Compliance Management for Mobile Devices

Similar documents
Answers to these questions will determine which mobile device types and operating systems can be allowed to access enterprise data.

Enterprise Mobile App Management Essentials. Presented by Ryan Hope and John Nielsen

The Future of Mobile Device Management

McAfee Enterprise Mobility Management Versus Microsoft Exchange ActiveSync

Symantec Mobile Management 7.1

Symantec Mobile Management Suite

Statement of Direction

Symantec Mobile Management 7.1

Cloud Services MDM. Overview & Setup Admin Guide

AirWatch Solution Overview

SANS Mobility/BYOD Security Survey

Device Independence - BYOD -

BRING YOUR OWN DEVICE

Building Apps for iphone and ipad. Presented by Ryan Hope, Sumeet Singh

[BRING YOUR OWN DEVICE POLICY]

How To Protect The Agency From Hackers On A Cell Phone Or Tablet Device

Bell Mobile Device Management (MDM)

How To Manage A Corporate Device Ownership (Byod) On A Corporate Network (For Employees) On An Iphone Or Ipad Or Ipa (For Non-Usenet) On Your Personal Device

BYOD How-To Guide. How do I securely deliver my company s applications and data to BYOD?

How to Execute Your Next Generation of Mobile Initiatives. Ian Evans Vice President and Managing Director- EMEA, AirWatch by VMware

11 Best Practices for Mobile Device Management (MDM)

IT Resource Management vs. User Empowerment

Athena Mobile Device Management from Symantec

Symantec Mobile Management 7.2

Symantec Mobile Management for Configuration Manager 7.2

MAM + MDM = BMS. (Bada$$ Mobile Strategy)

Chris Boykin VP of Professional Services

Mobile Device Management in the Systems Management Ecosystem. Katie Wiederholt, Dell Software

SANS Mobility/BYOD Security Survey

AirWatch Enterprise Mobility Management. AirWatch Enterprise Mobility Management

Secure Mobile Solutions

SECURITY OF HANDHELD DEVICES TAKE CONTROL OF THE MOBILE DEVICE

Guideline on Safe BYOD Management

Mobility Challenges & Trends The Financial Services Point Of View

Auditing the Security and Management of Smart Devices. ISACA Dallas Meeting February 13, 2014

Cyber Security. John Leek Chief Strategist

Choosing an MDM Platform

GO!es MOBILE. YOUR Enterprise. The Challenge. The Solution. Mobilise Your Services Reach Anybody, Anywhere, Anytime

An Mformation Whitepaper ENTERPRISE MOBILITY SOLUTIONS FROM THE CLOUD REMOVE THE BARRIERS 1

#mstrworld. Support BYOD with MicroStrategy Mobile to cut costs and deploy to 1000s

ANY TIME ANY PLACE ANY WHERE. JOEL SWEENEY and SHAUN BENNETTS XPERTEX

Data Loss Prevention Whitepaper. When Mobile Device Management Isn t Enough. Your Device Here. Good supports hundreds of devices.

Mobile Device Management for CFAES

How To Write A Mobile Device Policy

BYOD: End-to-End Security

MDM Mobile Device Management

CHOOSING AN MDM PLATFORM

1. What are the System Requirements for using the MaaS360 for Exchange ActiveSync solution?

CSS CORP SMART MOBILITY SERVICES

Top. Enterprise Reasons to Select kiteworks by Accellion

Kony Mobile Application Management (MAM)

Enabling Seamless & Secure Mobility in BYOD, Corporate-Owned and Hybrid Environments

SOLUTION BRIEF Enterprise Mobility Management. Critical Elements of an Enterprise Mobility Management Suite

Securely. Mobilize Any Business Application. Rapidly. The Challenge KEY BENEFITS

Cisco Mobile Collaboration Management Service

Kaspersky Security for Mobile

The. C s. of Mobile Device. Management

Enterpise Mobility Lexicon & Terminology

Mobile Device Security Is there an app for that?

Secure, Centralized, Simple

Druva insync vs. Altiris/Symantec DLO. Comparison Guide

APPLE & BUSINESS. ios ENTERPRISE SECURITY ENTERPRISE NEEDS CONFIGURATION PROFILES

Mobile Device Management and Security Glossary

Junos Pulse. Uwe Nelkel Business Development Manager Junos Pulse. IBM Golf Cup, Golfclub Holledau, September 14 th 2011

Introducing KASPERSKY ENDPOINT SECURITY FOR BUSINESS.! Guyton Thorne! Sr. Manager System Engineering!

IBM Endpoint Manager for Mobile Devices

RFI Template for Enterprise MDM Solutions

Systems Manager Cloud Based Mobile Device Management

GOVERNMENT USE OF MOBILE TECHNOLOGY

Tablets: Will They Replace PCs?

Ensuring the security of your mobile business intelligence

BYOD and Its Impact on IT. Making it easy to deploy, integrate and manage Macs, iphones and ipads in a Windows environment

Transcription:

Compliance Management for Mobile Devices

MOBILE SOLUTIONS Agenda Mobile Device Use Today Mobile Device Use Tomorrow Mobile Device Configuration Challenges in the Mobile Device Environment Policy and Configuration Guidance Device Deployment Models Devices SCAP Issues Today Potential SCAP Use Questions 1

Early usage of mobile devices in Government focused almost exclusively on Blackberry devices. Primarily for E-mail access Some web-browsing Phone Mobile Device Use - Today Government owned and issued devices strictly controlled via Blackberry Enterprise Server (BES). 2

Proliferation of smartphone devices has greatly expanded the use and interest in using non- Blackberry devices. Rich feature sets provide a number of new uses for these devices within the government. In addition to functions used in the Blackberry devices, Apps and other resources now provide tools such as: GPS used for Blue Force Tracking and Navigation Apps for command and control of Unmanned Aerial Vehicles Camera used for Intel gathering Mobile Device Use Tomorrow Aviation use to eliminate bulky maps and charts 3

Like the traditional computing environment, mobile devices can be configured on the device itself or through a tool known as a Mobile Device Manager (MDM). Each solution has benefits and costs: Per Device Configuration Benefits: easy for anyone to do, doesn t require access to a network to configure the device Cost: easily overridden by the user, no consistency, not scalable MDM Configuration Mobile Device Configuration Benefits: consistent configuration, can serve as a policy enforcement point Cost: additional cost, requires technical expertise 4

Mobile devices bring tremendous capabilities to the government workforce but along with these capabilities and flexibility come some new challenges and paradigms that must be considered. These include: Policy and Configuration Guidance Unclear policy Narrow configuration guidance Undefined usage model Deployment Models Government issued and controlled Bring your own device (BYOD) Devices Challenges in the Mobile Device Environment Device capabilities vary significantly on the Android platform COTS products that are updated regularly Limited support for traditional Information Assurance tools 5

Policy and Guidance for traditional devices is well established and defined. However, there have been some challenges in developing this level of maturity with respect to mobile devices. No universal policy Many capabilities are left to the site to determine what is appropriate Example Should cameras be enabled or disabled? Narrow configuration guidance STIGs for Android, ios and Windows Mobile 6.5 are currently based on Good Technology s Mobile Device Manager (MDM) only Undefined usage model Policy and Configuration Guidance Who will own the device physically and from a Certification and Accreditation (C&A) perspective Example - Will the Army issue each solider one at Boot Camp for the duration of their service or will they issue/return per duty assignment? 6

The features offered by mobile devices are attractive to government and there is a desire to use them now. The challenges include a limited budget to purchase these new devices so should employees be allowed to bring their own device (BYOD)? Government issued and controlled Government authorizes usage and pays for service. Clear lines of ownership permit total device control and clear usage guidelines. Bring your own device (BYOD) Device Deployment Models What government resources can the user access? Does the government have the right to wipe the phone? Can the government limit usage of a personally owned device? Is government data stored and sandboxed within an encrypted security container? Do the benefits outweigh the risks????? 7

As COTS products, the mobile device market is highly competitive. New devices and features are put out at a rapid pace. The business model of these companies is different from traditional PC vendors as is the buying/lifecycle from the customer perspective. Business Models Wide variety of operating systems and devices as well as MDM tools. Stiffer competition leading to challenges in cross-platform support Apple and RIM have own devices, OSs, and MDMs Support by 3 rd party MDMs often limited or restricted by RIM, Apple Android OS is only supported 3 rd party devices and MDMs Very few security features out-of-the-box (must be supplemented) Devices can also vary based on cellular service provider Consumer Lifecycle Devices Relatively inexpensive so more frequently replaced that PCs/laptops Apple pre-sold 1 Million iphone 4S models in the 1 st 24hrs! Limited support for traditional Information Assurance tools Antivirus, Firewalls, Intrusion Detection/Prevention Systems (IDS/IPS) 8

Issues with leveraging SCAP today in a mobile environment include: Lack of Vendor Adoption Unlike the desktop environment where SCAP is being adopted, this same effort has not yet migrated to the mobility world Lack of Content As with existing SCAP implementations, coding resources are limited SCAP specifications were not designed to work with resources sitting on another carrier s network Limited Configuration Guidance SCAP Issues Today As mentioned before, unclear configuration guidance makes it difficult to build tools to support checking of the configuration 9

Potential SCAP Use Communication between the various MDMs and devices will likely remain proprietary. However, SCAP could possibly be leveraged to gather reporting information. Our task is looking into: Information gathered in the MDM database Identifying configuration management related items and how they are captured such as unique identifiers Development of a prototype capability to extract the information from the MDM database and act as an SCAP translator Leveraging this SCAP data in existing tools for visualization purposes. 10

Questions? 11

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information