Mobile Data Security Essentials for Your Changing, Growing Workforce

Similar documents
hidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION

Make security part of your client systems refresh

Security Enhancements

RSA Solution Brief. Providing Secure Access to Corporate Resources from BlackBerry. Devices. Leveraging Two-factor Authentication. RSA Solution Brief

white paper SMS Authentication: 10 Things to Know Before You Buy

Quick Heal Mobile Device Management. Available on

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

SecureDoc: Making BitLocker simple, smart and secure for you. Your guide to encryption success

Internet of Things Toolkit for Small and Medium Businesses

HIPAA Regulatory Compliance

IBM Tivoli Directory Server

Overview. DigitalPersona Logon for Windows Data Sheet. DigitalPersona s Composite Authentication transforms

Data Loss Prevention Whitepaper. When Mobile Device Management Isn t Enough. Your Device Here. Good supports hundreds of devices.

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

HIPAA Compliance Checklist

Overview. Premium Data Sheet. DigitalPersona. DigitalPersona s Composite Authentication transforms the way IT

Securing Your Most Sensitive Data

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

Challenges and. Opportunities. MSPs are Facing in Security

Best Practices in Securing a Multicloud World

A HOLISTIC APPROACH TO IDENTITY AND AUTHENTICATION. Establish Create Use Manage

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

IDENTITY AND THE NEW AGE OF ENTERPRISE SECURITY BEN SMITH CISSP CRISC CIPT RSA FIELD CTO

Understand & Prepare for EU GDPR Requirements

A company built on security

efolder White Paper: HIPAA Compliance

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

Complete document security

5 Reasons for IT to Get Physical with Access Control

SECURITY THAT FOLLOWS YOUR FILES ANYWHERE

Overview. Business value

MySQL CLOUD SERVICE. Propel Innovation and Time-to-Market

Teradata and Protegrity High-Value Protection for High-Value Data

10 Hidden IT Risks That Might Threaten Your Business

DigitalPersona for Healthcare Organizations

SECURITY & PRIVACY DOCUMENTATION

Enterprise Mobility Management

CipherCloud CASB+ Connector for ServiceNow

HOW A CLOUD COMMUNICATIONS SYSTEM UNIQUELY SUPPORTS YOUR MOBILE WORKFORCE

HP Security Solutions for business PCs. Comprehensive protection measures so you can work smarter and with greater confidence.

Multi-Platform Enterprise Mobility Management. Perfectly balancing end-user and corporate needs

Evolved Backup and Recovery for the Enterprise

Disk Encryption Buyers Guide

Five Reasons It s Time For Secure Single Sign-On

Solution. Imagine... a New World of Authentication.

Unlocking Office 365 without a password. How to Secure Access to Your Business Information in the Cloud without needing to remember another password.

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

Mobile Security Overview Rob Greer, VP Endpoint Management and Mobility Product Management Dave Cole, Sr. Director Consumer Mobile Product Management

Cisco Cloud Application Centric Infrastructure

Mobility Advantage: Why Secure Your Mobile Devices?

Go mobile. Stay in control.

Secure Government Computing Initiatives & SecureZIP

Keep the Door Open for Users and Closed to Hackers

WHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD

SafeNet Authentication Client

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

Why Implement Endpoint Encryption?

Virtual Machine Encryption Security & Compliance in the Cloud

StorageTek Linear Tape File System, Library Edition

Choosing a Full Disk Encryption solution. A simple first step in preparing your business for GDPR

THREE-PART GUIDE TO DEVELOPING A BYOD STRATEGY WHITE PAPER FEBRUARY 2017

BYOD: BRING YOUR OWN DEVICE.

Trusted Computing As a Solution!

ATA DRIVEN GLOBAL VISION CLOUD PLATFORM STRATEG N POWERFUL RELEVANT PERFORMANCE SOLUTION CLO IRTUAL BIG DATA SOLUTION ROI FLEXIBLE DATA DRIVEN V

SECURING YOUR BUSINESS INFRASTRUCTURE Today s Security Challenges & What You Can Do About Them

device management solution

Product Brief. Circles of Trust.

INCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.1 SUCCESS AKAMAI SOLUTIONS BRIEF INCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.

Business White Paper IDENTITY AND SECURITY. Access Manager. Novell. Comprehensive Access Management for the Enterprise

EBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS

TECHNOLOGY LEADER IN GLOBAL REAL-TIME TWO-FACTOR AUTHENTICATION

Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.

Enhancing Security With SQL Server How to balance the risks and rewards of using big data

Mobility best practice. Tiered Access at Google

Cisco Virtual Experience Infrastructure for Government. Virtualize Your Desktop and Increase Agency Efficiency

Microsoft 365 Business FAQs

Archiving. Services. Optimize the management of information by defining a lifecycle strategy for data. Archiving. ediscovery. Data Loss Prevention

A Mobile Security Checklist: The Top Ten Threats to Your Enterprise Today. White Paper

Microsoft Office 365 TM & Zix Encryption

Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.

Enterprise Security Solutions by Quick Heal. Seqrite.

Intel and Symantec: Improving performance, security, manageability and data protection

Top. Reasons Legal Teams Select kiteworks by Accellion

Why is Office 365 the right choice?

BlackBerry Mobile Voice System

IT Boosting Employee & Business Productivity with Innovative Technologies and Solutions Refresh Now

Choosing the Right Solution for Strategic Deployment of Encryption

AXIAD IDS CLOUD SOLUTION. Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure

Advanced Security Measures for Clients and Servers

IBM Secure Proxy. Advanced edge security for your multienterprise. Secure your network at the edge. Highlights

A Guide to Managing Microsoft BitLocker in the Enterprise

GDPR Update and ENISA guidelines

3-Part Guide to Developing a BYOD Strategy

PKI is Alive and Well: The Symantec Managed PKI Service

Mobile Network Access Control Extending corporate security policies to mobile devices

Yubico with Centrify for Mac - Deployment Guide

What you need to know about cloud backup: your guide to cost, security, and flexibility. 8 common questions answered

Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.

Build a viable plan for disaster recovery and crisis management.

Oracle Database Vault

Transcription:

Mobile Data Security Essentials for Your Changing, Growing Workforce White Paper February 2007 CREDANT Technologies Security Solutions White Paper

YOUR DYNAMIC MOBILE ENVIRONMENT As the number and diversity of mobile users, device types and access locations continues to increase, the ability to manage and control data security has become mandatory it s no longer a question of whether to protect data, it s a question of how. How does an organization best protect sensitive information stored on mobile devices (laptops, notebooks, desktops, PDAs, smartphones, or removable media)? How does that organization achieve productivity and competitive advantage, while ensuring their data remains secure regardless of the type of user (employees, affiliates, and even customers), the type of computing device or removable storage device, or the remote access location (a home, a hotel in Chicago, or a coffee shop in Beijing)? Most of today s data-at-rest security solutions are based on older encryption technologies that were never designed to work in today s sophisticated environments, so as a result, they: complicate existing processes within the IT department create support challenges for the Helpdesk expose data during routine IT recovery, repair and maintenance impede end-user acceptance of security technology cannot meet a number of emerging key data security requirements Implementing mobile security today requires enterprise-scale security for all mobile devices, not just laptop hard drives. It also must consistently enforce mobile data security rules easily and painlessly - to ensure that the user experience and productivity is not compromised. Furthermore, mobile data security policies should be as simple or as complex as the enterprise environment needs them to be. After all, no two organizations - their infrastructure, workforce or processes are alike. In short, to ensure data security in today s dynamic environment the security must be controlled and managed in a consistent manner across all mobile platforms, across all users, and across all locations. An organization requires a solution that is flexible yet treats mobile data protection as integral part of an enterprise's overall security processes. This white paper outlines four key requirements for implementing an effective and flexible, enterprise-class mobile security solution to secure your mobile data and devices. An organization needs a single enterprise solution for all mobile devices and data a mobile security solution that is simple, yet powerful and flexible, and that meets the strategic objectives in addressing mobile data security. 1

FOUR REQUIREMENTS FOR AN EFFECTIVE MOBILE DATA SOLUTION Mobile security is not a static process. Device types, users, and locations are diverse and change frequently. An enterprise s mobile security infrastructure must be able to easily accommodate this dynamic change and growth in an ongoing manner. Data security is about ensuring that every part of the security chain people, processes, operations, enforcement, and management work together to provide a complete solution with no weak links. 1. First, make sure your security solution enables you to constantly identify and control new device usage. 2. Next, make sure it can automatically and consistently enforce security policy and data protection. 3. Then, consider the importance of ongoing security administration ensure that your security solution uses a single console to manage all device types. 4. Finally, make sure you can quickly and reliably support your end users when things go wrong. The solution should be able to reset passwords, recover encrypted data, etc. with little or no change to your existing support infrastructure and with little to no end user impact. THE MOBILE DATA SECURITY LIFECYCLE Monitor for un-protected devices; control the synchronization of data; enforce with preset IT policies Encrypt sensitive data, while providing user authentication, controlled port access and application restrictions Centralize security policy management from a single console for all mobile devices. Audit to ensure that data security rules are enforced across all mobile devices. Minimize complexity of policy enforcement by leveraging existing IT infrastructure; effectively support mobile users while enforcing data controls for lost or stolen devices and minimizing impact of ongoing maintenance and data recovery. The following sections discuss key considerations and functional requirements for each element and explain how CREDANT Mobile Guardian best meets these needs. 2

1. YOUR SECURITY SOLUTION SHOULD ENABLE YOU TO CONSTANTLY IDENTIFY AND CONTROL NEW DEVICE USAGE When implementing mobile security, make sure your solution is able to: detect, audit and control all mobile end points as they come onto your network including unsanctioned and user owned end points. generate detailed reports of mobile end point usage in your environment through a single console. detect, audit, and control synchronization software and 3rd party applications on the desktop such as ActiveSync, HotSync, PC Suite, mail redirectors, and more. support easy, comprehensive mobile security deployment by first detecting mobile end point usage and then automatically enforcing protection selectively across the environment. 2. YOUR SECURTY SOLUTION SHOULD AUTOMATICALLY AND CONSISTENTLY ENFORCE SECURITY POLICY AND DATA PROTECTION TRANSPARENT TO THE END USER Strong access controls, authentication and encryption must be consistently enforced across all mobile end points to protect sensitive information, meet regulatory/audit requirements, and more importantly, limit your risk of a data breach should mobile data or devices be lost, stolen or attacked. Your mobile security solution should: seamlessly and automatically encrypt sensitive data across all mobile end points and external media from a single management console. enforce centrally-defined policies that control what is encrypted and how the encryption keys are generated, managed and escrowed. guard against unauthorized access in a multi-user operating system and that data recovery is fast and reliable. prevent end users from controlling, changing or removing security enforcement reliance on the end user to take action. require no second PIN/password at system startup and be interoperable with 3rd party authentication processes. Your solution should support whichever hardware tokens, smartcards, and/or biometric devices your security policy requires. control the use of specific device applications and communication ports. 3

enforce over-the-air and local fail safe protections to suspend access or wipe data. ensure easy recovery of encrypted data if a user forgets their password or leaves the company. provide real-time status of mobile data protection in your environment. ensure enforced data security (policy deployment and updates, authentication, etc.) without interfering with user productivity; provide innovative user friendly features 3. USE A SINGLE CONSOLE TO MANAGE ALL DEVICE TYPES To minimize complexity and reduce the level of effort required to address mobile security, it is important to implement an enterprise-wide solution that leverages existing infrastructure investments while centralizing administration into one management console. Your mobile security platform should: Provide a single management console for mobile security administration, control, audit, and reporting with full platform support across mobile and external storage device types to control and automatically enforce and update security policies across all mobile end points Inherit roles (groups) and users from existing LDAP directories (such as Microsoft Active Directory), eliminating the need to re-enter and separately maintain this information Provide separate administrative roles (from help desk to security admin) to control administrator privileges Deliver detailed mobile end point reporting and auditing information Ability to generate detailed reports of mobile end point usage (including synchronization software), protection, and security status 4

4. QUICKLY AND RELIABLY SUPPORT END USERS AND RECOVER ENCRYPTED DATA WITH LITTLE OR NO IMPACT TO YOUR EXISTING SUPPORT INFRASTRUCTURE OR TO THE END USER It is easy to overlook the impact of ongoing support, maintenance and data recovery when choosing the right mobile security solution. Many solutions are deceptively simple in their approach to securing data, and it s not until the time comes to support it that the limitations become all too obvious and dangerous. Make sure that your mobile security solution: works within the established maintenance and recovery processes used by your IT department and that they do not require the process or recovery time to be changed or lengthened. provides key generation and escrow features which allow immediate, full data recovery with no gaps. Many solutions require keys to be generated on the target device and then escrow them back to a central server. What happens if the escrow process is delayed or fails altogether and the user needs to recover them? Keys should be escrowed before the first bit of data is encrypted without requiring any action by the end user. protects against internal threats unauthorized access in a multi-user operating system; separates access to encrypted data from access to the operating system. allows self-service password reset and over-the-phone password reset capability; PIN/password recovery requires no network connection. allows the users of handheld devices to make and receive calls without the user having to unlock the device. It should be flexible enough though to require authentication if the user wants to make an outgoing call from the confidential company Global Address List. allows operating system upgrades, hot fixes, and the application of patches without being concerned whether the operating system is encrypted, using fake logins, and or/resulting data corruption issues. provides data recovery options that work with your existing IT recovery processes and tools. data recovery that allows security administrators to access encrypted data without any assistance or cooperation from the end user delivers automatic, real-time policy and software updates in the field to ensure quick closure of security gaps, continued regulatory compliance, and mobile productivity. balances security with usability. Enables over-the-air deployment and activation. Interoperates with 3 rd party device management and synchronization providers, such as Altiris, Intellisync, Good, EIM, SMS, etc. 5

SUMMARY The initial setup of your mobile data security solution should not require any action from the end user it should be automatic, enforceable, and provide immediate feedback on the progress of the installation and subsequent protection of data. Once the setup is complete, your security solution should still not require (or allow) any ongoing action from the end user, but rather it must be as invisible as possible and when it isn t, it should be easy-touse, without impacting end user productivity. Mobile data security must be a strategic, company-wide initiative that allows audit and enforcement of multiple security policies across multiple device types, i.e. laptop, TabletPC, PDA, smartphone, removable media. The solution must address all elements of mobile data security, while enabling user productivity anywhere, at anytime, and with minimal risk and low total cost of ownership for the organization 1) Detect & Enforce: automatically identify devices and data usage; control the synchronization of data directly to rogue mobile devices from PCs or over-the-air synchronization of email from Microsoft Exchange Server; enforce with preset IT policies 2) Encrypt & Protect: ensure that sensitive data is securely encrypted, while providing user authentication, controlled port access and application restrictions 3) Manage & Audit: centralize security policy management from a single console for desktops, Notebook PCs, handhelds and USB flash drives. Audit trail ensures that company data security rules are being enforced across all mobile devices 4) Support Existing Operations: minimize complexity of security policy enforcement by leveraging existing IT infrastructure; effectively support mobile users while enforcing data controls for lost or stolen devices while minimizing impact of ongoing maintenance and data recovery. ABOUT CREDANT TECHNOLOGIES CREDANT Technologies is the market leader in mobile data protection solutions. CREDANT s secure mobility solutions preserve customer brand and reduce the cost of compliance, enabling business processes to quickly and safely go mobile. CREDANT Mobile Guardian is the only centrally managed mobile data protection solution that provides strong authentication, intelligent encryption, usage controls, and key management that guarantees data recovery. By aligning security to the type of user, device and location, CREDANT ensures the audit and enforcement of security policies across all mobile end-points. Strategic partners and customers include leaders in finance, government, healthcare, manufacturing, retail, technology, and services. CREDANT was selected by Red Herring as one of the top 100 privately held companies and top 100 Innovators for 2004, and was named Ernst & Young Entrepreneur Of The Year 2005. Austin Ventures, Menlo Ventures, Crescendo Ventures, Intel Capital and Cisco Systems are investors in CREDANT Technologies. For more information, visit www.credant.com. 6

CREDANT MOBILE GUARDIAN CREDANT Mobile Guardian (CMG) Enterprise Edition is an award-winning, integrated and easily deployable mobile security and management software platform that enables organizations to easily secure and manage disparate mobile and wireless devices from a single management console. CREDANT select OEM partners such as Hewlett Packard. CREDANT Mobile Guardian is the only solution to combine integrated, centralized enterprise management capabilities with strong mobile data security across the broadest range of mobile device platforms all in a single package that is easy to deploy and manage, and easily accepted by end users. With CMG, companies can cost-effectively secure and support an enterprise-scale mobile workforce while improving employee productivity, with the peace of mind that their organization s sensitive information is secure. CONTACT US For more information on how CREDANT can help meet your mobile security and management needs, please contact us: 1-866-CREDANT (273-3268) or 972-458-5400 www.credant.com info@credant.com ### Disclaimer: This white paper is not intended to take the place of informed legal counsel. The information and recommendations contained herein are for informational purposes only, and should be expanded upon by trusted legal sources. For specific advice about formulating an information security policy that is compliant with current laws and regulations, or for further information about complying with information security laws, it is recommended that you seek professional counsel. Copyright 2007 CREDANT Technologies, Inc. All rights reserved. CREDANT, CREDANT Technologies, the Be mobile Be secure tagline, and the CREDANT logo are registered trademarks of CREDANT Technologies, Inc. All other trademarks used herein are the property of their respective owners and are used for identification purposes only. Mobile Essentials_WP_0207 7

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback