Enabling Compliance for Physical and Cyber Security in Mobile Devices

Similar documents
Enabling Compliance for Physical and Cyber Security in Mobile Devices. Chip Epps & Daniel Bailin HID Global

Cyber Security and You: The Future of Physical Access in a Digital World. Chip Epps & Daniel Bailin HID Global

Mobile Access is the Killer App The Path to Flexible, Secure Credentials Brandon Arcement Senior Director, Product Marketing April 8, 2019

EXECUTIVE BRIEF. The Evolution of Cards and Credentials in Physical Access. In this Paper

hidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION

The Next Generation of Credential Technology

BlackBerry 2FA. Datasheet. BlackBerry 2FA

Mobile Security using IBM Endpoint Manager Mobile Device Management

How Next Generation Trusted Identities Can Help Transform Your Business

Solution. Imagine... a New World of Authentication.

Meeting FFIEC Meeting Regulations for Online and Mobile Banking

NFC Identity and Access Control

Single Secure Credential to Access Facilities and IT Resources

Fundamental Shift: A LOOK INSIDE THE RISING ROLE OF IT IN PHYSICAL ACCESS CONTROL

Google Identity Services for work

HID Mobile Access. Simple. Secure. Smart.

Protect Yourself Against VPN-Based Attacks: Five Do s and Don ts

Universal Representation of a Consumer's Identity Is it Possible? Presenter: Rob Harris, VP of Product Strategy, FIS

Mobile: Purely a Powerful Platform; Or Panacea?

hidglobal.com Still Going Strong SECURITY TOKENS FROM HID GLOBAL

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

iclass SE Platform Solutions The New Standard in Access Control

AXIAD IDS CLOUD SOLUTION. Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure

Best Practices Guide to Electronic Banking

Securing Personal Mobile Device Access to Enterprise IT and Cloud Assets with Strong Authentication

Passwords Are Dead. Long Live Multi-Factor Authentication. Chris Webber, Security Strategist

2018 Edition. Security and Compliance for Office 365

Cloud Security: Constant Innovation

A HOLISTIC APPROACH TO IDENTITY AND AUTHENTICATION. Establish Create Use Manage

Authentication Technology for a Smart eid Infrastructure.

Crash course in Azure Active Directory

Integrated Access Management Solutions. Access Televentures

Overview. Premium Data Sheet. DigitalPersona. DigitalPersona s Composite Authentication transforms the way IT

Software Token Enrollment: SafeNet MobilePASS+ for Apple ios

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

DigitalPersona for Healthcare Organizations

How to Align Information Security and Safety in Healthcare

MITIGATE CYBER ATTACK RISK

Applying biometric authentication to physical access control systems

Make security part of your client systems refresh

LinQ2FA. Helping You. Network. Direct Communication. Stay Fraud Free!

IT Security Mandatory Solutions. Andris Soroka 2nd of July, RIGA

FIDO Alliance: Standards-based Solutions for Simpler, Strong Authentication

Transformation in Technology Barbara Duck Chief Information Officer. Investor Day 2018

FIDO AS REGTECH ADDRESSING GOVERNMENT REQUIREMENTS. Jeremy Grant. Managing Director, Technology Business Strategy Venable LLP

Speaker Introduction Who Mate Barany, VMware Manuel Mazzolin, VMware Peter Schmitt, Deutsche Bahn Systel Why VMworld 2017 Understanding the modern sec

Related Labs: Introduction to Universal Access and F5 SAML IDP (Self-paced)

Mobile Field Worker Security Advocate Series: Customer Conversation Guide. Research by IDC, 2015

Dissecting NIST Digital Identity Guidelines

FIDO ALLIANCE: UPDATES & OVERVIEW BRETT MCDOWELL EXECUTIVE DIRECTOR. All Rights Reserved FIDO Alliance Copyright 2017

EBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS

Empower your phone to open new doors

MAESON MAHERRY. 3 Factor Authentication and what it means to business. Date: 21/10/2013

Mobile Security / Mobile Payments

ModernBiz Day. Safeguard Your Business. Sonia Blouin APAC Cloud Lead Microsoft Asia Pacific

Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape

Security Solutions for Mobile Users in the Workplace

Behavioral Biometrics. Improve Security and the Customer Experience

Digital Payments Security Discussion Secure Element (SE) vs Host Card Emulation (HCE) 15 October Frazier D. Evans

RSA Fraud & Risk Intelligence Solutions

Beyond Payment: Secure NFC applications and their relation to RFID

Unlocking Office 365 without a password. How to Secure Access to Your Business Information in the Cloud without needing to remember another password.

Biometrics in Banking. How to Integrate Touch ID into your Mobile Banking Application the Right Way

Strong Authentication for Physical Access using Mobile Devices

Visa Inc Investor Day. Technology at Visa. Rajat Taneja EVP, Technology and Operations

Building a Resilient Security Posture for Effective Breach Prevention

IDENTITY: A KEY ELEMENT OF BUSINESS-DRIVEN SECURITY

The Device Has Left the Building

IBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan

Mobile Devices prioritize User Experience

Understanding Office 365: Is A Cloud Based Solution Right For Your Business?

2016 BITGLASS, INC. mobile. solution brief

Empower your phone to open new doors

WHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD

HID goid Mobile ID Solution

The Medeco Solution for Controlled Access and Accountability

MEETING ISO STANDARDS

Securing Office 365 with Symantec

Securing Office 365 with MobileIron

Transportation Worker Identification Credential (TWIC) Steve Parsons Deputy Program Manager, TWIC July 27, 2005

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Angela McKay Director, Government Security Policy and Strategy Microsoft

Securing Health Data in a BYOD World

Getting Started Accessing Okta All Employees

Personal Cybersecurity

A Practical Step-by-Step Guide to Managing Cloud Access in your Organization

IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation

Quick Heal Total Security for Android. Anti-Theft Security. Web Security. Backup. Real-Time Protection. Safe Online Banking & Shopping.

Introducing. Worldpay Total. Worldpay international omni-channel payment solution

Vincent van Kooten, EMEA North Fraud & Risk Intelligence Specialist RSA, The Security Division of EMC

Citizen Biometric Authentication based on e-document verification. e-government perspective. Mindshare Ruslans Arzaniks Head of Development

Securing Today s Mobile Workforce

Six Ways to Protect your Business in a Mobile World

Stop sweating the password and learn to love public key cryptography. Chris Streeks Solutions Engineer, Yubico

BlackBerry Enterprise Identity

Session 2: Understanding the payment ecosystem and the issues Visa Europe

LOGIN. Cloud-Based Authentication BUYER'S GUIDE. Helping you Navigate the Possibilities

New Paradigms of Digital Identity:

Login Procedures. Access Treasury Gateway by entering the site address in your web browser navigation box:

Six steps to control the uncontrollable

Transcription:

Enabling Compliance for Physical and Cyber Security in Mobile Devices Brandon Arcement & Chip Epps HID Global Sept 12, 2016 1630-1730 ET

Agenda Smart Devices vs. Traditional Cards Mobility Infrastructure Considerations Mobility Technology Considerations The Future: Wearables and Beyond Convergence & Compliance The Security Landscape Contextual Authentication Using Analytics 2

Do You Remember the First Time You Saw This? 3

It's a New World 4

Phones & Wearables vs. Cards Smart Devices Easy to keep with you Online via tethering Typically user-owned and controlled User desire for wide range of uses User more likely to safeguard device Less likely to share device Wide range of costs Cards Not always convenient Always offline Issuer controlled Easily displayed credential with unlimited battery life Mature processes to deploy and manage Low cost 5

Mobile Access: Market Insights 6

More Demand for More Convenience Enable building occupantsto use smartphone, tablet, or wearable to enter controlled areas Fewer items to carry Remote, over-the-air credentialing Lost or forgotten cards no longer a problem Open doors from distance in long range applications Adds to perception of innovative environment 7

The Need for Greater Efficiency Make physical access administrationeasier with digital, online processes Replace physical credential management with digital experience Over-the-air credentialing of remote workers and visitors Streamline operations with integration to PACS or Visitor system Sustainable process with reduced waste and lower carbon footprint 8

The Need for Higher Security Provide higher levels of authentication in physical access control Easily deprovision unauthorized devices Deactivate in PACS system Revoke credential over-the-air Missing mobile devices are reported almost immediately Applications can be protected with biometric and/or passcode Vulnerabilities can be addressed quickly through remote update Mobile devices are rarely forgotten, lost, or stolen 9

Infrastructure Considerations for Mobile Access 10

Credential Provisioning Centralized Remote 11

Physical Access Control Traditional Architecture Physical Access Control 12

Physical Access Control Traditional Architecture w/ Mobile Over-the-Air Credential Management Physical Access Control 13

Mobile Access Remote Credential Provisioning 1) Administrator manages users and credentials via cloud portal 2) Credential transferred into device over the air 3) Device authenticates to reader using Mobile App 4) Reader sends credential data to panel 14

Technology Considerations for Mobile Access 15

NFC vs. Bluetooth Security Read Range User Experience Application Breadth Transaction Speed 16

NFC vs. Bluetooth NFC Communication based on contactless smart card standards Communication based on legacy Bluetooth standard Android Android andios 424 kbit/s data rate 270 kbit/s data rate Range up to 10cm Range up to 100m 17

Privacy Concerns 18

Mixed Populations Mobile Devices &LegacyCredentials 19

The Future: Wearables & Beyond 20

Tap to Open or Login for Wearables Nymi Band Continuous authentication technology called HeartID Authenticate users via their electrocardiogram (or ECG) Secure communication channel Simply tap band to access cloud apps and doors 21

Contextual Authentication Examples Single vs. Multi factor Exterior doors Interior doors High security doors Windows logon VPN Banking 22

Convergence One Credential for secure access to cloud, data and the door 23

Convergence Examples User Experience Single Card for PACS, Windows Logon and Network Access Mobile smartphones Policy Network access only allowed after authentication at the door VPN connection only allowed after GPS verified in sync with travel plans 24

Corporate ID Landscape is Rapidly Evolving.. More devices More Apps More Identity Data 25

Noun: criminal activities carried out by means of computers or the Internet The US Government proposes to spend $14 Billion in 2016 and $19 Billion in 2017 fighting cybercrime 26

Am I Really Dealing With My Bank? SMiShing Vishing Phishing Dear HSBC Customer Your account has been blocked due to suspicious activity. To restore access please Logon here. Copyright HSBC Bank 2015 All rights reserved. 27

Noun: the state of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this Sounds simple, but the activities required to be protected can be complex and costly Cryptography forms the basis for trust on line. - Bruce Schneier Fellow Berkman Center Harvard University 28

Cybersecurity is the result of applying consistent, coherent and connected identity and trust frameworks to the component parts of any given ecosystem If you solve the identity problem based on consistent trust, you dramatically reduce cyber risk Identity Cybersecurity Trust 29 29

Create Trusted Identities Natural Identity Trusted Identity Digital Certificates A digital certificate is issued to employees and customers to establish and protect a trusted identity; that Allows that person to do the same things in the electronic world that they do in the physical world Trusted identities combat fraud and protect against cybercrime 30

Establish User Confidence Device Binding Digital Certificate Mobile Banking App Live Security Center If you suspect fraud, please contact our fraud team. Press for Help Hello Mr Smith, Please confirm your transaction request for funds transfer at ATM Las Vegas. Hello Mr Smith, Please sign your nameusing your finger so we can verify you. Digital Cert Live Security Center Push Behavioural 31

Manage Your Risk Profile 32

Future Trends 33

Deliver Frictionless Authentication Multi-modal biometrics Transactional Analysis Behavioural Analysis (What We Do Today) Multi Decision Factor Authentication Engine Contextual Analysis Threat Detection Predictive Analytics 34

& Continuous Risk-Based Authentication Multi-modal biometrics Continuous Risk Assessment Transactional Analysis Contextual Analysis Decision Step Up Engine Auth Behavioural Analysis Threat Detection Confidence 12 10 8 6 4 2 0 Step Up 0 2 4 6 8 Time Span Predictive Analytics 35

Trusted Services Dashboard 36

Empower Mobility with Trust and Confidence Authentication Service 37

Next Steps See HID Global @ Booth #3901 Adjacent to ASSA ABLOY booth (#3601 ) Mobile Access on Android & Apple Wearables Biometrics Security Intelligence 38

Thank you Brandon Arcement, barcement@hidglobal.com Chip Epps, cepps@hidglobal.com 39

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback