Mobile Devices prioritize User Experience

Similar documents
Mobile Security using IBM Endpoint Manager Mobile Device Management

Securing Enterprise or User Brought mobile devices

Securing Today s Mobile Workforce

Changing face of endpoint security

MaaS360 Secure Productivity Suite

Introducing KASPERSKY ENDPOINT SECURITY FOR BUSINESS

How Next Generation Trusted Identities Can Help Transform Your Business

DIRECTIVE ON INFORMATION TECHNOLOGY SECURITY FOR BANK PERSONNEL. June 14, 2018

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

Bring Your Own Device. Peter Silva Technical Marketing Manager

Enterprise Ready. Sean Yarger. Sr. Manager, Mobility and Identity. Making Android Enterprise Ready 1

Mobile Security Overview Rob Greer, VP Endpoint Management and Mobility Product Management Dave Cole, Sr. Director Consumer Mobile Product Management

Citrix XenMobile and Windows 10

Google Identity Services for work

Integrated Access Management Solutions. Access Televentures

BYOD: BRING YOUR OWN DEVICE.

HPE Intelligent Management Center

Say Yes to BYOD How Fortinet Enables You to Protect Your Network from the Risk of Mobile Devices WHITE PAPER

Securing Wireless Mobile Devices. Lamaris Davis. East Carolina University 11/15/2013

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

Ceedo Client Family Products Security

Effective Strategies for Managing Cybersecurity Risks

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Say Goodbye to Enterprise IT: Welcome to the Mobile First World. Sean Ginevan, Senior Director, Strategy Infosecurity Europe

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

BEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE

Make security part of your client systems refresh

The Device Has Left the Building

Thomas Lippert Principal Product Manager. Sophos Mobile. Spring 2017

EM L01 Introduction to Mobile

Securing Office 365 with MobileIron

A Mobile Security Checklist: The Top Ten Threats to Your Enterprise Today. White Paper

BYOD Business year of decision!

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Avanan for G Suite. Technical Overview. Copyright 2017 Avanan. All rights reserved.

Introduction to Device Trust Architecture

ENTERPRISE MOBILITY TRENDS

Webinar: Mitigating the risks of uncontrolled content access from mobile devices. Presented By: Brian Ulmer, Product Management Director

ForeScout CounterACT Pervasive Network Security Platform Network Access Control Mobile Security Endpoint Compliance Threat Management

PLATFORM CONVERGENCE JOURNEY

Windows ierīces Enterprise infrastruktūrā. Aris Dzērvāns Microsoft

IBM 企业移动平台初探. 刘达 IBM 应用开发商合作部

AXIAD IDS CLOUD SOLUTION. Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure

Fencing the Cloud. Roger Casals. Senior Director Product Management. Shared vision for the Identity: Fencing the Cloud 1

Microsoft 365 Business FAQs

Phil Schwan Technical

Speaker Introduction Who Mate Barany, VMware Manuel Mazzolin, VMware Peter Schmitt, Deutsche Bahn Systel Why VMworld 2017 Understanding the modern sec

Adaptacyjny dostęp do aplikacji wszędzie i z każdego urządzenia

Implementing Your BYOD Mobility Strategy An IT Checklist and Guide

Total Threat Protection. Whitepaper

Securing the SMB Cloud Generation

mhealth SECURITY: STATS AND SOLUTIONS

MOBILE SECURITY OVERVIEW. Tim LeMaster

Identity and Client Security for Remote Access Virtual Credential Container

Trusted Computing Today: Benefits and Solutions

Data Loss Prevention Whitepaper. When Mobile Device Management Isn t Enough. Your Device Here. Good supports hundreds of devices.

Maximum Security with Minimum Impact : Going Beyond Next Gen

New Paradigms of Digital Identity:

Symantec Endpoint Protection Family Feature Comparison

Security+ SY0-501 Study Guide Table of Contents

Ch 1: The Mobile Risk Ecosystem. CNIT 128: Hacking Mobile Devices. Updated

CA Security Management

A MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE

Review Kaspersky Internet Security - multi-device 2015 online software downloader ]

Addressing Today s Endpoint Security Challenges

Secure IT consumeration (BYOD), users will like you How to make secure access for smart mobile devices

Overview. Premium Data Sheet. DigitalPersona. DigitalPersona s Composite Authentication transforms the way IT

3-Part Guide to Developing a BYOD Strategy

The CISO s Guide to Deploying True Password-less Security. by Bojan Simic and Ed Amoroso

Weak Spots Enterprise Mobility Management. Dr. Johannes Hoffmann

Windows 10. Tech Note. Open the Window to Endless Possibilities. Windows for the Enterprise. Universal App Experience

Trend Micro Guide and solution to help embrace Consumerization and BYOD. James Walker EMEA Product Marketing Manager 26 September 2012

Managing BYOD Networks

Xerox and Cisco Identity Services Engine (ISE) White Paper

Mobile Security / Mobile Payments

Securing Office 365 with Symantec

K12 Cybersecurity Roadmap

BYOD Success Kit. Table of Contents. Current state of BYOD in enterprise Checklist for BYOD Success Helpful Pilot Tips

Enterprise Security Solutions by Quick Heal. Seqrite.

ITU-T SG 17 Q10/17. Trust Elevation Frameworks

TAKING THE MODULAR VIEW

RHM Presentation. Maas 360 Mobile device management

Copyright 2011 Trend Micro Inc.

EBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS

Go mobile. Stay in control.

2016 BITGLASS, INC. mobile. solution brief

October 2016 Issue 07/16

How do you track devices that have been approved for use? Are you automatically alerted if an unapproved device connects to the network?

Perimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN

White Paper Securing and protecting enterprise data on mobile devices

CYBERSECURITY RISK LOWERING CHECKLIST

A Guide to Closing All Potential VDI Security Gaps

How Microsoft s Enterprise Mobility Suite Provides helps with those challenges

The Maximum Security Marriage: Mobile File Management is Necessary and Complementary to Mobile Device Management

Secure Access for Microsoft Office 365 & SaaS Applications

SO YOU THINK YOU ARE PROTECTED? THINK AGAIN! NEXT GENERATION ENDPOINT SECURITY

Cloud-Based Data Security

PKI is Alive and Well: The Symantec Managed PKI Service

# ROLE DESCRIPTION / BENEFIT ISSUES / RISKS

Network Access Control

Transcription:

Mobile Security 1

Uniqueness of Mobile Mobile Devices are Shared More Often Mobile Devices are Used in More Locations Mobile Devices prioritize User Experience Mobile Devices have multiple personas Mobile Devices are Diverse Smartphones and tablets are multipurpose personal devices. Therefore, users share them with friends, and family more often than traditional computing devices laptops and desktops. Social norms on privacy are different when accessing filesystems vs mobile apps Smartphones and tablets are frequently used in challenging wireless situations that contrast with laptop friendly remote access centers. Laptops are used in a limited number of trusted locations Smartphones and tablets place a premium on user experience and any security protocol that diminishes the experiences will not be adopted or will be circumvented. Workstation level security cannot be assumed unless they are dedicated devices Smartphones and tablets may have multiple personas entertainment device, work tool, etc. Each persona is used in a different context. Users may want to employ a different security model for each persona without affecting another. Smartphones and tablets employ a variety of different platforms and have numerous applications aimed at pushing the boundaries of collaboration. The standard interaction paradigms used on laptops and desktops cannot be assumed. 2

Market Sweet Spot: Enterprise Mobile Security Enterprises: Empower mobile employees to attain greater productivity, agility and responsiveness but mitigate operational risk Multifaceted requirements Need to be proactive Consumers: Leverage mobility for social engagement, ease of access, and entertainment but avoid losing the device or sacrificing user experience and privacy Main requirement : Threat Protection (i.e. antimalware) Consumer Mobile Security CSPs Enterprise Mobile Security Communication Service Providers (CSPs): Deliver value-added differentiating services to meet the mobile security requirements of Enterprisesand Consumers Top offerings: MDM, Threat Protection, IAM 3

Built In vs. Bolted On: ios vs. Android Variance in Security Models Apple ios Google Android Application Sandbox Yes Yes, but not as strictly enforced Updates Application delivery OS Enforcement Pushed directly to devices. Enterprises can acquire MDM server to push updates. Apple AppStore only applications need to be approved. OS enforces performance requirements on running apps User Identity Apple ID for apps Gmail ID Differences in Security Management Features Carriers or device manufacturers required to push updates No app store requirement or third party app stores exist OS does not enforce performance requirements Apple provides a standard of management APIs for ios eliminating differentiation among device management providers Today, Google relies on the Android ecosystem to deliver device management capabilities Apple secures ios by process and design which up until now has reduced its exposure to attacks and threats CISOs must trust Apple Apple is the first and last line of defense Today, Android is the main market for mobile device security given its relatively loose security model but offers IT the most control (fragmentation has inadvertently prevented spreading of malware) Security vendors target Android first and then release ios support 4

Mobile Security Challenges Faced by Enterprises Achieving Data Separation & Providing Data Protection Data separation: personal vs corporate Data leakage into and out of the enterprise Partial wipe vs. device wipe vs legally defensible wipe Data policies Adapting to the BYOD/ Consumerization of IT Trend Multiple device platforms and variants Multiple providers Managed devices (B2E) Unmanaged devices (B2B,B2E, B2C) Endpoint policies Threat protection Providing secure access to enterprise applications & data Identity of user and devices Authentication, Authorization and Federation User policies Secure Connectivity Developing Secure Applications Application life-cycle Vulnerability & Penetration testing Application Management Application policies Designing & Instituting an Adaptive Security Posture Policy Management: Location, Geo, Roles, Response, Time policies Security Intelligence Reporting 5

Customer Scenarios Business Need: Protect Data & Applications on the Device Prevent Loss or Leakage of Enterprise Data Wipe Local Data Encryption Protect Access to the Device Device lock Mitigate exposure to vulnerabilities Anti-malware Push updates Detect jailbreak Detect non-compliance Protect Access to Apps App disable User authentication Enforce Corporate Policies Business Need: Protect Enterprise Systems & Deliver Secure Access Provide secure access to enterprise systems VPN Prevent unauthorized access to enterprise systems Identity Certificate management Authentication Authorization Audit Protect users from Internet borne threats Threat protection Enforce Corporate Policies Anomaly Detection Security challenges for access to sensitive data Business Need: Build, Test and Run Secure Mobile Apps Enforce Corporate Development Best Practices Development tools enforcing security policies Testing mobile apps for exposure to threats Penetration Testing Vulnerability Testing Provide Offline Access Encrypted Local Storage of Credentials Deliver mobile apps securely Enterprise App Store Prevent usage of compromised apps Detect and disable compromised apps 6

Mobile Security a Market View: A spectrum of capabilities Mobile devices are not only computing platforms but also communication devices, hence mobile security is multi-faceted, driven by customers operational priorities Mobile Security Intelligence Mobile Device Management Data, Network & Access Security App/Test Development Mobile Device Management Acquire/Deploy Register Activation Content Mgmt Manage/Monitor Self Service Reporting Retire De-provision Mobile Device Security Management Device wipe & lockdown Password Management Configuration Policy Compliance Mobile Threat Management Anti-malware Anti-spyware Anti-spam Firewall/IPS Web filtering Web Reputation Mobile Information Protection Data encryption (device,file & app) Mobile data loss prevention Mobile Network Protection Secure Communications (VPN) Edge Protection Mobile Identity& Access Management Identity Management Authorize & Authenticate Certificate Management Multi-factor Secure Mobile Application Development Vulnerability testing Mobile app testing Enforced by tools Enterprise policies Mobile Applications i.e. Native, Hybrid, Web Application Platform Extension OS/ Application Layer (Optional) i.e. Application Container (Sandboxing ), Virtualization Device Platforms 30 device Manufacturers, 10 operating platforms i.e. ios, Android, Windows Mobile, Symbian, etc 7

Enterprise Use Case : Security from Device to Web Apps WiFi Internet Mobile apps Web sites Develop, test and deliver safe applications Secure endpoint device and data Telecom Provider Mobile Security Gateway User authentication, Secure connectivity Web Threat Protection Corporate Intranet Secure access to enterprise applications and data 8

End User Scenario and Focus Questions My SmartPhone (ios, Android, Windows Phone or the next cool device ) Angry Birds My Personal Emails My Corporate Emails Enterprise App 1 (Sourced Internally) Enterprise App 2 (Sourced Internally) Enterprise App (Sourced From 3 rd Party) My Citibank App Security Issues Who owns the security policies for the device or the application? How do we make the security appropriate to the application (family?) that I want to access Device management and data protection How do I keep corporate data separate from personal data? When I lose the device, how can I partially wipe the (corporate)data? Where is the data stored (centrally, or by app), and is the dataencrypted Access management How do I authenticate for the enterprise apps? How do I authenticate for the Citibank app? I want to be able to play Angry Birds without my company or Citibank authentication of the device How do I utilize the new features of smart phones like touch screen and camera for greater usability? Threat management What happens when I install an app that contains a virus or Trojan Horse? VPN How do I connect securely to enterprise (VPN) Secure app development 9 How do I figure out if an application is vulnerable before installing? Or prevent malicious code exploits?

Strong Authentication Scenarios Passphrase Biometric Biometric + Risk factor (device fingerprint, location, time etc) Passphrase + Risk factor (device fingerprint, location, time etc) Soft token Auth One time passcode(otp) 10

Secure Access using Biometrics Why?? Increasing security while hugely simplifying access Making Mobile access completely Hands free. Verify user with face and voice. 11

Biometrics Enrollment Multiple images/voice print of the user will be enrolled, under supervision, with data being stored on a server. This can be done through the smartphone, or through photographs/voiceprint of the subject taken using other means Face enrollment can be done through multiple images captured using camera The enrollment data will be sent via a web server to the server 12

Biometrics Verification The client (mobile device) will make a call to a server API using a web service (REST or SOAP) API, sending an image/voice print of the subject along with the user id The server will calculate the confidence that the face in the image/voice print belongs to the user, and base further action on that confidence 13

Biometrics Demo DEMO 14

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback