Technical Note. ForeScout MDM Data Security



Similar documents
The ForeScout Difference

ForeScout MDM Enterprise

Embracing Complete BYOD Security with MDM and NAC

Addressing BYOD Challenges with ForeScout and Motorola Solutions

Embracing BYOD with MDM and NAC. Chris Isbrecht, Fiberlink Gil Friedrich, ForeScout

Network Access Control in Virtual Environments. Technical Note

Technical Note. CounterACT: Powerful, Automated Network Protection Inside and Out

Technical Note. ForeScout CounterACT: Virtual Firewall

ForeScout CounterACT. Continuous Monitoring and Mitigation

10 BEST PRACTICES FOR MOBILE DEVICE MANAGEMENT (MDM)

AirWatch Solution Overview

How To Improve Your Network Security

Securing Healthcare Data on Mobile Devices

Security Considerations for Enterprise Mobility / BYOD

Securing BYOD With Network Access Control, a Case Study

How To Write A Mobile Device Policy

White Paper. Identifying Network Security and Compliance Challenges in Healthcare Organizations

Mobile Protection. Driving Productivity Without Compromising Protection. Brian Duckering. Mobile Trend Marketing

SOLUTION BRIEF Enterprise Mobility Management. Critical Elements of an Enterprise Mobility Management Suite

ControlFabric Interop Demo Guide

Mobile device Management mit NAC

Insert Partner logo here. Financial Mobility Balancing Security and Success

McAfee Enterprise Mobility Management Versus Microsoft Exchange ActiveSync

ForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM)

MobileIron. Hendrik Van De Velde Exclusive Mobile Eco-system

Data Loss Prevention and Secure Access for Mobile Content. Ojas Rege VP Strategy

Achieving Multi-Platform Support in the BYOD Era. Presented by: Kaushik Srinivas and Josh Lambert

MDM and beyond: Rethinking mobile security in a BYOD world

Managing Mobility in the BYOD Era:

BYOD & MOBILE SECURITY: EMPOWERING EMPLOYEES WHLE SECURING CORPORATE ASSETS

If you can't beat them - secure them

IT Self Service and BYOD Markku A Suistola

Whitepaper. Securing Visitor Access through Network Access Control Technology

A number of factors contribute to the diminished regard for security:

Risk and threats everywhere, all the time

BYOD Guidelines A practical guide for implementing a successful BYOD Management program in an organization of any size.

Jonas Vercruysse Technical Pre-sales February Endpoint Management IBM Corporation

Mobile Security Market Trends and Best Practices. 24 May 2013

Network and Device Level Mobile Security Controls IT Considera-ons in the BYOD Era

INSERT COMPANY LOGO HERE

How To Manage A Corporate Device Ownership (Byod) On A Corporate Network (For Employees) On An Iphone Or Ipad Or Ipa (For Non-Usenet) On Your Personal Device

Mobile First Era with MobileIron. MobileIron Japan

Total Enterprise Mobility. Norbert Elek

The Maximum Security Marriage:

Welcome! Thank you! mobco about mobile samsung about devices mobileiron about mobile IT accellion on mobile documents hands-on devices and race karts

Enabling mobile workstyles with an end-to-end enterprise mobility management solution.

Athena Mobile Device Management from Symantec

A number of factors contribute to the diminished regard for security:

Mobilize your Enterprise in 60 Minutes!

Agenda. The Mobile Tornado The Birth of Mobile IT MobileIron Company and Vision The MobileIron Solution Partnering for Success

Separation of Corporate and Personal: Best Practices for Securing Data on Employee-owned Devices

Document Sharing on Mobile Devices. Securing Productivity on the Go!

Endpoint protection for physical and virtual desktops

BEST PRACTICES IN BYOD

Symantec Mobile Management 7.1

The Oracle Mobile Security Suite: Secure Adoption of BYOD

Samsung Mobile Security

6 Things To Think About Before Implementing BYOD

MDM: Enabling Productivity in the world of mobility. Sudhakar S Peddibhotla Director of Engineering, Good Technology

Guideline on Safe BYOD Management

Strategies and Best Practices to Implement a Successful Data Loss Prevention Program Sebastian Brenner, CISSP

Company Facts. 1,800 employees. 150 countries. 12,000 customers and growing. 17 languages. 11 global offices

Mobile App Management:

Best Practices for a BYOD World

IBM Endpoint Manager for Mobile Devices

Addressing NIST and DOD Requirements for Mobile Device Management

Cisco Mobile Collaboration Management Service

Btech IT SECURITY SERVICES. Financial Mobility Balancing Security and Success

Endpoint protection for physical and virtual desktops

Acronis BRING YOUR OWN DEVICE

CounterACT Plugin Configuration Guide for ForeScout Mobile Integration Module MaaS360 Version ForeScout Mobile

Enterprise Mobility Survey. Read What Matters as IT Reflects on Mobile Boom

Securicom (MDM) Mobile Device Management

Whitepaper. How MSPs are Increasing Revenues by Solving BYOD Issues. nfrascaletm. Infrascale Phone: Web:

Symantec Mobile Management 7.1

Securing Enterprise Mobility for Greater Competitive Advantage

WhatWorks in Blocking Network-based Attacks with ForeScout s CounterACT. Automating Network Access, Endpoint Compliance and Threat Management Controls

BYOD THE SMALL BUSINESS GUIDE TO BRING YOUR OWN DEVICE

Making the Enterprise Mobile First. Riccardo Canetta Regional Sales Director, Mediterranean

Consumerization Survey Report The Consumerization of IT

Solve BYOD with! Workspace as a Service!

Device Independence - BYOD -

SOLUTION BRIEF MOBILE SECURITY. Securely Accelerate Your Mobile Business

Total Enterprise Mobility

Oracle Documents Cloud Service. Secure Collaboration for the Digital Workplace

Consumerization. Managing the BYOD trend successfully. Harish Krishnan, General Manager, Wipro Mobility Solutions

Bring Your Own Device: New Opportunities, New Challenges

Enterprise mobility management: Embracing BYOD through secure app and data delivery

Workspot Enables Spectrum of Trust. Photo by Marc_Smith - Creative Commons Attribution License

Future Focus: What s Coming in Enterprise Mobility Management (EMM) FUTURE FOCUS. What s Coming in Enterprise Mobility Management.

Mobile App Containers: Product Or Feature?

Document Sharing on Mobile Devices: Securing Productivity on the Go!

ENTERPRISE MOBILITY USE CASES AND SOLUTIONS

Enable a secure Digital Workspae in Your Enterprise Tuni Baraka Enterprise Account Executive VMware AirWatch

Jits Langedijk Sr. Consultant

Strategic Road Map for Network Access Control

What We Do: Simplify Enterprise Mobility

IBM MobileFirst Managed Mobility

"Secure insight, anytime, anywhere."

Transcription:

Contents Introduction........................................................................................................................................... 3 Data Security Requirements for BYOD.................................................................................................................. 3 Capabilities............................................................................................................. 4 About ForeScout...................................................................................................................................... 5 Conclusion............................................................................................................................................ 5 2

Introduction ForeScout MDM provides on the go employees with important corporate information at their fingertips from broad distribution of company wide information to targeted information for specific stakeholders. Distribute quarterly sales and financial documents to the Board of Directors and executive stakeholders. Update product and marketing materials om real-time for sales teams so they don t need to scramble to find the latest datasheet or competitive information. Share company wide information such as training materials, emergency information and HR policies. The rise of bring your own device programs is the single most radical shift in the economics of client computing for business since PCs invated the work place. Gartner, Bring Your Own Device: New Opportunities, New Challanges, 16 August 2012, David A. Willis Mobile devices such as smartphones and tablets have entered the workplace en masse, quickly becoming essential tools for employees. These devices increase workforce productivity, improve sales enablement, and facilitate faster decision making by managers and executives. However, they also necessitate additional investments in IT infrastructure and management software, as well as the development of policies and procedures to effectively manage and secure them.................................................................................................. Any discussion of enterprise mobility invariably leads to talk of BYOD (bring your own device) programs and policies. BYOD programs allow employees, business partners and others to use personally selected and purchased devices to execute enterprise applications and access corporate data. According to Forrester, 48% of employees chose their smartphones without regard for IT support. A Gartner survey of CIOs expects 38% of all mobile devices used within the enterprise will be employee owned by 2014. While employees are overwhelmingly in favor of using personal devices in the workplace, IT managers have a tough time reconciling the confirmed security risks with anticipated productivity gains. In many cases, line of business (LOB) executives are breaking the tie and deciding that the business case presented by workforce mobility is simply too attractive to overlook. This has forced IT managers to rethink the way they approach enterprise mobility. IT operations and IT security teams can no longer dictate which devices they will support, and have lost veto power over personally owned devices. They are being asked to embrace BYOD programs while ensuring personal devices do not compromise enterprise security or cause data leakage. Data Security Requirements for BYOD While mobile device management (MDM) software is important for managing the physical devices themselves, protection of corporate information on these devices cannot be neglected. Securing the information on mobile devices requires stricter controls than simply protecting the devices themselves. One of the more promising strategies for protecting information on mobile devices is segmentation and containerization of information and applications used for work and play. Containerization is a set of mechanisms that enforce separation between corporate and personal footprints on a device. It can be used to create encrypted folders and isolated containers (or sandboxes) to house sensitive information and corporate apps. For example, by placing a corporate email app in one of these security sandboxes, the program remains isolated and insulated against any actions taking place on unregulated portions of the device. IT managers can tailor custom policies for groups of users and/or devices for access to corporate data and apps. Data security and segmentation controls offer smooth support for BYOD programs because employees retain device control and application choice outside corporate sandboxes. This ensures better security without compromising user experience, and embraces consumerization without compromising IT controls and policies. IT organizations retain granular control over corporate footprints on employee-owned devices easing the task of demonstrating policy compliance in corporate audits. 3

[MDM] platforms are expanding deeper into enterprise mobile software and documents management support. Enterprises should look not just at a vendor s MDM technology but also at how well it can support enterprise mobile needs. Gartner, Magic Quadrant for Mobile Device Management Software, 17 May 2012, P. Redman, J. Girard & M. Basso The containerization of individual applications and files through policy wrapping locks down selected corporate content, avoiding restrictions to the user experience with native applications. Gartner, Critical Capabiliities for Mobile Device Management, 8 August 2012, M. Basso & P. Redman Capabilities ForeScout MDM, powered by MaaS360, allows organizations to securely share and manage sensitive corporate information on mobile devices by tracking and managing personal and business footprints through a variety of mechanisms: 1. Corporate email configuration, management, and selective wipe: ForeScout MDM can provision the corporate email account on devices and then selectively wipe corporate email and attachments on a device while leaving personal email, data, and photos untouched. ForeScout MDM email controls also allow organizations to restrict business emails and attachments from being emailed via personal email accounts. This keeps personal and business email data separate and eliminates a common data leakage issue, while providing a cost effective way for businesses to carefully manage corporate information in email. 2. Secure Document Container: ForeScout MDM can distribute and manage corporate documents on mobile devices and stores them in an encrypted business container, separate from personal documents. Policies can be applied to either allow or restrict document sharing. Restricting sharing means corporate documents cannot be moved to other applications, emailed, or have screen captures performed on them. Any distributed document can also be centrally removed from the device, either individually or in bulk. 3. Mobile Application Management: ForeScout MDM provides an easy to use, on-device enterprise app catalog with full operational and security lifecycle management of apps across mobile device platforms. This allows organizations to separate business apps from personal apps with the ability to remove any business application and its associated data individually or as part of a selective or full remote wipe. 4. Personal privacy settings: ForeScout MDM allows businesses to block the collection of selected personal data such as location and installed applications. This can be very important for some customers, especially in certain regions of the world where attitudes toward personal privacy are extremely strong. In some areas and industries, IT managers may not be allowed to track personal information (such as the user s location and installed applications) even on corporate owned devices. ForeScout MDM facilitates such privacy controls. Each of these data security controls can be applied on an individual, group, or full population of devices, allowing for highly segmented approaches to managing personal vs. business information for a variety of uses and user groups. For instance, hospitals use Secure Doc Sharing containerization technology to distribute sensitive medical information via mobile devices, ensuring that the documents remain securely encrypted within the ForeScout MDM doc container. All of the above functionality provides the ability to have integrated policies across email, application, and document data management. For example, if a device is discovered to be lost or non-compliant (perhaps jailbroken), ForeScout MDM can automatically wipe all email and associated attachments, restrict or wipe any documents that are in the ForeScout MDM document container, and remove proprietary corporate applications that hold sensitive data all based on a single automated rule predicated on a simple device attribute (jailbroken) identified in real time. 4

Conclusion ForeScout MDM provides powerful capabilities that allow organizations to securely manage mobile devices as well as the information and applications on those devices. Using ForeScout MDM s data security and privacy functions, IT managers can segment and manage corporate and personal footprints on the same device. This empowers IT professionals and organizations to: Increase employee productivity through effective mobile device usage Improve user experience associated with mobile device use for corporate purposes Deliver tailored mobile capabilities to different segments of the workforce Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.... About ForeScout ForeScout delivers pervasive network security by allowing organizations to continuously monitor and mitigate security exposures and cyber attacks. The company s CounterACT appliance dynamically identifies and assesses all network users, endpoints and applications to provide complete visibility, intelligence and policy-based mitigation of security issues. ForeScout s open ControlFabric technology allows a broad range of IT security products and management systems to share information and automate remediation actions. Because ForeScout s solutions are easy to deploy, unobtrusive, flexible and scalable, they have been chosen by more than 1,500 enterprises and government agencies. Headquartered in Campbell, California, ForeScout offers its solutions through its network of authorized partners worldwide. Learn more at www.forescout.com.... ForeScout Technologies, Inc. 900 E. Hamilton Ave., Suite 300 Campbell, CA 95008 U.S.A. T 1-866-377-8771 (US) T 1-408-213-3191 (Intl.) F 408-213-2283 www.forescout.com 2013 ForeScout Technologies, Inc. Products protected by US Patent #6,363,489, March 2002. All rights reserved. ForeScout Technologies, the ForeScout logo, ForeScout MDM, CounterACT and ControlFabric are trademarks of ForeScout Technologies, Inc. All other trademarks are the property of their respective owners. Doc: 2013.0057 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information