Mobile Security Trends. Gregg Martin, Director, Mobile Security

Similar documents
Securing Today s Mobile Workforce

Enterprise Ready. Sean Yarger. Sr. Manager, Mobility and Identity. Making Android Enterprise Ready 1

Securing Enterprise or User Brought mobile devices

The Future of Mobile Device Management

one_mobile User Guide

Thomas Lippert Principal Product Manager. Sophos Mobile. Spring 2017

Junos Pulse Supported Mobile Platforms

Introducing KASPERSKY ENDPOINT SECURITY FOR BUSINESS

Mobile Devices prioritize User Experience

Managing Devices and Corporate Data on ios

Quick Heal Mobile Device Management. Available on

WebSphere Puts Business In Motion. Put People In Motion With Mobile Apps

Mobile Security using IBM Endpoint Manager Mobile Device Management

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

Protecting Health Information

A Mobile Security Checklist: The Top Ten Threats to Your Enterprise Today. White Paper

The Mobile Risk Management Company. Overview of Fixmo and Mobile Risk Management (MRM) Solutions

Exclusive Selling Mobility with Security

In(sta)Security: Managing the BYOD Risk. Davi Ottenheimer flyingpenguin

Android App Development. Muhammad Sharjeel COMSATS Institute of Information Technology, Lahore

Best practices for mobile device encryption and security

Enterprise Mobile Management (EMM) Policies

Quick Heal Total Security for Android. Anti-Theft Security. Web Security. Backup. Real-Time Protection. Safe Online Banking & Shopping.

Mobilize with Enterprise Security and a Productive User Experience

ANDROID PRIVACY & SECURITY GUIDE ANDROID DEVICE SETTINGS

BYOD: BRING YOUR OWN DEVICE.

Securing Office 365 with MobileIron

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

Balancing BYOD and Security. A Guide for Secure Mobility in Today s Digital Era

Mobile Device Management. Get more out of ipad and iphone in higher education

Google Identity Services for work

Ferenc Peták Department of Medical Physics and Informatics 2018

Junos Pulse Mobile Security Gateway

Enterprise Security Solutions by Quick Heal. Seqrite.

Google on BeyondCorp: Empowering employees with security for the cloud era

SIMPLIFY MULTI-PLATFORM ENTERPRISE MOBILITY MANAGEMENT

Augmenting security and management of. Office 365 with Citrix XenMobile

Bring Your Own Device (BYOD) Best Practices & Technologies

Tablet - is the generic term for a mobile computer with touchscreen display that is operated with fingers or stylus pen instead of a mouse and


Course Outline (version 2)

Beyond BYOD Mobility, Cloud and the Internet of Everything

Mobile Security / Mobile Payments

MDM is Calling: Does Your Business Have an Answer? arrival. Here To Go. Lunch Dinner. continue. Riiinnggg. Dec. 12

2016 BITGLASS, INC. mobile. solution brief

AirWatch for Android Devices for AirWatch InBox

MICROSOFT (MS) INTUNE IOS/ANDROID DEVICE ENROLLMENT

White paper. April Security

October 2016 Issue 07/16

AirWatch Container. VMware Workspace ONE UEM

Mobile Experience and Security - A Delicate Balance. Jeff Keller, CISA, CIA, CFSA SVP/Senior Audit Director, Technology, Projects, Due Diligence

Kony MobileFabric. Release Notes. On-Premises. Release 6.5. Document Relevance and Accuracy

Introduction. Do you have any difficulty in choosing an ideal mobile phone?

Enterprise Security Solutions by Quick Heal. Seqrite.

Six steps to control the uncontrollable

Quick Heal Mobile Security. Free protection for your Android phone against virus attacks, unwanted calls, and theft.

Mobile Devices and Smartphones

RHM Presentation. Maas 360 Mobile device management

AT&T Toggle. 2/3/2014 Page i

XenApp, XenDesktop and XenMobile Integration

MOBILE SECURITY 2017 SPOTLIGHT REPORT. Information Security PRESENTED BY. Group Partner

BYOD Success Kit. Table of Contents. Current state of BYOD in enterprise Checklist for BYOD Success Helpful Pilot Tips

Securing Wireless Mobile Devices. Lamaris Davis. East Carolina University 11/15/2013

Android In Industrial Applications. A Field Report

MOBILE SECURITY OVERVIEW. Tim LeMaster

MaaS360 Secure Productivity Suite

mhealth for Chronic Disease Management: It Takes More Than an App

EM L01 Introduction to Mobile

THE IMPACT OF MOBILE DEVICES ON INFORMATION SECURITY:

The Device Has Left the Building

Manually Install 2.2 Update Android To 4.0 In

IPHONE DEP REGISTRATION... 4 IPHONE DEP REGISTRATION... 3

Trend Micro Guide and solution to help embrace Consumerization and BYOD. James Walker EMEA Product Marketing Manager 26 September 2012

Mobile Device Policy. Augusta University Medical Center Policy Library. Policy Owner: Information Technology Support and Services

Ch 1: The Mobile Risk Ecosystem. CNIT 128: Hacking Mobile Devices. Updated

Related Labs: Introduction to Universal Access and F5 SAML IDP (Self-paced)

ENTERPRISE SECURITY IN ios Lecture 17b

Android OS. Operating System based on Linux [ ] [Jonas Teuscher, Alex Cuordileone, Cédric Glaus]

BRING YOUR OWN DEVICE: POLICY CONSIDERATIONS

CipherCloud CASB+ Connector for ServiceNow

A Comparative Study of Mobile Operating Systems

Salesforce1 Mobile Security White Paper. Revised: April 2014

Secure Messaging Plus Website. User s Guide

Paraben s DS 7.5 Release Notes

Auditing Bring Your Own Devices (BYOD) Risks. Shannon Buckley

Mobile Device Growth 1


CERTIFIED SECURE COMPUTER USER COURSE OUTLINE

Junos Pulse for Google Android

AT&T Toggle. 12/12/2013 Page i

Mobile Security Overview Rob Greer, VP Endpoint Management and Mobility Product Management Dave Cole, Sr. Director Consumer Mobile Product Management

Ipod Manual Touch 4g Ios 7 Update Yourself >>>CLICK HERE<<<

Systems Manager Cloud-Based Enterprise Mobility Management

Accelerate GDPR compliance with the Microsoft Cloud Agustín Corredera

VMware Browser Admin Guide Configuring and deploying the VMware Browser

International Journal of Mathematics & Computing. Research Article. Received April 07, 2015; Accepted April 16, 2015; Published June 25, 2015;

Weak Spots Enterprise Mobility Management. Dr. Johannes Hoffmann

Multilayered technology, machine learning and human expertise working together to provide comprehensive security for all platforms.

Default Policy Settings

Why Android? Why Android? Android Overview. Why Mobile App Development? 20-Nov-18

Transcription:

Mobile Security Trends Gregg Martin, Director, Mobile Security

Agenda Mobile Trends Enterprise Challenges Mobile Threats Mobile Awareness Mobile Security Technology Mobile Security Offerings Q&A

Mobile Trends

Mobile Trends Fast paced & dynamic environment Bring Your Own Device (BYOD) Increased demand to internal resources Displacement of BlackBerry Registered Trademark of Audi

Mobile Trends 2011 Mobile Market China 1,002 Million India 919 Million 2016 = 8 Billion USA 332 Million Source: mobilethinking.com

Mobile Trends Android is a registered trademark of Google Inc. Apple Inc. is a registered trademark of Apple Source: Lookout Security All Rights Reserved.

Mobile Trends Android Choose your flavor! Open Architecture Manufactures C2DM ASLR 4.1.x Jelly Bean Distribution -.8% 4.0.x Ice Cream Sandwich Distribution 15.9% 3.0.x - Honeycomb Distribution 2.3% 2.3.x - Gingerbread Distribution 60.6% 2.2 -Froyo Distribution 15.5% 2.0/2.1 - Éclair Distribution 15.5% 1.6 Donut Distribution -.5% 1.5 - Cupcake Distribution -.2%

Mobile Trends Jelly Bean App Encryption Smart App Update Improved HTML5 Support JavaScript Engine (8) Image Copyrights Google & Samsung and their respective owners All Rights Reserved.

Mobile Trends Android Root Why Root? Full OS control Control manufacture bloatware Free apps Tethering Roots SuperOneClick Unlock Root

Mobile Trends Apple ios (6) Siri Additional language support Ask more Facebook Integration within ios Mail Redesigned & new features Passbook Boarding Passes Movie Tickets Facetime Over Cellular Networks Image Copyrights Apple Inc., and their respective owners All Rights Reserved.

Mobile Trends ios SDK Updates Security Protects Calendar, Reminders, Contacts & Photos Enable/Disable per app icloud Key-value storage for discrete values, such as preferences. Use key-value storage for small amounts of data: stocks or weather information, locations, bookmarks, settings and preferences, and simple game state. Document storagefor user-visible file-based information. Use document storage for file-based user content: presentations, word-processing documents, diagrams or drawings, and complex game state. Core Data storage for structured data. icloud Core Data storage is built on icloud document storage. Use Core Data storage for server-based, multi-device database solutions for structured content. Image Copyrights Apple Inc., and their respective owners All Rights Reserved.

Mobile Trends Apple - Jailbreaks Goehot Limera1n Pod2g & Dream Team Jailbreakme.com Redsn0w ios 6 beta 4 Image Copyrights Apple Inc., and their respective owners All Rights Reserved.

Enterprise Challenges

10 Steps to Security the Mobile Workforce 1 2 3 4 5 6 7 8 9 10 Update your Security Policy Mobile Security Awareness Training Mobile Provisioning/Workflow Process Strong Authentication for Mobile Device access Centralize Security Policy Manage Process & Tools Encryption Endpoint Security Tools Device lockdown and remote wipe capabilities Access logging and file integrity monitoring with centralize log repository Accessing Content/Internal Resources

Enterprise Challenges & Risks Element Authentication Loss / Theft Device Support Encryption Backup / Restore Storage Cards Acceptable Use Enforcement Description How often a password must be changed. How many invalid tries are allowed before the device is disabled. Strong authentication using two factor or certificates. Lost or stolen device are remotely wiped and disabling of the device over a defined period of time. Define what devices are supported by the institution/organization i.e. Blackberry, Mac/PC s. Sensitive data must be encrypted or devices is encrypted with WDE. If a device could be lost or stolen, there should be a defined procedure for backing up and restoring the data to another device. Storage cards are a convenient way to expand memory, but they're also portable and thus a security risk. Do you ban them? Or, encrypt them? A good security policy needs to set limits on what users can install on their devices and what is acceptable use. Consequences if there is violation of the policy.

Enterprise Challenges Requirements What devices to support? Security challenges Policies Accessing corporate content Loss/theft Providing access to internal resources Human Resources - Concerns Image Copyrights Apple Inc., and their respective owners All Rights Reserved.

Enterprise Challenges What are organizations doing? Corporate Liable vs. Personal Liable (BYOD) Hybrid Why BYOD? Costs Executive adoption Work/Life Balance Productivity

Enterprise Challenges Additional Concerns Data stored in the cloud Differentiate personal and business data DLP/Data Classification Identity Access Management

Mobile Risks &Threats

Mobile Threats & Risks Lost & theft of mobile devices Applications Encryption Malware Other Risks

Mobile Threats & Risks Las Vegas -estimated 5,000 cabs average of 2 phones per week 10,000 phones per week United Kingdom London Estimated 19,000 cabs (black cabs only) 10,000 phones per week Average 113 phones lost every minute $50 average price for lost/stolen device Source: Lookout Security

Mobile Threats & Risks Backups

Mobile Threats & Risks voicemail.db

Mobile Threats & Risks sms.db

Mobile Threats & Risks /user/library/keyboard/dynamic-text.dat

Mobile Threats & Risks SQL Cipher logo is a registered trademark of zətetic. All Rights Reserved.

Mobile Threats & Risks SQL Cipher logo is a registered trademark of zətetic. All Rights Reserved.

Mobile Threats & Risks

Locating Data - ios

Locating Data - Android

Mobile Threats & Risks Phishing Fraudulent imitation of a site to obtain credentials or cc Clickjacking Malicious technique to trick users into clicking a malformed link Likejacking Uses Facebook like button Prevention Don t click on links Type the address User Awareness Training Like Button, Registered trademark of Facebook.com

Mobile Threats & Risks Android DroidDream Geinimi HongTouTou(aka ADRD) KungFu2 & 3 Zitmo Blackberry Zitmo ios Ikee iphone.a Dutch 5 Ransom Code signing exploit Symbian Cabir.A Source: Juniper Networks

Mobile Awareness

Breakdown of Free Apps What s the risk? 39% 37% 26% Android Google Play Market 61% 26% Windows Phone Marketplace Samsung Apps Apple App Store 67% Blackberry App World Nokia Ovi Store Android is a registered Trademark of Google Inc. All Rights Reserved.

Mobile Awareness = Image Copyrights Google Inc. & Facebook Inc. All Rights Reserved.

Mobile Awareness Mobile Security Awareness Training Educate users Apps Data Passcodes

Mobile Security Technology Image Copyrights gadgetnmore.com All Rights Reserved.

Mobile Solutions Container Based Pure-Play Mobile Device Management (MDM) Mobile Application Management (MAM) Not an Enterprise App Store Next-Generation Mobile Content Management (MCM) Logos are registered trademarks of their respective owners All Rights Reserved.

Mobile Management Container-based Separation of personal & corporate data Simple BYOD deployment Personal Information Manager (PIM) Verticals Healthcare Financial

Mobile Management MDM Device restrictions Use of native applications Simple architecture Verticals Technology Entertainment Transportation

Mobile Management MAM Personal and corporate application segmentation Policy based application access Application and data encrypted container Wipe only corporate data and applications IAM application access

Mobile Management MCM (Mobile Content Management) Secure access to internal resources Sharepoint Network Drives Document control Strong Authentication

Thank You Gregg Martin Director Mobile Security Services FishNet Security gregg.martin@fishnetsecurity.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback