McAfee Enterprise Mobility Bringing Mobile Devices into the Security Infrastructure John Dasher 14 September 2011
Devices/Users (MM in Log Scale) Hypergrowth in Mobile Devices Computing Cycles in Perspective (from Morgan Stanley) 1,000,000 100,000 Mobile Internet 10,000 1,000 100 10 1 Minicomputer PC 10M Units Mainframe 1M Units Desktop Internet 100M Units 1B+ Units/ Users 1960 1980 2000 2020 10B+ Units?? The desktop internet ramp was just a warm-up act for what we re seeing happen on the mobile internet. The pace of mobile innovation is unprecedented, I think, in world history. Mary Meeker, Morgan Stanley April 2010
Enterprise Mobility: The Pressure is On Mobile is forcing the industry to replicate what we did last decade across an explosion of platforms this year!
Trends Consumerization of IT Employee-owned devices on the corporate network Device diversity ios, Android, Windows, etc. App explosion Beyond email and web Mobile threat emergence Android an early favorite
But Enabling Mobility Brings Risk Web 2.0, Apps 2.0, Mobility 2.0 There is a policy disconnect between IT and end users HR More than half of all users don t lock their devices IT IT Sales Mobile devices predicted to be New Malware Frontier Finance Almost 1 in 5 devices are lost each year
Mobile Threat Outlook Hackers have set their sights on mobile The surge of mobile app & content downloads has rejuvenated hackers interest in mobile technology Mobile platforms are vulnerable The fragility of mobile device security is proven, and exploitation of vulnerabilities is accelerating No vendor or mobile OS is immune Malicious activity follows consumers everywhere and will not stop in front of Android, ios, J2ME, BlackBerry and the mobile web Threatening strategic assets Customer data, location data, billing interface, network, and brand are expected to be the most target & affected assets Android s inbuilt trusted source protection can be disabled easily
Mobile Malware Trend and Outlook Mobile Threat Research McAfee, Inc., June 2011
Mobile Malware on the Rise Device loss and theft remains a top concern, however, Android attacks have increased by 238% since Dec 2010. While Symbian remains the most attacked mobile platform in terms of total malware samples, Android has emerged as the platform experiencing the largest number of new attacks. No ios targeted attacks were found in the wild in Q2. Total Mobile Malware Samples Mobile Malware Target Platforms 1400 1200 1000 800 600 400 200 BlackBerry VBS MSIL Python Android Java ME Symbian 0 1Q '09 2Q '09 3Q '09 4Q '09 1Q '10 2Q '10 3Q '10 4Q '10 1Q '11 2Q '11 Source: McAfee Labs Aug 2011
Mobile Security Requirements Protect Mobile Devices Protect Mobile Data Protect Mobile Apps
McAfee s Mobile Security Direction Development and Integration Protect Mobile Devices Device management (MDM) Anti-malware Web protection Protect Mobile Data Data protection (MDM) Only viable when device security is assured Sandbox/Containers work; but at expense of user experience Protect Mobile Apps Enterprise App Store McAfee SECURE for App Stores McAfee App Alert The information contained in this document is for informational purposes only and should not be deemed on offer by McAfee or create an obligation on McAfee. McAfee reserves the right to discontinue products at any time, add or subtract features or functionality, or modify its products, at its sole discretion, without notice and without incurring further obligations.
McAfee Uniquely Can Accomplish This Continuum of endpoints SECURITY MANAGEMENT epolicy Orchestrator ENDPOINT AV DLP NETWORK FW NAC ndlp epolicy Orchestrator CONTENT web email RISK & COMPLIANCE NAC app scanning
You already built one security infrastructure. Why build another? Bring Mobile Devices IN
McAfee s Mobile Security Integration First Step: epolicy Orchestrator EMM EMM DMZ P McAfee epolicy Orchestrator Enterprise Mobility and Security Management Bring mobile devices into the security management framework for centralized visibility and control. Set policies for all endpoints alike, and report on them all centrally to understand and manage your compliance status and risk profile at any given time.
McAfee s Mobile Security Integration Direction Next: McAfee VirusScan Mobile EMM EMM DMZ Anti-Malware Data Loss Prevention Application Security Enterprise Mobility and Anti-Malware Protect mobile devices and networks against viruses, spyware, botnets, and even Advanced Persistent Threats. Roll out anti-malware solution and DAT updates to devices and other endpoints alike centrally and in a policy-based way. Prove compliance with corporate and regulatory policy.
McAfee s Mobile Security Integration Direction Next: Secure Container and DLP EMM EMM DMZ Anti-Malware Data Anti-Malware Loss Prevention Application Security Enterprise Mobility and Data Loss Prevention Safeguard leakage of your corporate data with a secure container, at the host or mobile device, and at the network level. Start with a secure container to prevent data loss from email, and ultimately extend granular data leakage prevention policies to mobile devices as you do other endpoints.
McAfee s Mobile Security Integration Direction Next: Secure Applications Scan Provide secure access Certify Aggregate Monitor Anti-Malware Data Loss Prevention Application Security Enterprise Mobility and the Application Security Lifecycle Start by scanning and certifying mobile applications for vulnerabilities or malware, monitoring their behavior and developing reputations for them, and providing secure access to them via network access control.
McAfee s Mobile Security Delivery Direction Today: On-Prem Software; Next: SaaS EMM EMM EMM DMZ On-Prem or SaaS Options Delivering Secure Enterprise Mobility in Multiple Ways Deploy enterprise mobile security as on-premise software or cloud-based software-as-a-service.
McAfee EMM is a delivery vehicle to bring critical security and compliance capabilities to mobile devices and McAfee + Intel are uniquely able and committed to doing so.
optional Self-Service Provisioning Delighting the User 1 2 3 4 Go to the App Store Enter Your Email Credentials Agree to Corporate Policy IT Services are Auto-Provisioned Easy, Secure, Automated Easy, Secure, Automated 20 September 14, 2011
Self-Service Provisioning for Android 1 2 3 4 Go to the Marketplace Enter Your Email Credentials Agree to Corporate Policy IT Services are Auto-Provisioned Easy, Secure, Automated 21 September 14, 2011