TechnoLabs Software Services Pvt Ltd. Enterprise Mobility - Mobile Device Security

Similar documents
Feature List for Kaspersky Security for Mobile

AirWatch Enterprise Mobility Management. AirWatch Enterprise Mobility Management

Mobile First Government

APPENDIX B1 - FUNCTIONALITY AND INTEGRATION REQUIREMENTS RESPONSE FORM FOR A COUNTY HOSTED SOLUTION

Kaspersky Security for Mobile

Mobile Device Management for CFAES

How To Protect The Agency From Hackers On A Cell Phone Or Tablet Device

Addressing NIST and DOD Requirements for Mobile Device Management

Enterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment. Paul Luetje Enterprise Solutions Architect

Symantec Mobile Management 7.2

Securing Corporate on Personal Mobile Devices

COMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING

1. What are the System Requirements for using the MaaS360 for Exchange ActiveSync solution?

BYOD. and Mobile Device Security. Shirley Erp, CISSP CISA November 28, 2012

Embracing Complete BYOD Security with MDM and NAC

Protecting Criminal Justice Information: Achieving CJIS Compliance on Mobile Devices

Symantec Mobile Management for Configuration Manager 7.2

Symantec Mobile Management Suite

Use of tablet devices in NHS environments: Good Practice Guideline

IBM Endpoint Manager for Mobile Devices

Trust Digital Best Practices

ONE Mail Direct for Mobile Devices

Symantec Mobile Management 7.2

SYNCSHIELD FEATURES. Preset a certain task to be executed. specific time.

FileCloud Security FAQ

{ipad Security} for K-12. Understanding & Mitigating Risk. plantemoran.com

The User is Evolving. July 12, 2011

Junos Pulse for Google Android

Xperia TM. Read about how Xperia TM devices can be administered in a corporate IT environment

WICKSoft Mobile Documents for the BlackBerry Security white paper mobile document access for the Enterprise

Answers to these questions will determine which mobile device types and operating systems can be allowed to access enterprise data.

Security Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

Kony Mobile Application Management (MAM)

Addressing NIST and DOD Requirements for Mobile Device Management (MDM) Essential Capabilities for Secure Mobility.

Athena Mobile Device Management from Symantec

Lecture Embedded System Security A. R. Darmstadt, Introduction Mobile Security

BYOD Policy for [AGENCY]

Hands on, field experiences with BYOD. BYOD Seminar

Ensuring the security of your mobile business intelligence

Sophos Mobile Control

How To Manage A Corporate Device Ownership (Byod) On A Corporate Network (For Employees) On An Iphone Or Ipad Or Ipa (For Non-Usenet) On Your Personal Device

How To Manage A Mobile Device Management (Mdm) Solution

Norton Mobile Privacy Notice

perspective The battle between MDM and MAM: Where MAM fills the gap? Abstract - Payal Patel, Jagdish Vasishtha (Jags)

[BRING YOUR OWN DEVICE POLICY]

BEST PRACTICE GUIDE MOBILE DEVICE MANAGEMENT AND MOBILE SECURITY.

The ForeScout Difference

Securing Patient Data in Today s Mobilized Healthcare Industry. A Good Technology Whitepaper

Mobile Security BYOD and Consumer Apps

Chris Boykin VP of Professional Services

What We Do: Simplify Enterprise Mobility

Best Practices Guide to Electronic Banking

Windows Phone 8.1 in the Enterprise

Building Apps for iphone and ipad. Presented by Ryan Hope, Sumeet Singh

BYOD in the Enterprise

Quick Start Guide. Version R9. English

Workplace-as-a-Service BYOD Management

Bring Your Own Device. Individual Liable User Policy Considerations

ForeScout MDM Enterprise

Symantec Mobile Management 7.1

McAfee Enterprise Mobility Management

Mobile Mobile Security COPYRIGHT 2014 INTUITION ALL RIGHTS RESERVED. Copyright 2014 Intuition

Running Head: AWARENESS OF BYOD SECURITY CONCERNS 1. Awareness of BYOD Security Concerns. Benjamin Tillett-Wakeley. East Carolina University

trends and audit considerations

How To Use A Microsoft Mobile Security Software For A Corporate Account On A Mobile Device

Cisco Mobile Collaboration Management Service

Symantec Mobile Management 7.1

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

SECURING TODAY S MOBILE WORKFORCE

Vodafone Global Enterprise Deploy the Apple iphone across your Enterprise with confidence

Mobile Device Management Version 8. Last updated:

White Paper. Data Security. journeyapps.com

Advanced Configuration Steps

Securing Health Data in a BYOD World

Windows Phone 8.1 Mobile Device Management Overview

ios Enterprise Deployment Overview

Protecting your Data, Devices, and Digital Life in a BYOD World: A Security Primer GLENDA ROTVOLD AND SANDY BRAATHEN NBEA APRIL 2, 2015

White Paper. Data Security. The Top Threat Facing Enterprises Today

LabTech Mobile Device Management Overview

IT Resource Management vs. User Empowerment

SAS Mobile BI Security and the Mobile Device

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Managing and Securing the Mobile Device Invasion IBM Corporation

Symantec Mobile Security

Working Together Managing and Securing Enterprise Mobility WHITE PAPER. Larry Klimczyk Digital Defence P:

Securing mobile devices in the business environment

BYOD Guidelines A practical guide for implementing a successful BYOD Management program in an organization of any size.

10 BEST PRACTICES FOR MOBILE DEVICE MANAGEMENT (MDM)

Google Identity Services for work

OWA vs. MDM. Once important area to consider is the impact on security and compliance policies by users bringing their own devices (BYOD) to work.

EndUser Protection. Peter Skondro. Sophos

The Top Five Security Challenges Presented by Mobile SharePoint Access

iphone in Business Mobile Device Management

Guideline on Safe BYOD Management

Introducing KASPERSKY ENDPOINT SECURITY FOR BUSINESS.! Guyton Thorne! Sr. Manager System Engineering!

Embracing BYOD. Without Compromising Security or Compliance. Sheldon Hebert SVP Enterprise Accounts, Fixmo.

Mobile Tablet Devices

Guidelines for smart phones, tablets and other mobile devices

Kaseya 2. User Guide. Version 7.0. English

Transcription:

Enterprise Mobility - Mobile Device Security Story Context: TechnoLabs has been focusing and offers Enterprise Mobility as one of its solution offering. No can deny the fact that mobile computing can bring difference to the business visa-vie employees and customers. But the concern remains the data security!! How one can achieve clear demarcation on what constitutes official and how we can protect it even if the Mobile is lost. TechnoLabs is evaluating the mobile original equipment manufacturers (OEMs) so that we can recommend right mobile platform to our enterprise customers. PS: Please validate if your Enterprise Security provides the Solution points mentioned under each section. 1 P a g e

Mobile Enterprise Mobility Security Considerations a. Client Side Data storage and Protection Client Side data stored is the data at rest (or in motion) and is always susceptible to attacks. Mobile applications can use plethora of mechanisms to store and retrieve data from the mobile and tablet devices. Especially the applications which are downloaded from public sources (including unknown) and run on Client side resides on user s device. The data stored might be prone to get exposed to various security threats for both users and enterprises. Common way to fall prey to get data exposed if the device is lost. Sensitive data might get accessed by notorious applications through application logs, debug information, cached application messages and transaction histories. Enterprises might not be in control of the users using personal devices under BYOD policy from downloading the unwanted applications from the public stores. The challenge for IT management is to deploy BYOD without compromising security at the same time. So highest priority is to deploy tight client-side storage solution to protect the data. Solutions: To remotely lock a device and enforce lockout duration. To method of triggering remote wipe native to device or proprietary. Verify wipe completion process. Ability to detect block SIM cards and block a stolen device when a new SIM card is detected. Provide SD card encryption. Ability to control speech recognition function-enable/disable access to functionality on the device. Provide pin/pattern/password/biometric access to mobile device reset either remotely or in a self-service portal. Provide auto-alerts. Enable/disable device location either by GPS and/or cellular triangulation. Malware and virus protection device level firewall or intrusion detection system. Control mobile device camera enable/disable front and rear cameras, and detect and prevent manual override by user. Control speech recognition function-enable/disable access to functionality on the device. 2 P a g e

b. Protection for data in transit The authorized users are allowed to access and transmit key corporate assets such as emails, enterprise applications or some critical documents. This data transmitted between the mobile devices and other networks (servers) done commonly through client-server system. The data transmitted through the carrier network and internet can be transpired through compromised wireless networks, network devices or any malware pre-existing on the devices. How to protect the data in transit to avoid exposing the sensitive data to the notorious attackers? Solution: Prevention, detection, and restriction of jail-broken devices tethered and over-the-air jailbreak methods. Control Bluetooth communication blacklist/whitelist by vendor or peripheral type. Provide Wi-Fi control blacklist/whitelist selective Wi-Fi networks, and detect and prevent manual override by user. Enable/disable device location either by GPS and/or cellular triangulation. Control to enable/disable device location either by GPS and/or cellular triangulation. c. User Authentication features available User authentication advents from PIN, to Pattern, to Bio Metrics for the right user to have it d. Device level protection in case of lost mobile On an average 3 users out of 10 loses the mobile devices. The lost mobile device both ios and Android can easily be cracked and the enterprise data can be retrieved if it is not encrypted. Not having a phone lock will ease the attackers to impersonate the victim to access critical information. Jailbreak/root detection mechanism. Enable/disable device location either by GPS and/or cellular triangulation. Enable/disable location-based services. Enable remotely lock a device and enforce lockout duration. Run a tool of triggering remote wipe native to device or proprietary. Verify wipe completion process. Detect block SIM cards and block a stolen device when a new SIM card is detected. Provide malware and virus protection device level firewall or intrusion detection system. 3 P a g e

Prevent, detect, and restrict jail-broken devices tethered and over-the-air jailbreak methods. Provide SD card encryption. Control mobile device camera enable/disable front and rear cameras, and detect and prevent manual override by user. Control Bluetooth communication blacklist/whitelist by vendor or peripheral type. Control speech recognition function-enable/disable access to functionality on the device. Secure pin/pattern/password/biometric access to mobile device reset either remotely or in a self-service portal. Trigger auto-alerts. e. Data backup and restore Data backup is critical for the enterprises and the users. Schedule over-the-air backup to a central archive and restoration by authorized users and administrators. Available on either a Wi-Fi or cellular network. In the event a user loses their device, MDM solution back up application information so that it can be restored on the user's next device. Ability to perform selective backup (i.e. business files, apps, device settings, etc.) Install the softwares and configure by sending configuration file via message. Feature to restore the device by using the device backup stored at the server. f. Suspicious alerts to your mail ID or other mobile Must be Intelligent enough to read unusual behavioral pattern and report to the Business Administrator. Also on reading unusual behavior, the device should ask for authentication. g. Malicious software It is very likely the mobile user downloads Android applications from unknown sources. The potential malicious software applications may be downloaded from the internet or copied from Secure Digital (SD) cards which might expose the enterprise data which can intelligently attack the system. The malicious software can attack both the device and also enterprise system in the backend. No policy to control users from downloading applications on personal device under 4 P a g e

Bring Your Own Device (BYOD) in current corporate scenario would lead to exposing Enterprise applications and data to malware applications. The user innocently would be victimized to the criminal activity of the malicious software also ricking the Enterprise data. Peer to Peer sharing is the biggest and weakest form of networking (Bluetooth) to transmit the data and notable mobile malware infections are spread in this environment by spying sensitive data and loss of financial data. h. Default device management software Solution: Separate personal and private user data from business data. Supports virtualized OS and apps. Conduct auto audits, remote assessment, remediation, and compliance reporting. Ability to enter user information or phone information not listed elsewhere. Integrates mobile device data with Microsoft SCCM. Integrates with existing enterprise systems, such as WLAN and other consumer management solutions. Manages multi-user devices with user profiles, device check-in/check-out, and app store account management. Multi-factor authentication. Self-help library with answers to simple technical questions online. Provides terms of use for access to State resources. Registers devices by either system administrator or end-user. Supports business intelligence features, such as automated report generation and distribution, and custom reporting capabilities. Reports on data usage and trends. Reports on inventory classification - unknown, authorized, provisioned, decommissioned, etc. Reports on last-connected status, updates, and push status. Automatically configures the exchange connection and configuration upon device activation. 5 P a g e

i. Encryption and login implementation to specific file or folder Enterprise Applications communicates with the backend system without strong mutual authentication and encryption of the communication channel can expose the data and might fuel attacks in future. j. Enterprise Mobile Document Management As TechnoLabs developed mobile document management product, MobiDocs, we would like to have special protection for documents and collaboration. Solution: Digital signature for mails. Push documents out to MDM devices. Provide an integrated document container. Integrate with third party document containers (i.e. DropBox, SkyDrive, etc.). Provide document editing and or integrations with third party document editing tools. Host a document library for publishing ibooks or shared containers. Newsstand implementation similar to iphone. 6 P a g e

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information