Infrastructure security of mobile devices in the enterprise by Ulrik van Schepdael
Upcoming SlideShare
Loading in...5
×
 

Infrastructure security of mobile devices in the enterprise by Ulrik van Schepdael

on

  • 676 views

Seminar by Ulrik van Schepdael during Infosecurity.be 2011

Seminar by Ulrik van Schepdael during Infosecurity.be 2011

Statistics

Views

Total Views
676
Views on SlideShare
630
Embed Views
46

Actions

Likes
0
Downloads
37
Comments
0

1 Embed 46

http://www.infosecurity.be 46

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Infrastructure security of mobile devices in the enterprise by Ulrik van Schepdael Infrastructure security of mobile devices in the enterprise by Ulrik van Schepdael Presentation Transcript

  • Ceci n’est pas un téléphoneInfrastructure security of mobile devices in the enterpriseUlrik Van Schepdael uvs@mobco.be
  • (WIRED Feb 28 ‘11) -- From the earliest days of aviation, pilots have relied upon paper maps to help find their way. Even in an era of GPS and advanced avionics, you still see pilots lugging around 20 pounds or more of charts. But those days are numbered, because maps are giving way to iPads. The Federal Aviation Administration is allowing charter company Executive Jet Management to use Apples tablet as an approved alternative to paper charts.The user is in control
  • Bi: Before iPad1984 1996 2007 201026 Bi 14 Bi 3 Bi
  • Multi OS
  • Work More Professionals with a Smart Phone work 15 hours extra per week, earn 27% less and they love it!(Peninsula UK Sept ‘09 - EarlySail picture)
  • New challenges for IT !• Manage the Multi-OS• Control the Cost• Mixed Personal and Corporate content• Security of data at rest, travel, …• AppstorM is here
  • Implementation scenario Policy Server Mail server
  • (Forrester research) – not one company has the exact same needs let alone the individual users within the companyOne size does not fit all
  • How many profiles do you need ?1 is enough A mobile profile3 should do contains:… - telecomeverybody is - applicationsdifferent - network access - support level -…
  • Implementation scenarioLDAP Policy Server Mail server
  • 75% of 1000 interviewed Belgian companies do NOT agree employees connect their personal smartphone or tablet to the corporate network. +50% finds it unacceptable. (Datanews survey November 2010) More than double of what is thought connects its own device to the corporate network (IDC 2010)Stalin versus Dalai Lama
  • What’s your style? Control Choice Innovation Hands-Off Primary Guarantee Satisfy users Empower users Minimize Management service level and without incurring to develop new management goal strictly control risk excessive risk techniques and responsibility and processes liability Responsibility for Enterprise IT Enterprise IT and Users and Users service Quality Users Enterprise IT Support level Everything All, but limited Self support, Self support on device limited IT Information Enterprise Enterprise and User and User assurance responsibility User Enterprise ?
  • What’s your style? Control Choice Innovation Hands-Off Primary Guarantee Satisfy users Empower users Minimize Management service level and without incurring to develop new management goal strictly control risk excessive risk techniques and responsibility and processes liability Responsibility for Enterprise IT Enterprise IT and Users and Users service Quality Users Enterprise IT Support level Everything All, but limited Self support, Self support on device limited IT Information Enterprise Enterprise and User and User assurance responsibility User Enterprise ?
  • What’s your style? Control Choice Innovation Hands-Off Primary Guarantee Satisfy users Empower users Minimize Management service level and without incurring to develop new management goal strictly control risk excessive risk techniques and responsibility and processes liability Responsibility for Enterprise IT Enterprise IT and Users and Users service Quality Users Enterprise IT Support level Everything All, but limited Self support, Self support on device limited IT Information Enterprise Enterprise and User and User assurance responsibility User Enterprise ?
  • What’s your style? Control Choice Innovation Hands-Off Primary Guarantee Satisfy users Empower users Minimize Management service level and without incurring to develop new management goal strictly control risk excessive risk techniques and responsibility and processes liability Responsibility for Enterprise IT Enterprise IT and Users and Users service Quality Users Enterprise IT Support level Everything All, but limited Self support, Self support on device limited IT Information Enterprise Enterprise and User and User assurance responsibility User Enterprise ?
  • What are the consequences ? Control Choice Innovation Hands-Off Policy Enforced Applied and Applied and Checked Controlled Controlled Device Enterprise Enterprise or User Enterprise or User User Ownership Device choice Limited Medium range Anything Anything Application Clearly defined Managed and Unconstrained Limited portfolio limited enterprise apps App store policy Forbidden Permitted but Permitted Permitted following policy Mobile Expenses Enterprise Mixed Mixed User
  • Device choice!
  • Implementation scenarioLDAP Policy Server Intranet Mail server
  • (wikipedia) – Primarily, posture is a reflex to keep the body upright.Posture
  • managed life cycle Compliance Audit/ Logging Regulatory Asset Management Applications Activity Multi-OS Inventory Push and Publish Usage Patterns System Details Enterprise App Store Operational Status Service Quality Connection Status Internal and 3rd Party Location Recommendations* Security and Policy Enterprise End of Life Provisioning Enforcement Selective Over-the-Air Encryption Threshold Alerts Wipe (OTA) Content/Files Data Cert distribution Privacy Settings Migration Self Service Anti-virus and DLP* Push and Publish Voice, SMS Inventory Lost Phone Data Mobile Access PC* Lock and Wipe Employee- & Location Tracking Search and Share* Company-owned Selective Wipe Content Visibility Help Desk Remote Access Recovery/Restore Trouble Spot Detection Broadcast SMS Safety MobileIron - Confidential
  • Implementation scenario ???LDAP Policy Server Intranet Mail server
  • Appstore is my freedomappstore is on or off
  • Enforced policy!cable is the biggest threat for mobile
  • Implementation scenario ??? Posture CheckLDAP Policy Server Intranet Mail server
  • Impossible to ‘lock’ a mobile device,but not impossible to manage it!• Create a balanced (user/IT) policy• Implement user centric profiles• Control the policy on the device• Secure your resource access