Securing the Mobile Workforce

Similar documents
Chris Boykin VP of Professional Services

My CEO wants an ipad now what? Mobile Security for the Enterprise

SECURING TODAY S MOBILE WORKFORCE

McAfee Enterprise Mobility

BYOD: Should Convenience Trump Security? Francis Tam, Partner Kevin Villanueva, Senior Manager

The User is Evolving. July 12, 2011

Mobile Workforce. Connect, Protect, and Manage Mobile Devices and Users with Junos Pulse and the Junos Pulse Mobile Security Suite.

Secure Your Mobile Workplace

Feature List for Kaspersky Security for Mobile

Symantec Mobile Management 7.2

Security. Mobile Device FOR. by Rich Campagna, Subbu Iyer, and Ashwin Krishnan. John Wiley & Sons, Inc. Foreword by Mark Bauhaus.

North Carolina Health Information Management Association February 20, 2013 Chris Apgar, CISSP

Deploy secure, corporate access for mobile device users with the Junos Pulse Mobile Security Suite

Ensuring the security of your mobile business intelligence

Symantec Mobile Management 7.2

SECURITY OF HANDHELD DEVICES TAKE CONTROL OF THE MOBILE DEVICE

Bring Your Own Device Mobile Security

Managing Mobile Devices in the Enterprise. James Naftel

Symantec Mobile Management for Configuration Manager 7.2

Mobile Protection. Driving Productivity Without Compromising Protection. Brian Duckering. Mobile Trend Marketing

Symantec Mobile Management 7.1

Symantec Mobile Management 7.1

EndUser Protection. Peter Skondro. Sophos

Don t Lose the Data: Six Ways You May Be Losing Mobile Data and Don t Even Know It

The Mobile Security Challenge: Opportunities & Issues Matthew Young, Security Programs Manager

Mobile Security: The good, the bad, the way forward

Kaspersky Security for Mobile

5 Considerations for a Successful BYOD Strategy Vincent Vanbiervliet

Enterprise Mobile Management

Athena Mobile Device Management from Symantec

Symantec Mobile Management Suite

Supporting Workforce Mobility: Best Practices in Enterprise Mobility Management

Where are Organizations Today? The Cloud. The Current and Future State of IT When, Where, and How To Leverage the Cloud. The Cloud and the Players

The Maximum Security Marriage:

BYOD AND ME. How cell phone hacking effects your business.! Richard Rigby CEO Wraith Intelligence

IT Self Service and BYOD Markku A Suistola

Embracing BYOD with MDM and NAC. Chris Isbrecht, Fiberlink Gil Friedrich, ForeScout

Embracing Complete BYOD Security with MDM and NAC

activecho Driving Secure Enterprise File Sharing and Syncing

The ForeScout Difference

Device Independence - BYOD -

"Secure insight, anytime, anywhere."

Why Digital Certificates Are Essential for Managing Mobile Devices

Mobile Security: Controlling Growing Threats with Mobile Device Management

Mobile Device Management. Andrius Šaveiko

Endpoint protection for physical and virtual desktops

BYOD: End-to-End Security

Endpoint protection for physical and virtual desktops

Junos Pulse. Uwe Nelkel Business Development Manager Junos Pulse. IBM Golf Cup, Golfclub Holledau, September 14 th 2011

Bell Mobile Device Management (MDM)

Embracing BYOD. Without Compromising Security or Compliance. Sheldon Hebert SVP Enterprise Accounts, Fixmo.

How To Manage A Corporate Device Ownership (Byod) On A Corporate Network (For Employees) On An Iphone Or Ipad Or Ipa (For Non-Usenet) On Your Personal Device

Community Chat. MDM Meets Endpoint Mgmt. Justin Strong Sr. Product Marketing Manager

ForeScout MDM Enterprise

Mobile Security Buyer s Guide

Data Security on the Move. Mark Bloemsma, Sr. Sales Engineer Websense

Enterprise on the Go. How enterprises can leverage mobile apps

Technology Blueprint. Enforce Security on Smartphones + Tablets. Protect the business while allowing personally-owned devices to access the network

What We Do: Simplify Enterprise Mobility

Bring Your Own Device:

IT TRENDS AND FUTURE CONSIDERATIONS. Paul Rainbow CPA, CISA, CIA, CISSP, CTGA

Sophos Mobile Control - Competitive Overview

How to Execute Your Next Generation of Mobile Initiatives. Ian Evans Vice President and Managing Director- EMEA, AirWatch by VMware

Mobile Device Strategy

{ipad Security} for K-12. Understanding & Mitigating Risk. plantemoran.com

Smart Givaudan. From BYOD experience to new mobile opportunities

Ibrahim Yusuf Presales Engineer at Sophos Smartphones and BYOD: what are the risks and how do you manage them?

RFI Template for Enterprise MDM Solutions

2/23/2013 BY VORAPOJ LOOKMAIPUN CISA, CISM, CRISC, CISSP Agenda. Security Cases What is BYOD Best Practice Case Study

Introducing KASPERSKY ENDPOINT SECURITY FOR BUSINESS.! Guyton Thorne! Sr. Manager System Engineering!

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

MOBILE SECURITY ROCK SOLID OR AT RISK?

Hands on, field experiences with BYOD. BYOD Seminar

Mobile App Management:

Mobile Device Security Risks and RemediaAon Approaches

Consumerization of IT. Sara M. Russo MBA Fellow Project Center for Digital Strategies 5 May 2011

SOLUTION BRIEF Enterprise Mobility Management. Critical Elements of an Enterprise Mobility Management Suite

Security and Compliance challenges in Mobile environment

Apps. Devices. Users. Data. Deploying and managing applications across platforms is difficult.

Mobile First Government

ADDING STRONGER AUTHENTICATION for VPN Access Control

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Guideline on Safe BYOD Management

Securing mobile devices in the business environment

Mobile Device Management

Control Issues and Mobile Devices

Protect Your Mobile World

WHITE PAPER. Mobile Security. Top Five Security Threats for the Mobile Enterprise and How to Address Them

Securely Yours LLC IT Hot Topics. Sajay Rai, CPA, CISSP, CISM

How To Protect Your Mobile Devices From Security Threats

SA Series SSL VPN Virtual Appliances

BYOD How-To Guide. How do I securely deliver my company s applications and data to BYOD?

Managing and Securing the Mobile Device Invasion IBM Corporation

FileCloud Security FAQ

Samsung Mobile Security

[BRING YOUR OWN DEVICE POLICY]

Workspot Enables Spectrum of Trust. Photo by Marc_Smith - Creative Commons Attribution License

Data Loss Prevention Whitepaper. When Mobile Device Management Isn t Enough. Your Device Here. Good supports hundreds of devices.

Beyond Mobile Device Security: Why Comprehensive Endpoint Security and Management is a Must-Have for Small and Medium Enterprises

THE SECURITY OF HOSTED EXCHANGE FOR SMBs

Transcription:

Securing the Mobile Workforce Joey Peloquin Director, Mobile Security Dan Thormodsgaard VP, Solution Architecture

Agenda Enterprise Mobility Trends Mobile Security Threats Managing Enterprise Mobility FishNet Mobile Security offerings Q & A

Enterprise Mobility Trends

What s Happening? The Consumerization of Enterprise Mobility Personal mobile devices are rapidly evolving into business devices Employees forward corporate email & files to personal accounts. They routinely disregard IT security standards. They adopt whichever device satisfies BOTH personal and work needs.

Employee Behavior is Changing A wide variety of device models are entering the business domain, creating havoc for IT organizations Use Managed Diversity to Support Endpoint Devices May 2010, Ken Dulaney Mobile users are experiencing new levels of personal productivity. They are frustrated in their levels of business productivity. They need their work life to co exist with their home life. They are looking to consolidate the number of devices they carry. They will use their own devices, even if requests for support are not met.

Companies struggle with how to Adapt 75% of Forrester enterprise survey respondents indicated user demand for support of devices on multiple platforms. Five Year Forecast for Enterprise Smartphone Marketshare, January 13, 2010 Companies should leverage personal productivity in the workplace. IT solutions should focus on regulating access and behavior rather than devices. Compliance should enhance mobility, not restrict it.

New Wave of Change: Consumerization of IT Computing Cycles in Perspective (from Morgan Stanley) 1,000,000 100,000 Mobile Internet Devices/Users (MM in Log Scale) Desktop Internet 10,000 10B+ Units?? 1,000 PC 1B+ Units/ Users 100 100M Units Minicomputer 10 10M Units Mainframe 1 1M Units 1960 1980 2000 2020 The desktop internet ramp was just a warm up act for what we re seeing happen on the mobile internet. The pace of mobile innovation is unprecedented, I think, in world history. Mary Meeker, Morgan Stanley April 2010

What Mobile Consumerization Means for the Enterprise Multiple Types of Devices and Providers Multiple Device Owners Personal Devices Used for Work Activities/Work Devices Used for Personal Activities (BYOD) User s implored to download applications and store data User s demand to use devices to fullest potential

Enterprise Mobility 2.0: Enterprise App Evolution Enterprise and LOB Apps Basic Services Customer Facing Apps Web and Social Media

Customer Challenges and Dynamics Increase Productivity Sales Staff, IT Staff, Executives, Doctors/Nurses, Support Staff, Attorneys, Government Agencies Executives and business owners are dictating technology decisions iphone, ipad, Android, etc IT management has to come up with a solution Applications Moving beyond Email/Contacts/Calendars and extending access to corporate data through native and web apps Sales tools delivering rich content Technology has been deployed without understanding the risk

Security is the #1 Concern Nearly 30% of companies experienced a breach due to unauthorized mobile device use. Q1 Enterprise and SMB Survey, 2009 - Forrester Research Companies with a complex, disparate infrastructure face more challenges attaining end to end security. You need to separate enterprise data from personal data. You must deny rogue devices access to the network. Your IT administrator should retain centralized control.

Mobile Security Threats Loss / Theft Phishing Malware Backups

Security Threats: Loss / Theft Keylogging /User/Library/Keyboard/dynamic text.dat

Security Threats: Loss / Theft Pboard /User/Library/Caches/com.apple.UIKit.pboard

Security Threats: Loss / Theft Plists /User/Applications/<GUID>/Library/Preferences

Security Threats: Loss / Theft Plists /User/Applications/<GUID>/Library/Preferences

Security Threats: Loss / Theft Chat sessions in the clear

Security Threats: Loss / Theft JPMC sigh

Security Threats: Loss / Theft Data Handling: Now, that s how it s done!

Security Threats: Phishing Mobile Web, Mobile Apps Not developed with same scrutiny as proper web Email links are bad mkay Mix HTTP/S Internet facing Insecure use of sld domains iphish: Phishing Vulnerabilities on Consumer Electronics Yuan Niu, Francis Hsu, Hao Chen

ios MSIL Sgold AndroidOS Win Mobile Python Symbian J2ME Security Threats: Malware 2 1 4 2 4 3 15 7 54 16 60 5 311 74 613 45 Variants Families The MM revolution started principally in 2004 with the release of the Cabir.A worm, SymbianOS. Some MM were released before this date, but it was Cabir and the release of its source code that caused an explosion of new MM to emerge. Ken Dunham, Mobile Malware Attacks and Defense 0 200 400 600 800 http://www.securelist.com/en/analysis/204792168/mobile_malware_evolution_an_overview_part_4

Security Threats: Malware Got root? 2004: Cabir.A, source, SymbianOS 2008: Trojan.iPhone.A, ios 2009: Ikee, ios, worm 2009: Dutch 5 Ransom 2009: iphone/privacy.a, trojan, Python 2009: Ikee.B/Duh, ios, worm/botnet 2010: Geinimi, Android, trojan/worm 2011: HongTouTou, Android, trojan 2011: DroidDream, Android, trojan 2011: Zitmo (ZeuS variant), RIM, trojan

Security Threats: Malware Malicious Apps ios Android MogoRoad Storm8 Aurora Faint Handy Light Spider Man Falling Down Super History Eraser Super Guitar Solo Collected personal info and made sales calls Harvested telephone numbers, millions of d/l Contact list uploaded to developer s server Secret configuration enabled tethering DroidDream root device, steal IMSI/IMEI, APK DroidDream root device, steal IMSI/IMEI, APK DroidDream root device, steal IMSI/IMEI, APK DroidDream root device, steal IMSI/IMEI, APK

Security Threats: Desktops itunes Backups Should you allow backups on unmanaged assets? Force Encryption? Backup location Mac /Users/<username>/Library/Application Support/MobileSync/Backup Windows XP C:\Documents and Settings\user\Application Data\Apple Computer\MobileSync\Backup Vista / Windows 7 C:\Users\user\AppData\Roaming\Apple Computer\MobileSync\Backup Extract unencrypted files through the following: iphone Backup Decoder Python Script http://mac.softpedia.com/get/iphone Applications/Tools Utilities/iPhone Backup Decoder.shtml Or, for the lazy, GUI tool http://supercrazyawesome.com/

Security Threats: Desktops itunes Backups

Managing Enterprise Mobility Mobile Security 10 Steps Mobile Application Security Mobile Device Management and Technology

10 Steps to Securing the Mobile Workforce 1 2 3 4 5 6 7 8 9 10 Update your Security Policy to address securing the Mobile Workforce Security Awareness Training for Mobile Workforce Users Mobile Device provisioning process and inventory asset management Strong Authentication for Mobile Device access Centralize Security Policy Manage Process & Tools Whole Disk Encryption or File Level Encryption Endpoint Security Tools Device lockdown and remote wipe capabilities Access logging and file integrity monitoring with centralize log repository Data leakage controls and logging

Update Your Security Policy Element Description Authentication Loss / Theft Device Support Encryption Backup / Restore Storage Cards Acceptable Use Enforcement How often a password must be changed. How many invalid tries are allowed before the device is disabled. Strong authentication using two factor or certificates. Lost or stolen device are remotely wiped and disabling of the device over a defined period of time. Define what devices are supported by the institution/organization i.e. Blackberry, Mac/PC s. Sensitive data must be encrypted or devices is encrypted with WDE. If a device could be lost or stolen, there should be a defined procedure for backing up and restoring the data to another device. Storage cards are a convenient way to expand memory, but they're also portable and thus a security risk. Do you ban them? Or, encrypt them? A good security policy needs to set limits on what users can install on their devices and what is acceptable use. Consequences if there is violation of the policy.

Security Awareness Training People generally try to do the right thing, they may not know what they are doing is wrong and how it may impact the company/institution The risks associated with using, transmitting, and storing electronic information How to reduce the risks to confidentiality, integrity, and availability (CIA) of data The roles and responsibilities of each community member in protecting Corporate data and systems

Mobile Application Security

3 Enterprise Mobile Strategies Three predominant ways to isolate corporate data from personal data on mobile devices: Sandboxing it in a secure container Good Technologies Sybase (Afaria) Excitor Touchdown, Whisper Systems (Android encryption) Managing the native environment through a trusted approach that checks for policy compliance AirWatch Juniper (Smobile) McAfee (Trust Digital) MobileIron Zenprise Hosting it in a data center or public cloud and making it accessible via a desktop virtualization client Citrix VMware

Interesting Mobile Security Technologies Enterproid The Divide platform by Enterproid gives mobile professionals a new way to use their smartphones for both work and personal life. With multiple profile support, great productivity apps out of the box and complete personal and IT cloud management, Divide is the next generation solution for enterprise mobility. http://www.enterproid.com/features.html Simplified streamlines the effort of deploying cloud identity and access management for mobile devices. http://www.symplified.com/index.html Mobile Active Defense SaaS approach to Mobile Device Management & Compliance http://www.mobileactivedefense.com/solutions/en terprise edition/

Strong Authentication SecureAuth www.multifa.com RSA- soft tokens or KeyFobs Safenet (Aladdin, SafeWord) Entrust- Bingo Cards PhoneFactor PKI Certificates, MS, RSA, Entrust

Network Access Solutions Endpoint compliance check to ensure that devices are compliant before allowing them to gain access to the network (NAC). NAC Solutions: Bradford Networks Cisco NAC Forescout Great Bay Juniper UAC Symantec

Remote Access Systems Endpoint compliance check to ensure that devices are compliant before allowing them to gain access to the network (NAC). SSL VPN solutions providing value: SSL VPN Solutions: Juniper JUNOS Pulse Citrix Receiver F5 Edge Portal Check Point Mobile Cisco Any Connect

FishNet Security Mobile Security Offerings

FishNet Mobile Security Service Offerings Mobile Security Roadmap Mobile Application Security Enterprise Vulnerability and Risk Assessment Mobile Security Awareness Training Mobile Forensics MDM Implementation MDM Proof of Concept

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information