that they bring Unsecured applications Increase in productivity and decrease in costs All Nippon Airways 6000 ipads, 400 million yen (EUR 3.89 million) of savings per year The Senate of the Dutch Parliament has replaced printed parliamentary documents with ipads The management and security of mobile equipment is a significant challenge. 19 2012 Deloitte Česká republika
BYOD (Bring Your Own Device) BYOD Zaměstnanci does not chtějí mean stále that the častěji user používat does what svá he oblíbená wants! mobilní zařízení Firms should bring the anticipations of users, IT capabilities and security policy into line. A failure to act may increase the security risk, as uncontrolled mobile devices will continue to connect to the firm s network. Average number of results: 7,600,000 (0.17 s) 20 2012 Deloitte Česká republika
BYOD Reasons for BYOD User perspective To have one device rather than two Fully own the decision-making process in selecting personal devices/ have the mostrecent version of the device The local store offers a better selection than the IT department Company perspective Increased productivity of employees, they perceive BYOD as a benefit Potential of decreasing costs of hardware, monthly services, provision and ongoing support IT department perspective Potential of lower burden for IT employees: they do not provide support for HW equipment does not apply for VIP users Problems of BYOD Security Confidentiality, integrity and availability of corporate data Responsibility for personal data (deletion, central storage) Defining and enforcing of the security level Fragmented applications Impact of an environment with heterogeneous equipment on the development of applications and requirements for support Support Certification, provision and management of devices Costs Potential loss of corporate bulk discounts due to personal purchases Additional cost for management of heterogeneous BYOD devices, eg MDM 21 2012 Deloitte Česká republika
BYOD Pitfalls and their Solutions BYOD involves the following pitfalls: Compliance with the legislation, compliance with the Labour Code, data privacy and protection Data privacy and protection, Data ownership and restoration Monitoring of employees Intellectual property protection However, the most significant problem is the security level! How do you achieve that? Guideline for BYOD is a condition Increases the knowledge of security and privacy protection Ensures the enforceability of rules through (employment) contracts Ensures legal risks and responsibilities 22 2012 Deloitte Česká republika
Technical Setting of BYOD Encryption Security of access to data Security of the process of data mining from the system Rules for the data deletion Access without the prior permission and approval can be classified as hacking Reflection of privacy in work procedures Introduction of monitoring (system, compliance with the rules, etc) 23 2012 Deloitte Česká republika
MDM - Mobile Device Management Who owns the strategy and administration and management model of mobile equipment? Simple connection to the corporate network, setting of the mobile office Security of access to the corporate network Enforcement of a password, its strength, etc Protection against viruses and other harmful codes Remote deletion in the event of a loss, only deletion of corporate data in BYOD Monitoring of data synchronisation on the server Distribution, update of SW and applications 24 2012 Deloitte Česká republika
Schopnost realizace MDM Mobile Device Management Mobile device management provides support for the entire lifecycle of mobile devices, mobile applications and the related data warehouses, and assists in: Due securing of applications, patches, security agents, etc; Ensuring that the data are automatically backed up and always protected (in static situations and in transfer); Ensuring that devices are correctly configured and protected against threats; and Ensuring that IT may remotely fix problems, delete data and remove the device from operations This requires systems, defined processes and qualified sources in several areas Subjekty reagující na výzvy Vedoucí subjekty Hráči v oblasti mezery na trhu Úplnost vize Vizionáři Source: Gartner Magic Quadrant for MDM solution May 2012 25 2012 Deloitte Česká republika
MDM Mobile Device Management Comparison of the critical properties of MDM solutions and the total result Source: Gartner Critical Capabilities for Mobile Device Management July 2011 26 2012 Deloitte Česká republika
Questions? Marek Deml E-mail: mdeml@deloittece.com
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/cz/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms. 2012 Deloitte Czech Republic