Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US


Published on

Præsentation fra IBM Smarter Business 2012

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • In today ’s mobile world enterprises are transforming the way they interact with their customers, partners and employees by implementing mobile strategies that enable them to: Build, connect , and run a growing portfolio of mobile apps for customers, partners and employees Manage and secure mobile applications and data on a variety of mobile devices and operating systems Extend and transform the business to yield new opportunities and business models while extending existing business capabilities to mobile employees, customers, and partners IBM offers a comprehensive set of solutions to meet our customer's mobile requirements so they can seize the opportunities that the mobile world provides while reducing cost and complexity. The IBM Mobile Foundation offering was created to provide an open mobile application platform for developing, deploying, and managing mobile apps. IBM Mobile Foundation delivers a range of app development and management capabilities that support a wide variety of mobile devices and mobile app types, while leveraging existing web technologies skills and investments. The IBM Mobile Foundation family of products includes: IBM Worklight:   to build, run and manage cross-platform mobile apps WebSphere CastIron: to connect mobile apps to a variety of Cloud and back-end systems IBM Endpoint Manager: to control and manage end-user mobile devices
  • Author Note: Mandatory Rational closing slide (includes appropriate legal disclaimer). Graphic is available in English only.
  • Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US

    1. 1. Mobility – bring your own device
    2. 2. Vijay Dheap Global Product Manager, IBM Mobile Security Solutions IBM Master Inventor IBM Mobile Management & SecurityDELIVERING CONFIDENCE
    3. 3. It’s a (Smarter) Mobile World! In 2011 sales of smartphones surpassed that of PCs, soon they will dwarf the sales of PCs - Business InsiderUsers are increasingly adopting smartphones overfeature phones – as of this year there is a greaterpercentage of smartphone users in the US thanfeature phone users. This trend is acceleratingworldwide
    4. 4. Employees Bringing Smart Devices To Work… By 2015 40% of Enterprise devices will be mobile devices - IBM ProjectionBring Your Own Device (BYOD)The trajectory of adoption is coming from the consumerspace into the enterprise.Greater propensity for users of smartphones and tablets touse their personal devices for workOrganizations starting to view BYOD for its business valueand organizations recognizing the competitivedifferentiation it can offer
    5. 5. Mobility as an EnablerBusiness value driven by mobility is opening up unique opportunities European Bank improves employee productivity by enabling transactions via mobile devices and earns greater customer loyalty through convenient banking options via mobile devices US Utility Company achieves greater responsiveness by empowering field employees to derive solutions to address operational issues by enabling mobile access and collaboration
    6. 6. IBM strategy addresses client mobile initiativesExtend & Transform Build & ConnectExtend existing business Build mobile applicationscapabilities to mobile devices Connect to, and run backendTransform the business by systems in support of mobilecreating new opportunities Manage & Secure Manage mobile devices and applications Secure my mobile business
    7. 7. Uniqueness of Mobile… Mobile devices Mobile devices Mobile devices Mobile devices Mobile devices are shared more have multiple are diverse are used in more prioritise the . often personas locations user• Personal phones and • Work tool • OS immaturity for • A single location could • Conflicts with user tablets shared with • Entertainment device enterprise mgmt offer public, private, experience not family • BYOD dictates and cell connections tolerated • Personal organiser• Enterprise tablet multiple OSs • Anywhere, anytime • OS architecture puts • Security profile per shared with co- • Vendor / carrier • Increasing reliance on the user in control persona? workers control dictates enterprise WiFi • Difficult to enforce• Social norms of mobile multiple OS versions • Devices more likely to policy, app lists apps vs. file systems • Diverse app be lost/stolen • Security policies have development/delivery less of a chance of model dictating experience
    8. 8. Mobile Security Risks, Concerns & Emerging ThreatsOWASP Mobile Security Project:Top 10 Mobile Risks, (Release Candidate v1.0)1.Insecure Data Storage2.Weak Server Side Controls3.Insufficient Transport Layer Protection4.Client Side Injection5.Poor Authorization and Authentication6.Improper Session Handling7.Security Decisions Via Untrusted Inputs8.Side Channel Data Leakage Emerging Mobile Threats Social Engineering Mobile Borne DoS Attacks9.Broken Cryptography Rogue Apps Identity Theft10.Sensitive Information Disclosure Malicious Websites Man-in-the-Middle Attacks
    9. 9. Mobile Security Challenges Faced By Enterprises Personal vs corporate Achieving Data Separation & Data leakage into and out of the enterprise Providing Data Protection Partial wipe vs. device wipe vs legally defensible wipe Data policies Multiple device platforms and variants Multiple providers Adapting to the BYOD/ Managed devices (B2E) Unmanaged devices (B2B,B2E, B2C) Consumerization of IT Trend Endpoint policies Threat protection Identity of user and devices Providing secure access to Authentication, Authorization and Federation enterprise applications & data User policies Secure Connectivity Application life-cycle Developing Secure Applications Vulnerability & Penetration testing Application Management Application policies Designing & Instituting an Policy Management: Location, Geo, Roles, Response, Time policies Security Intelligence Adaptive Security Posture Reporting
    10. 10. Visualizing Mobile Security WiFi Mobile apps Develop, test and deliver safe Web applications Internet sites TelecomSecure Providerendpointdevice and Security Corporatedata Gateway Intranet & Achieve Visibility and Enable Systems Adaptive Security Posture Secure access to enterprise applications and data
    11. 11. Getting Started with Mobile Security Solutions…Business Need: Business Need: Business Need:Protect Data & Applications on the Protect Enterprise Systems & Deliver Build, Test and Run Secure MobileDevice Secure Access AppsPrevent Loss or Leakage of Enterprise Provide secure access to enterprise Enforce Corporate Development BestData systems Practices  Wipe  VPN  Development tools  Local Data Encryption Prevent unauthorized access to enforcing security policiesProtect Access to the Device enterprise systems Testing mobile apps for exposure to  Device lock  Identity threatsMitigate exposure to vulnerabilities  Certificate management  Penetration Testing  Anti-malware  Authentication  Vulnerability Testing  Push updates  Authorization Provide Offline Access  Detect jailbreak  Audit  Encrypted Local Storage of  Detect non-compliance Protect users from Internet borne CredentialsProtect Access to Apps threats Deliver mobile apps securely  App disable  Threat protection  Enterprise App Store  User authentication Enforce Corporate Policies Prevent usage of compromised appsEnforce Corporate Policies  Anomaly Detection  Detect and disable  Security challenges for compromised apps access to sensitive data
    12. 12. IBM Mobile Security & Management Solutions Management & Security of Users, Devices and AppsIBM Endpoint Manager for Mobile IBM Security Access Manager (ISAM) • Single management infrastructure for all endpoints • Users & Devices context aware Authentication & • Gain visibility and control over BYOD devices Authorization • Core capabilities include: device lock, selective wipe, • Standards Support: OAuth, SAML, OpenID jailbreak/root detection, password policy enforcement • Single Sign-On & Identity MediationIBM AppScan for Mobile IBM Lotus Mobile Connect • Vulnerability testing of applications • Secure Connectivity • App level VPNIBM WebSphere DataPower • Enterprise applications protection IBM QRadar • XML security & message protection • System-wide Mobile Security Awareness • Protocol Transformation & Mediation • Risk Assessment • Threat Detection
    13. 13. DEEP-DIVE: DELIVERING CONFIDENCE13 © 2012 IBM Corporation
    14. 14. Mobile Device SecurityIBM Endpoint Manager for Mobile Devices: A highly-scalable, unified solution that delivers device management and securityacross device types and operating systems for superior visibility and control Client Challenge Managed = Secure Managing and securing enterprise and BYOD mobile Common agent devices without additional resources Unified console Systems Common Security Key Capabilities management infrastructure management Single server • A unified systems and security management solution for all enterprise devices • Near-instant deployment of new features and reports in IBM Endpoint Manager to customer’s environments • Platform to extend integrations with Service Desk, CMDB, SIEM, and other information-gathering systems to mobile devices • Advanced mobile device management capabilities for Desktop / laptop / server Mobile Purpose-specific iOS, Android, Symbian, and Windows Mobile, Windows endpoint endpoint endpoint Phone • Security threat detection and automated remediation
    15. 15. Mobile Access SecurityIBM Security Access Manager for Mobile: Delivers user security by authenticating andauthorizing the user and their device Client Challenge IBM Ensuring users and devices are authorized to Access Access Manager access enterprise resources from that specific Manager Servers device. External Authentication VPN or HTTPS Provider User registries (i.e. Key Capabilities LDAP) • Satisfy complex context-aware authentication Federated ID Mgr requirements • Reverse proxy, authentication, authorization, and federated identity • Mobile native, hybrid, and web apps Application Servers (WebSphere, WorkLight) • Flexibility in authentication: user id/password, basic auth, certificate, or custom • Supports open standards applicable to mobile Web Services Web Apps such as OAuth • Advanced Session Management
    16. 16. Mobile Access SecurityIBM Lotus® Mobile Connect: Provides features that help deliver a security-rich connection to enterpriseresources from mobile devices. Client Challenge Key Capabilities • Need to protect enterprise data in transit from •Clientless app-level Virtual Public Network (VPN) with a mobile devices to back-end systems •Strong authentication and encryption of data in transit
    17. 17. Mobile App SecurityAppScan: app security testing and risk management Client Challenge Applying patches and resolving application vulnerabilities after apps are Delivered and Deployed is a very costly and time consuming exercise Key Capabilities • Leverage AppScan for vulnerability testing of mobile web apps and web elements (JavaScript, HTML5) of hybrid mobile apps • Vulnerabilities and coding errors can be addressed in software development and testing • Code vulnerable to known threat models can be identified in testing • Security designed in vs. bolted on
    18. 18. Mobile App SecurityWorkLight: Develop, deliver and deploy security-rich mobile apps to streamline business activities whilealso delivering a rich user experience Client Challenge Efficiently and securely, create and run HTML5, hybrid and native mobile apps for a broad set of mobile devices Key Capabilities • Integrated secure access to backend application resources • Secured by design - develop secure mobile apps using corporate best practices, code obfuscation • Protect mobile app data with encrypted local storage for data, offline user access, app authenticity validation, and enforcement of organizational security policies • Maximize mobile app performance with analytics, remote disabling of apps
    19. 19. Mobile Security IntelligenceQradar: Deliver mobile security intelligence by monitoring data collected from othermobile security solutions – visibility, reporting and threat detection Client Challenge Visibility of security events across the enterprise, to stay ahead of the threat, show compliance and reduce enterprise risk Key Capabilities • Integrated intelligent actionable platform for • Searching • Filtering • Rule writing • Reporting functions • A single user interface for • Log management • Risk modeling • Vulnerability prioritization • Incident detection • Impact analysis tasks
    20. 20. Securing the Mobile Enterprise with IBM Solutions
    21. 21. CUSTOMER CASE STUDIES21 © 2012 IBM Corporation
    22. 22. IBM Case Study Extending Corporate Access “IBMs BYOD program “really is about supporting employees in the way they want to work. They will find the most appropriate tool to get their job done. I want to make sure I can enable them to do that, but in a way that safeguards the integrity of our business.” Jeanette Horan, IBM CIO Customer Needs Key Features & Outcomes Support BYOD for a variety of mobile  120,000 mobile devices, 80,000 personally platforms securely for a highly mobile owned, supported in months population  Integrated Lotus Traveler, IBM Connections, Scale to hundreds of thousands of devices IBM Sametime, and IBM Endpoint Manager
    23. 23. Leading European Bank European Bank to Deliver Secure Mobile Internet Banking AimArs needed to reduce operational complexity and cost with a single, scalable infrastructure to secure access to various back-end services from multiple mobile apps. A customized authentication mechanism empowered the bank to guarantee the security of its customers while safeguarding the trust relationship with a safe app platform that encrypts local data and delivers app updates immediately. Customer Needs Key Features & Outcomes• Extend secure access to banking apps to mobile • Authenticates requests made via HTTPS from customers hybrid mobile apps running on WorkLight platform• Enhance productivity of employees to perform to back-end services secure banking transactions via mobile devices • A custom certificates-based authentication• Support for iOS, Android, and Windows Mobile mechanism implemented to secure back-end banking application
    24. 24. Major Utility Company Adding Mobile Devices Without Adding Infrastructure Serving 4.5 million customers in the southwestern region of the United States, this electric company of 25,000 employees is a leader in clean energy while exceeding reliability standards and keeping consumer costs below average. They are experiencing a migration from traditional endpoints to mobile devices. Customer Needs Key Features & Outcomes• Support 20,000+ mobile devices • Scalability to 250,000 endpoints provides room to grow• Corporate and employee-owned, many platforms and OS • Added mobile devices to existing IEM deployment in versions days• High availability for certain devices used in the field • Ability to integrate with Maximo, Remedy• Adherence to Internal security policies, external • Responsiveness and agility of product and product team regulations