Your SlideShare is downloading. ×
0
Ceci n’est pas un téléphoneInfrastructure security of mobile devices in the enterpriseUlrik Van Schepdael                 ...
(WIRED Feb 28 ‘11) -- From the earliest days of                         aviation, pilots have relied upon paper maps to   ...
Bi: Before iPad1984       1996    2007   201026 Bi      14 Bi   3 Bi
Multi OS
Work More        Professionals with a Smart Phone work 15 hours extra per week,                         earn 27% less and ...
New challenges for IT !•   Manage the Multi-OS•   Control the Cost•   Mixed Personal and Corporate content•   Security of ...
Implementation scenario       Policy Server                          Mail server
(Forrester research) – not one company has the                      exact same needs let alone the individual users within...
How many profiles do you need ?1 is enough           A mobile profile3 should do           contains:…                     ...
Implementation scenarioLDAP       Policy Server                          Mail server
75% of 1000 interviewed Belgian companies do NOT                    agree employees connect their personal smartphone     ...
What’s your style?                      Control                 Choice              Innovation       Hands-Off Primary    ...
What’s your style?                      Control                 Choice                 Innovation       Hands-Off Primary ...
What’s your style?                      Control                 Choice              Innovation       Hands-Off Primary    ...
What’s your style?                      Control                 Choice              Innovation           Hands-Off Primary...
What are the consequences ?                    Control           Choice               Innovation           Hands-Off Polic...
Device choice!
Implementation scenarioLDAP       Policy Server                                        Intranet                          M...
(wikipedia) – Primarily, posture is a reflex to keep the body upright.Posture
managed life cycle                                                    Compliance                                          ...
Implementation scenario                                                   ???LDAP       Policy Server                     ...
Appstore is my freedomappstore is on or off
Enforced policy!cable is the biggest threat for mobile
Implementation scenario                                                     ???                          Posture CheckLDAP...
Impossible to ‘lock’ a mobile device,but not impossible to manage it!•   Create a balanced (user/IT) policy•   Implement u...
Upcoming SlideShare
Loading in...5
×

Infrastructure security of mobile devices in the enterprise by Ulrik van Schepdael

583

Published on

Seminar by Ulrik van Schepdael during Infosecurity.be 2011

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
583
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
38
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Infrastructure security of mobile devices in the enterprise by Ulrik van Schepdael"

  1. 1. Ceci n’est pas un téléphoneInfrastructure security of mobile devices in the enterpriseUlrik Van Schepdael uvs@mobco.be
  2. 2. (WIRED Feb 28 ‘11) -- From the earliest days of aviation, pilots have relied upon paper maps to help find their way. Even in an era of GPS and advanced avionics, you still see pilots lugging around 20 pounds or more of charts. But those days are numbered, because maps are giving way to iPads. The Federal Aviation Administration is allowing charter company Executive Jet Management to use Apples tablet as an approved alternative to paper charts.The user is in control
  3. 3. Bi: Before iPad1984 1996 2007 201026 Bi 14 Bi 3 Bi
  4. 4. Multi OS
  5. 5. Work More Professionals with a Smart Phone work 15 hours extra per week, earn 27% less and they love it!(Peninsula UK Sept ‘09 - EarlySail picture)
  6. 6. New challenges for IT !• Manage the Multi-OS• Control the Cost• Mixed Personal and Corporate content• Security of data at rest, travel, …• AppstorM is here
  7. 7. Implementation scenario Policy Server Mail server
  8. 8. (Forrester research) – not one company has the exact same needs let alone the individual users within the companyOne size does not fit all
  9. 9. How many profiles do you need ?1 is enough A mobile profile3 should do contains:… - telecomeverybody is - applicationsdifferent - network access - support level -…
  10. 10. Implementation scenarioLDAP Policy Server Mail server
  11. 11. 75% of 1000 interviewed Belgian companies do NOT agree employees connect their personal smartphone or tablet to the corporate network. +50% finds it unacceptable. (Datanews survey November 2010) More than double of what is thought connects its own device to the corporate network (IDC 2010)Stalin versus Dalai Lama
  12. 12. What’s your style? Control Choice Innovation Hands-Off Primary Guarantee Satisfy users Empower users Minimize Management service level and without incurring to develop new management goal strictly control risk excessive risk techniques and responsibility and processes liability Responsibility for Enterprise IT Enterprise IT and Users and Users service Quality Users Enterprise IT Support level Everything All, but limited Self support, Self support on device limited IT Information Enterprise Enterprise and User and User assurance responsibility User Enterprise ?
  13. 13. What’s your style? Control Choice Innovation Hands-Off Primary Guarantee Satisfy users Empower users Minimize Management service level and without incurring to develop new management goal strictly control risk excessive risk techniques and responsibility and processes liability Responsibility for Enterprise IT Enterprise IT and Users and Users service Quality Users Enterprise IT Support level Everything All, but limited Self support, Self support on device limited IT Information Enterprise Enterprise and User and User assurance responsibility User Enterprise ?
  14. 14. What’s your style? Control Choice Innovation Hands-Off Primary Guarantee Satisfy users Empower users Minimize Management service level and without incurring to develop new management goal strictly control risk excessive risk techniques and responsibility and processes liability Responsibility for Enterprise IT Enterprise IT and Users and Users service Quality Users Enterprise IT Support level Everything All, but limited Self support, Self support on device limited IT Information Enterprise Enterprise and User and User assurance responsibility User Enterprise ?
  15. 15. What’s your style? Control Choice Innovation Hands-Off Primary Guarantee Satisfy users Empower users Minimize Management service level and without incurring to develop new management goal strictly control risk excessive risk techniques and responsibility and processes liability Responsibility for Enterprise IT Enterprise IT and Users and Users service Quality Users Enterprise IT Support level Everything All, but limited Self support, Self support on device limited IT Information Enterprise Enterprise and User and User assurance responsibility User Enterprise ?
  16. 16. What are the consequences ? Control Choice Innovation Hands-Off Policy Enforced Applied and Applied and Checked Controlled Controlled Device Enterprise Enterprise or User Enterprise or User User Ownership Device choice Limited Medium range Anything Anything Application Clearly defined Managed and Unconstrained Limited portfolio limited enterprise apps App store policy Forbidden Permitted but Permitted Permitted following policy Mobile Expenses Enterprise Mixed Mixed User
  17. 17. Device choice!
  18. 18. Implementation scenarioLDAP Policy Server Intranet Mail server
  19. 19. (wikipedia) – Primarily, posture is a reflex to keep the body upright.Posture
  20. 20. managed life cycle Compliance Audit/ Logging Regulatory Asset Management Applications Activity Multi-OS Inventory Push and Publish Usage Patterns System Details Enterprise App Store Operational Status Service Quality Connection Status Internal and 3rd Party Location Recommendations* Security and Policy Enterprise End of Life Provisioning Enforcement Selective Over-the-Air Encryption Threshold Alerts Wipe (OTA) Content/Files Data Cert distribution Privacy Settings Migration Self Service Anti-virus and DLP* Push and Publish Voice, SMS Inventory Lost Phone Data Mobile Access PC* Lock and Wipe Employee- & Location Tracking Search and Share* Company-owned Selective Wipe Content Visibility Help Desk Remote Access Recovery/Restore Trouble Spot Detection Broadcast SMS Safety MobileIron - Confidential
  21. 21. Implementation scenario ???LDAP Policy Server Intranet Mail server
  22. 22. Appstore is my freedomappstore is on or off
  23. 23. Enforced policy!cable is the biggest threat for mobile
  24. 24. Implementation scenario ??? Posture CheckLDAP Policy Server Intranet Mail server
  25. 25. Impossible to ‘lock’ a mobile device,but not impossible to manage it!• Create a balanced (user/IT) policy• Implement user centric profiles• Control the policy on the device• Secure your resource access
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×