Securing Enterprise or User Brought mobile devices

Similar documents
Mobile Devices prioritize User Experience

A Mobile Security Checklist: The Top Ten Threats to Your Enterprise Today. White Paper

SEPARATING WORK AND PERSONAL

The Mobile Risk Management Company. Overview of Fixmo and Mobile Risk Management (MRM) Solutions

RHM Presentation. Maas 360 Mobile device management

Securing the SMB Cloud Generation

ForeScout Extended Module for MaaS360

Securing Office 365 with MobileIron

2016 BITGLASS, INC. mobile. solution brief

Speaker Introduction Who Mate Barany, VMware Manuel Mazzolin, VMware Peter Schmitt, Deutsche Bahn Systel Why VMworld 2017 Understanding the modern sec

MaaS360 Secure Productivity Suite

Managing Devices and Corporate Data on ios

Google Identity Services for work

Augmenting security and management of. Office 365 with Citrix XenMobile

Trend Micro Guide and solution to help embrace Consumerization and BYOD. James Walker EMEA Product Marketing Manager 26 September 2012

How NOT To Get Hacked

WHITE PAPER AIRWATCH SUPPORT FOR OFFICE 365

Addressing Today s Endpoint Security Challenges

Forescout. eyeextend for IBM MaaS360. Configuration Guide. Version 1.9

EM L01 Introduction to Mobile

ForeScout Extended Module for VMware AirWatch MDM

CAS Quick Deployment Guide January 2018


ForeScout Extended Module for MobileIron

BYOD Business year of decision!

SIMPLIFY MULTI-PLATFORM ENTERPRISE MOBILITY MANAGEMENT

Fencing the Cloud. Roger Casals. Senior Director Product Management. Shared vision for the Identity: Fencing the Cloud 1

Mobile Security using IBM Endpoint Manager Mobile Device Management


epldt Web Builder Security March 2017

2013 InterWorks, Page 1

SECURE, CENTRALIZED, SIMPLE

Use EMS to protect your mobile data and mobile app

Securing Today s Mobile Workforce

Mobile Security / Mobile Payments

Enterprise Security Solutions by Quick Heal. Seqrite.

Mobile Security Trends. Gregg Martin, Director, Mobile Security


Thomas Lippert Principal Product Manager. Sophos Mobile. Spring 2017


Embracing the Mobile Imperative

MOBILE THREAT PREVENTION

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

Enterprise Ready. Sean Yarger. Sr. Manager, Mobility and Identity. Making Android Enterprise Ready 1

Six steps to control the uncontrollable

MDM and beyond: Rethinking mobile security in a BYOD world

Application / Document Management. MaaS360 e-learning Portal Course 3

How-to Guide: Tenable.io for Microsoft Azure. Last Updated: November 16, 2018

Course Outline (version 2)

Citrix ShareFile Share, store, sync, and secure data on any device, anywhere

Security Readiness Assessment

Multi-Platform Enterprise Mobility Management. Perfectly balancing end-user and corporate needs

Apple ios Enterprise Mobility Management (cloud based)

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

MOBILE SECURITY OVERVIEW. Tim LeMaster

ANDROID PRIVACY & SECURITY GUIDE ANDROID DEVICE SETTINGS


Protecting Health Information

KODO for Samsung Knox Enterprise Data Protection & Secure Collaboration Platform

PrinterOn Mobile App MDM/MAM. Basic Integration Guide

Federal Mobility: A Year in Review

Data Loss Prevention Whitepaper. When Mobile Device Management Isn t Enough. Your Device Here. Good supports hundreds of devices.

JUNIPER NETWORKS PRODUCT BULLETIN

IT Security Training MS-500: Microsoft 365 Security Administration. Upcoming Dates. Course Description. Course Outline $2,

Mobile Device Policy. Augusta University Medical Center Policy Library. Policy Owner: Information Technology Support and Services

Citrix XenMobile and Windows 10

BEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE

Weak Spots Enterprise Mobility Management. Dr. Johannes Hoffmann

2017 Annual Meeting of Members and Board of Directors Meeting

Beyond BYOD Mobility, Cloud and the Internet of Everything

Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

Cloud Security Whitepaper

Cloud Computing. An introduction using MS Office 365, Google, Amazon, & Dropbox.

What is a mobile protection product?

Multilayered technology, machine learning and human expertise working together to provide comprehensive security for all platforms.

Mobilize with Enterprise Security and a Productive User Experience

Enterprise Mobile Management (EMM) Policies

Quick Heal Total Security for Android. Anti-Theft Security. Web Security. Backup. Real-Time Protection. Safe Online Banking & Shopping.

Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches

Multilayered technology, machine learning and human expertise working together to provide comprehensive security for all platforms.

Exclusive Selling Mobility with Security

WHITEPAPER. How to secure your Post-perimeter world

Systems Manager Cloud-Based Enterprise Mobility Management

Google on BeyondCorp: Empowering employees with security for the cloud era

Introduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview

Say Goodbye to Enterprise IT: Welcome to the Mobile First World. Sean Ginevan, Senior Director, Strategy Infosecurity Europe

McAfee MVISION Mobile epo Extension Product Guide

Enterprise Mobility Management


Copyright 2011 Trend Micro Inc.


Forescout. eyeextend for MobileIron. Configuration Guide. Version 1.9

Zero Trust in Healthcare Centrify Corporations. All Rights Reserved.

Managing Microsoft 365 Identity and Access

MOBILE SECURITY 2017 SPOTLIGHT REPORT. Information Security PRESENTED BY. Group Partner

Office 365: Modern Workplace

Deploying Lookout with IBM MaaS360

Securing Institutional Data in a Mobile World

Changing face of endpoint security

Forescout. eyeextend for VMware AirWatch. Configuration Guide. Version 1.9

Transcription:

Securing Enterprise or User Brought mobile devices Wilfried Baeten Business Line Director Projects&Consulting Econocom Managed Services 20/09/2013 WWW.ECONOCOM.COM

Agenda Introduction The mobile security challenges Challenge 1: Managing the mobile device spread Challenge 2: Malware on mobile devices Challenge 3: Managing & securing corporate applications on mobile devices Challenge 4: Mobile profile management Challenge 5: Dropbox Conclusions 03/09/2012 2

Agenda Introduction The mobile security challenges Challenge 1: Managing the mobile device spread Challenge 2: Malware on mobile devices Challenge 3: Managing & securing corporate applications on mobile devices Challenge 4: Mobile profile management Challenge 5: Dropbox Conclusions 03/09/2012 3

Introduction 03/09/2012 4

Introduction 03/09/2012 5

Introduction 03/09/2012 6

FACT Organizations Enable Mobile Devices 89% Allow mobile devices in the organization 65% Allow personal devices Source: The impact of mobile devices on information security January 2012. Check Point Software Technologies. N=768

The Good Old Days of Mobility Fully integrated security, encryption and policy stacks Business Email, Calendar and Contacts only on BlackBerry IT command-and-control, no personal apps allowed Predictable and controlled

What Makes BYOD a Unique Challenge for Enterprise IT? Consumer-grade OS s susceptible to rooting and malware Devices in an unknown and unverified starting state Unencrypted corporate data mixed with personal Unverified 3 rd party apps with access to open APIs Restrictions on strong device-level policies and wiping Accidental data leakage through end-user actions Heightened risk of corporate data leakage and cyber attacks 9

Agenda Introduction The mobile security challenges Challenge 1: Managing the mobile device spread Challenge 2: Malware on mobile devices Challenge 3: Managing & securing corporate applications on mobile devices Challenge 4: Mobile profile management Challenge 5: Dropbox Conclusions 03/09/2012 10

Today s Mobility Environment

Some statistics... 03/09/2012 12

Enterprise Mobility Challenge Embracing the Next Wave of Mobility

Security: 3 is the magic number Command Control Lock down Manage Secure Protect Mobile Device Management Mobile Application Management Mobile Information Management 03/09/2012 14

Mobile security strategy MAM MDM MIM Mobile Security Strategy 03/09/2012 15

Challenges 1) How to manage the multitude of devices? 2) Mobile devices are now the top platform for malware 3) How to secure corporate applications on personal devices? 4) Profile management in the PC world solves many problems. How to tackle this in the mobile device world? 5) What about dropbox? 03/09/2012 16

Agenda Introduction The mobile security challenges Challenge 1: Managing the mobile device spread Challenge 2: Malware on mobile devices Challenge 3: Managing & securing corporate applications on mobile devices Challenge 4: Mobile profile management Challenge 5: Dropbox Conclusions 03/09/2012 17

Allign devices, applications and users

Challenges How to control which devices, and their state, are allowed on the network? How to give and withdraw device rights? How to deploy applications? How to limit the use of device controls (micro, camera,...)? How to terminate a device / data? How to differentiate between personal and professional data? 03/09/2012 19

Mobile Device Management needs to cover full device life cycle 03/09/2012 20

Mobile Device Management: Best Practices Registering devices to ensure security: Virus protection, authentication, encryption: minimal required standards Provisioning of firm-authorized apps IT use monitoring User education Compliance with firm security policies Mobile Device registration with IT Password protection Use of unsanctioned apps Lost/stolen devices (selective) remote wipe

Ensure control of Corporate Data Stop transfer of data Stop Jailbroken & Rooted Devices

Know what you need and what you can 03/09/2012 23

Control the device Data protection settings that allow IT to take a granular, yet measured approach Disable Camera Disable Open-In Disable icloud use Disable Copy/Paste Disable sending SMS Disable printing Disable sending email Restrict outbound URL Encrypt app and data 03/09/2012 24

Geotracking results Once enabled, ZDM can store up to 6 hours of movement for each device

Evolution of the EMM (MDM) Technology Landscape Mobile Apps & Private Data Mobile App Management Encryption & Containerization of Corporate Apps & Data Email/PIM Docs & Files Browsing Custom Apps Mobile Devices Mobile Device Management (MDM) Integrity Verification Compliance OS Hardening Provisioning & Management Security & Compliance

MDM is just the start!! 03/09/2012 27

Agenda Introduction The mobile security challenges Challenge 1: Managing the mobile device spread Challenge 2: Malware on mobile devices Challenge 3: Managing & securing corporate applications on mobile devices Challenge 4: Mobile profile management Challenge 5: Dropbox Conclusions 03/09/2012 28

Security Malware Slide 29

04/03/2013 30

ATTACK VECTORS FOR THE MOBILE MALWARE

Malware - impact Common malicious activities on smartphones Collecting user information (61%) Sending premium-rate SMS messages (52%) Amusement Credential theft SMS spam Search engine optimization Ransom

Malware - impact Spy recorder Remotely turn on the microphone and start recording any voice input Initiated and terminated by a phone call from a specific number Microphone is turned on when a call comes from the number and the call is automatically rejected afterwards User is not notified Spy camera Taking snap shots from the camera Pictures uploaded to a remote server User is not notified when pictures are taken

Common Prevention and Protection Keeping the device in non-discoverable Bluetooth mode. Installing an anti-virus / IDS on the mobile device. Installing firmware updates when they are made available. Exercising caution when installing applications from untrusted sources.

Agenda Introduction The mobile security challenges Challenge 1: Managing the mobile device spread Challenge 2: Malware on mobile devices Challenge 3: Managing & securing corporate applications on mobile devices Challenge 4: Mobile profile management Challenge 5: Dropbox Conclusions 03/09/2012 35

Mobile applications - challenges Application interop data leakage risk Application security containerization of applications ActiveSync issue (no 2-factor brute force attack): combine MDM & IDS Application deployment corporate App Store Many EMM suites provide solutions both for MDM and MAM 03/09/2012 36

Security Applications Slide 38

Allow Camera InterApp Sharing icloud Backup Enable DLP Require Authentication Trusted Network Only Disable printing Restrict outbound URL Offline lease period 24 h

Secure app containers Micro VPN Lock and wipe Inter-app controls Allow Camera Conditional access policies InterApp Sharing icloud Backup Enable DLP Require Authentication Trusted Network Only Disable printing Restrict outbound URL Offline lease period 24 h

Secure Containerization Key Considerations and Approaches

Corporate App Store: Governing cloud & mobile users Mobile world is consumer driver; users are spoiled with itunes or Google play; Enterprise have additional requirements Consumer-Centric Requirements App discovery/search and user choice Install/update, trials, social network IT-Centric Requirement License management and distribution Verification testing, reporting Approve, publish and control install/uninstall Challenges: App stores intersect multiple IT markets 03/09/2012 44

Agenda Introduction The mobile security challenges Challenge 1: Managing the mobile device spread Challenge 2: Malware on mobile devices Challenge 3: Managing & securing corporate applications on mobile devices Challenge 4: Mobile profile management Challenge 5: Dropbox Conclusions 03/09/2012 45

Context Awareness

Context Aware Risk Based Access Control Mobile App Application Management User Credentials Access Management Risk-based Access Mobile Threat Protection App Optimization Enterprise Applications and Connectivity 03/09/2012 47

Geo-Fencing for ios

Agenda Introduction The mobile security challenges Challenge 1: Managing the mobile device spread Challenge 2: Malware on mobile devices Challenge 3: Managing & securing corporate applications on mobile devices Challenge 4: Mobile profile management Challenge 5: Dropbox Conclusions 03/09/2012 49

Users Demand Instant file and data access from any device File sharing (with anyone) Easy and familiar (love Dropbox) IT Wants Security Control no data leakage (hate Dropbox)

Dangers of Dropbox Easy to use, users are not aware of the dangers If no corporate solution, users get a private dropbox Uncontrolled Cloud End User License Agreement!! Document ownership http upload: bypass of all corporate security mechanisms Data leakage 03/09/2012 51

Enterprise file sharing solution Enables file sharing with anyone Syncs data across all devices Online file sharing spaces for virtual teams Selective offline access on mobile devices Data protection Encryption Device lock Store Sync Remote wipe Poison-pill Share

Private Cloud storage solution

Agenda Introduction The mobile security challenges Challenge 1: Managing the mobile device spread Challenge 2: Malware on mobile devices Challenge 3: Managing & securing corporate applications on mobile devices Challenge 4: Mobile profile management Challenge 5: Dropbox Conclusions 03/09/2012 54

Mobile Security Challenges Faced By Enterprises Achieving Data Separation & Providing Data Protection Personal vs corporate Data leakage into and out of the enterprise Partial wipe vs. device wipe vs legally defensible wipe Corporate Cloud data sharing solutions Data policies Adapting to the BYOD/ Consumerization of IT Trend Providing secure access to enterprise applications & data Developing Secure Applications Multiple device platforms and variants Multiple providers Managed devices (B2E) Unmanaged devices (B2B,B2E, B2C) Endpoint policies Threat protection Identity of user and devices Enterprise application store Authentication, Authorization and Federation User policies Secure Connectivity Application life-cycle Static & Dynamic analysis Call and data flow analysis Application policies I n t e r r e l a t e d Designing & Instituting an Adaptive Security Posture Policy Management: Location, Geo, Roles, Response, Time policies Context based user profiles Security Intelligence Reporting

Mobility of the future... 04/03/2013 56

Q & A 01/10/2013 EMS BELUX & NED - OB 2014 57

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback