BYOD Business year of decision!

Similar documents
Beyond BYOD Mobility, Cloud and the Internet of Everything

Delivering a Secure BYOD Solution with XenMobile MDM and Cisco ISE

3-Part Guide to Developing a BYOD Strategy

Changing face of endpoint security

Say Goodbye to Enterprise IT: Welcome to the Mobile First World. Sean Ginevan, Senior Director, Strategy Infosecurity Europe

The Context Aware Network A Holistic Approach to BYOD

WHITE PAPER AIRWATCH SUPPORT FOR OFFICE 365

THREE-PART GUIDE TO DEVELOPING A BYOD STRATEGY WHITE PAPER FEBRUARY 2017

Thomas Lippert Principal Product Manager. Sophos Mobile. Spring 2017

Mobile Devices prioritize User Experience

BYOD Success Kit. Table of Contents. Current state of BYOD in enterprise Checklist for BYOD Success Helpful Pilot Tips

Phil Schwan Technical

MObile. end. complexity

Securing BYOD With Network Access Control, a Case Study

Mobile Security using IBM Endpoint Manager Mobile Device Management

Securing Today s Mobile Workforce

Next Generation Infrastructure Outsourcing. Copyright 2016 Tech Mahindra. All rights reserved.

SIMPLIFY MULTI-PLATFORM ENTERPRISE MOBILITY MANAGEMENT

The Maximum Security Marriage: Mobile File Management is Necessary and Complementary to Mobile Device Management

Securing Enterprise or User Brought mobile devices

2012 Cisco and/or its affiliates. All rights reserved. 1

Network Access Control

Introducing KASPERSKY ENDPOINT SECURITY FOR BUSINESS

How to Secure ipads, Tablets and Android Devices for Corporate Use. John Masserini CISO Dow Jones

Cisco Virtual Experience Infrastructure for Government. Virtualize Your Desktop and Increase Agency Efficiency

WHITEPAPER. How to secure your Post-perimeter world

Secure IT consumeration (BYOD), users will like you How to make secure access for smart mobile devices

Partner Webinar. AnyConnect 4.0. Rene Straube Cisco Germany. December 2014

Google Identity Services for work

Bring Your Own Device. Peter Silva Technical Marketing Manager

A Mobile Security Checklist: The Top Ten Threats to Your Enterprise Today. White Paper

BEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE

Introducing. Secure Access. for the Next Generation. Bram De Blander Sales Engineer

PCI DSS Compliance. White Paper Parallels Remote Application Server

Cisco Network Admission Control (NAC) Solution

Move beyond BYOD to Mobile Workspace with Cisco and Citrix

Say Yes to BYOD How Fortinet Enables You to Protect Your Network from the Risk of Mobile Devices WHITE PAPER

RHM Presentation. Maas 360 Mobile device management

Information Security BYOD Procedure

For Sales Kathy Hall

Technology for a Changing World

Securing Office 365 with MobileIron

IBM Lotus Notes Traveler

GEARS + CounterACT. Advanced Compliance Enforcement for Healthcare. December 16, Presented by:

Cisco VXI Smart Solution with VMware View

Managing BYOD Networks

Mobile Device policy Frequently Asked Questions April 2016

PrinterOn Mobile App MDM/MAM. Basic Integration Guide

BYOD Secure Zoning Between Enterprise and Personal Data on Mobile Devices. 14 November 2013 Rozana Rusli Meling Mudin

Cisco Identity Services Engine (ISE) Mentored Install - Pilot

Simplify, Strengthen and Unify your security.

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

SAS and F5 integration at F5 Networks. Updates for Version 11.6

Secure Network Access for Personal Mobile Devices

REVISED 4 JANUARY 2018 VMWARE WORKSPACE ONE REFERENCE ARCHITECTURE FOR SAAS DEPLOYMENTS

Purchase Intentions Spring 2013 EMEA

October 2016 Issue 07/16

ForeScout Extended Module for VMware AirWatch MDM

MaaS360 Secure Productivity Suite

Customer Case Studies on Accelerating Their Path to Hybrid Cloud

Systems Manager Cloud-Based Enterprise Mobility Management

BYOD the HP Way: Secure, Device-Agnostic Network Access Management Jochen Fischer Solution Architect (MASE) September 2013

Webinar: Mitigating the risks of uncontrolled content access from mobile devices. Presented By: Brian Ulmer, Product Management Director

MOBILE SECURITY 2017 SPOTLIGHT REPORT. Information Security PRESENTED BY. Group Partner

KASPERSKY ENDPOINT SECURITY FOR BUSINESS

Speaker Introduction Who Mate Barany, VMware Manuel Mazzolin, VMware Peter Schmitt, Deutsche Bahn Systel Why VMworld 2017 Understanding the modern sec

Securing BYOD with Cisco TrustSec Security Group Firewalling

2016 BITGLASS, INC. mobile. solution brief

Make security part of your client systems refresh

Secure wired and wireless networks with smart access control

Xerox and Cisco Identity Services Engine (ISE) White Paper

CLEARPASS CONVERSATION GUIDE

Go mobile. Stay in control.

Cloud Mobility: Meraki Wireless & EMM

Securing the SMB Cloud Generation

Enhancing and Extending Microsoft SharePoint 2013 for Secure Mobile Access and Management

Securing the Empowered Branch with Cisco Network Admission Control. September 2007

Five Tips to Mastering Enterprise Mobility

Support Device Access

ForeScout Extended Module for MobileIron

Apple OS Deployment Guide for the Enterprise

AXIAD IDS CLOUD SOLUTION. Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure

2013 InterWorks, Page 1

Citrix XenMobile and Windows 10

The Need For A New IT Security Architecture: Global Study On The Risk Of Outdated Technologies

Steps to Eradicate Text Messaging Risk

Hosted Exchange. Presented by Joseph Lee

Beyond Your Device. Control, Connect, Experience. BT GS Analyst and consultant call 2 July 2013

Securing Health Data in a BYOD World

What BYOD and CYOD mean for workplace transformation

Adaptacyjny dostęp do aplikacji wszędzie i z każdego urządzenia

The erosion of the perimeter in higher education. Why IAM is becoming your first line of defence.

Bring Your Own Design: Implementing BYOD Without Going Broke or Crazy. Jeanette Lee Sr. Technical Marketing Engineer Ruckus Wireless

XenApp, XenDesktop and XenMobile Integration

Provide One Year Free Update!

Securing Cisco s Network

905M 67% of the people who use a smartphone for work and 70% of people who use a tablet for work are choosing the devices themselves

Managing Windows 8.1 Devices with XenMobile

Enabling Fast IT. In the IoE era. Alberto Degradi DCV Sales Leader. November 2014

The Device Has Left the Building

Transcription:

Bucharest, Romania April 24, 2013 BYOD Business year of decision! Cisco on Cisco Christoph Nienhaus IT Leader for EMEAR Central - DACH 2011 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 1

BYOD Simpler than you think 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 2

The Conservative Don t worry be happy! 2010 Cisco and/or its affiliates. All rights reserved. 3

http://globalgeeknews.com/wp-content/uploads/2011/05/crysis-best-age-verification-ever.jpg 2010 Cisco and/or its affiliates. All rights reserved. 4

http://blog.klabusterbeere.nl/wp-content/uploads/2011/06/2011-kopie.jpg 2010 Cisco and/or its affiliates. All rights reserved. 5

2010 Cisco and/or its affiliates. All rights reserved. 6

2010 Cisco and/or its affiliates. All rights reserved. 7

2010 Cisco and/or its affiliates. All rights reserved. 8

Cisco s Any Device Landscape (Mar. 31,2013) 84,696 7,264 33,780 3,101 Corporate Laptops (CYOD) Corporate VXI Endpoints 4.4% Growth 3.8% Growth 11.7% Growth -11.5% Growth 0.3% Growth Other 15,873 32,536 10,970 5,401 806 Mobile Devices (BYOD) 2012 2013 Cisco and/or its affiliates. All rights reserved. 9

Mobile Device Share 1% 17% Android Has achieved a 3 month avg. growth high of 11.7% March share up from 12% in 2012 and 7% in 2011 8% The 8% share is a significant fall from the same period in 2012 of 22% and 41% in 2011 74% ios The most popular combination of devices is the iphone + ipad, with 10,685 users having this combination Source Data: ISA Server Stats via Adam Grimes adgrimes@cisco.com, EMAN Mobile Admin

2012 Cisco and/or its affiliates. All rights reserved. 11

Device Smart-Phone \ Tablet Virtual \ Laptop Device Management Non-Standard Application Data Device Security Network Security Platform Corporate Multiple Locations Encryption Windows Macs Cisco Owned APPS Personal VIRTUAL Clients Desktop\Notebooks IRON-PORT \ WSA (SECURITY APPLIANCE) Personally Owned APPS PC Backup Network ANY-CONNECT CORPORATE GUESTNET PUBLIC Web Anti-Virus Windows Macs Behaviour-Analytics Windows Altiris Mac to be decided Mobile Afaria App Delivery Disparate Point Solutions App Centre Soft-Tracker Image - ACNS Device Provisioning Multi-Source Global Desktop Management Service Catalogue MDS Mobile Capabilities 2012 Cisco and/or its affiliates. All rights reserved. 12

How to evolve our technologies and policies to cater for new devices, operating systems, form factors and ownership For example one of the growing challenges is protecting our data. This could be done with a number of technologies in the future such as: Web apps e.g. Microsoft Web Apps Containerisation e.g. Good or Touchdown Virtualisation (local or remote, application or full desktop) e.g. Citrix, VMware, Microsoft Digital Rights Management (DRM) e.g. Microsoft We currently rely on a culture of trust to support security policy. we may need to adjust the balance to protect our data in the Post PC world User Experience Risk Mitigation Industry thought leadership 2012 Cisco and/or its affiliates. All rights reserved. 13

Identity & Context Policy / What applications Entitlement can you access? Who Identity: Role\HR Where Context When Role\HR How where Policy when how policy What devices Device ID can you use? Context Compliance UserID Public\Private Cloud Cisco Enterprise Store WebEx Social Files Trusted \ Untrusted Device Management Devices, Appliances & Things 2012 Cisco and/or its affiliates. All rights reserved. 14

Profiling Registration Posture Enforcement User Impact Entirely transparent to users IT Impact Creation of a live endpoint database Value Visibility into device & user demographics Ability to make informed business & security decisions User Impact Users register their devices for corporate access. Network configures BYOD devices for users. Guests use internet.cisco.com SSID is internet ( guestnet retired) IT Impact New guest/byod network BYOD onboarding Value Foundation for unique device identifier for device management. Streamlined onboarding (reduced support costs) User Impact Corporate & BYOD devices have posture assessed IT Impact Deployment of Mobile Device Management (MDM) client on endpoints Value Visibility into security posture How many jailbroken iphones are being used on our network? Who has disabled PIN and screensaver on their device? User Impact Access to corporate network governed by context, including identity, role, device, posture etc IT Impact Creation of a live endpoint database Value Fine grained policy based network access model Differentiated/virtualized access based on context Security no longer based on perimeter Now (capabilities mature over time) Future 2012 Cisco and/or its affiliates. All rights reserved. 15

Other Devices Trusted Devices 10 Minute Timeout 4 Digit PIN Local and Remote Wipe Encryption and Management 2012 Cisco and/or its affiliates. All rights reserved. 16

Mobile Device Access Model Current State Remote Wipe 4 Digit PIN 10 Minute Timeout Network Edge Encryption Management Core Network 2012 Cisco and/or its affiliates. All rights reserved. 17

BYOD Rules of Use Cisco Rules of Use All users must accept rules of use when signing up for service 1) Allows Cisco to remotely wipe the device 2) Requires an acceptable password and 10 minute timeout 3) Requires users to immediately report a lost or stolen device. There is no IT jargon the rules are simple for end-users to understand Cisco has a trade off between employee trust and IT control 2012 Cisco and/or its affiliates. All rights reserved. 18

HR policy Employee Education & Responsibility Code of Business Conduct Signed yearly by every employee Added the following section to cover personal devices: Cisco has the right to require security controls on all electronic and computing devices used to conduct Cisco business or interact with internal networks and business systems, whether owned or leased by Cisco, the employee or a third party. Cisco also has the right to inspect at any time, all messages, files, data, software, or other information stored or transmitted on these devices. 2012 Cisco and/or its affiliates. All rights reserved. 19

2012 Cisco and/or its affiliates. All rights reserved. 20

Consistent Security Policy Enforcement Network-wide Physical desktops, virtual desktops, BYOD Wired, Wireless, VPN* Bound to point of access, not IP address Supports Data Security, Access Control, and Compliance Protects intellectual property Automation & Self Registration Context-aware Identity and Authentication Services WHO WHAT WHERE WHEN HOW 2012 Cisco and/or its affiliates. All rights reserved. 21

ISE Authorization Policy Definition IDENTITY SERVICES ENGINE User Device Type Location Posture Time Access Method Custom 2012 Cisco and/or its affiliates. All rights reserved. 22

2012 Cisco and/or its affiliates. All rights reserved. 23

Cisco IT App Selection Basics App Store Security Collaboration Function Virtualization EasyApps @Work 2012 Cisco and/or its affiliates. All rights reserved. 24

A multitude of stores at Cisco 2012 Cisco and/or its affiliates. All rights reserved. 25

Cisco Enterprise Store Enabling you to find and use all Apps, IT services and Tools & Processes Webex Social Apps New Phone Tools & Processes VPN Desktop apps PC Refresh Email Account Mobile Apps Enterprise Store 2012 Cisco and/or its affiliates. All rights reserved. 26

Cisco Enterprise Store Access to Storefront from all OS & Device Types Pervasive Enterprise Security (versions, enforcement, trusted devices) Desktop Apps Virtual HW Mobile Apps Quad Apps Re Mobile HW Desktop HW Personalized, User Friendly Catalog for all IT Services Reporting Chargeback Entitlement Approvals Categories Integrated with Enterprise Service Management Automated and Seamless Service Provisioning 2012 Cisco and/or its affiliates. All rights reserved. 27

2012 Cisco and/or its affiliates. All rights reserved. 28

No automatic entitlement to internal network access registration will be required Devices not able to authenticate will have no direct access to internal resources Future state is differentiated access based upon device type, state, posture and user Flat network access no longer Some vendors forced into ION for VDI only access (data security) Physical loop holes closed where currently exploited Follow the user access control Better user experience through leveraging pervasive identity 2012 Cisco and/or its affiliates. All rights reserved. 29

Higher user expectations Products & Capabilities are still maturing Users don t care about certs, MAC addresses, provisioning Just make it work! Bring Your Own Device = Brought Your Own Device They re already here. Adapt or pay the price in lower user experience & serious security implications So many platforms, variations, brands Aim for large targets first You ll never cover every version, brand or flavour of Android (for example) Community support, workshops and social networking works Mindset of today s employees is different 2012 Cisco and/or its affiliates. All rights reserved. 30

Thank you. 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 31

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback