Securing Mobile Devices for BYOD Environments

  • 277 views
Uploaded on

Learn how to: …

Learn how to:

* gain complete network visibility across all devices without having to install additional software or deploy expensive probes
* detect anomalous behavior originating from users’ personal smartphones, tablets or laptops
* quickly and easily uncover externally-launched, zero-day attacks, and internal threats – regardless of the device being used
* deliver high levels of mobile performance

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
277
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
10
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Securing Mobile Devices for BYOD Environments Nate Kaminski nkaminski@lancope.com Joe Yeager jyeager@lancope.com
  • 2. Agenda Introduction Mobile Device Fast Facts The BYOD Problem “Solutions” to BYOD Lancope Solution to BYOD Conclusion 2
  • 3. What is BYOD? 3
  • 4.  According to IDC estimates, mobile devices will outship PC’s in 2012 by more than 2 to 1 and mobile device spending will exceed PC spending, growing 4 times as fast. 1  Aberdeen estimates nearly 75 percent of companies currently allow employee-owned smartphones and/or tablets to be used at work.2  Garter finds that 90 percent of organizations will support corporate applications on personal devices by 2014.3 Mobile Device are Here to Stay 2: 1 90 % 75 % 4XShipping Spending Work Use Corp Apps 1: http://events.idc-cema.com/dwn/SF_52232_top_10_preditions_2012.pdf 2: http://www.itworld.com/mobile-wireless/151839/75-enterprises-have-byod-policies-53-support-ipads 3: http://www.gartner.com/it/page.jsp?id=1480514 4
  • 5. Organizations should embrace BYOD  According to the Cisco Connected World Technology Report, 1 – 40% of college students would accept a lower- paying job that had flexible IT – 70% of young workers ignore IT rules  ISACA has found through surveys that – Almost half of young professionals use their own personal device at work.2 – Over half of all IT leaders in the U.S. say that employee-owned mobile devices pose a greater risk to the enterprise than mobile devices supplied by the company. 3 1: http://www.cisco.com/en/US/netsol/ns1120/index.html 2: http://www.isaca.org/Pages/Survey-Online-Shopping-Risks-2011.aspx 3: http://www.isaca.org/Pages/Survey-Risk-Reward-Barometer.aspx 5
  • 6. The “BYOD Problem” Most organizations have… Scarce knowledge of what the device, operating system, or patch level is Limited control over policy for what resources device can and cannot access Incomplete information about whose device it is Lack of visibility into what the device is doing on the internal network and how confidential data is moving around Little understanding of the impact of the device on the network 6
  • 7. BYOD: Proposed Solutions by the Security Industry Say No to BYOD BYOD is here whether you embrace it or not Install agents on the devices You have limited control over the employee’s device Convert the device to a corporate one Don’t forget the Your Own part of BYOD Install more network probes Not a cost-effective nor scalable solution BYOD REQUIRES A DIFFERENT APPROACH
  • 8. Network Security Monitoring Using the Network 8 Internet Atlanta San Jose New York ASR-1000 Cat6k UCS with Nexus 1000v ASA Cat6k 3925 ISR 3560-X 3750-X Stack(s) Cat4kDatacenter WAN DMZ Access 8
  • 9. Cisco Infrastructure Provides the Intelligence... 9 InternetAtlanta San Jose New York ASR-1000 Cat6k UCS with Nexus 1000v ASA Cat6k 3925 ISR 3560-X 3750-X Stack(s) Cat4kDatacenter WAN DMZ Access NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow NetFlow 9
  • 10. Internal Visibility from Edge to Access... InternetAtlanta San Jose New York ASR-1000 Cat6k UCS with Nexus 1000v ASA Cat6k 3925 ISR 3560-X 3750-X Stack(s) Cat4kDatacenter WAN DMZ Access Lancope NetFlow Collector
  • 11. StealthWatch – A Complete, Integrated Family of Products  Behavior-based flow monitoring  Contextual awareness – Identity – Device – Application – Virtual  The Concern IndexTM  Relational Flow MappingTM  Point of ViewTM  Advanced Querying & Reporting 11 Management Reporting Custom Dashboards Relational Flow Maps Security Monitoring Forensics Anomaly Detection Compliance Mitigation Network Performance Monitoring Trouble- shooting Service Delivery WAN Optimization Capacity Planning APPLICATION AWARENESS IDENTITY AWARENESS VIRTUAL AWARENESS Behavioral Analysis Flow Collection StealthWatch DEVICE AWARENESS
  • 12. StealthWatch Answers The Tough Questions 12 Who What Where When How owns the device the device is doing the device is on the network the device is impacting the network the device was on the network StealthWatch can show you…
  • 13. StealthWatch Monitors BYOD Environments  Monitors the entire internal network by passively collecting data from existing infrastructure and does not use agents, install software, or in any way modify the employee’s device.  StealthWatch monitors and records everything that every user on any device running any operating system is doing on the network and how the network is affected by the user’s actions.  Utilizing patented behavioral analysis techniques, StealthWatch determines whether any device is acting suspiciously, is accessing privileged resources outside of its policy. 13
  • 14. Behavior-based Analysis 14 Critical Servers Tablet computersMobile phones Marketing
  • 15. Company with StealthWatch Company with Legacy Monitoring Tools To Enable Early Interjection BEFORE Crisis ImpacttotheBusiness($) Time credit card data compromised * attack identified * vulnerability closed * CRISIS REGION *attack thwarted *early warning *attack identified * vulnerability closed attack onset * StealthWatch Reduces MTTK
  • 16.  Network activity is correlated with user and device information along with physical location on the network  And you can also start with the user or device you are looking for and look at its network activity StealthWatch: The Solution for BYOD Environments
  • 17. StealthWatch: The Solution for BYOD Environments  And can drill down to the exact flow: 17
  • 18. StealthWatch: The Solution for BYOD Environments 18  Including which devices in the network it crossed:
  • 19. Quick Recap • BYOD is already here Embrace it • Other solutions do not meet the needs of BYOD Prevent BYOD Install agents Change the device Install more network probes • With StealthWatch you can gain visibility into every device on your network Using your existing infrastructure Answer the tough who, what, where, when, why, and how questions • Once you’ve enabled flow collection you can... Gain deep traffic analysis and network visibility Detect attacks and network anomalies19
  • 20. Next Steps Contact Lancope: Joe Yeager jyeager@lancope.com Lancope sales@lancope.com Lancope Marketing marketing@lancope.com Visit Lancope @ Blackhat for a live demo of the StealthWatch System & pick- up your free copy of “NetFlow Security Monitoring for Dummies” book. 20
  • 21. Questions  Web http://www.lancope.com  Blog http://netflowninjas.lancope.com  Twitter @netflowninjas  LinkedIn : NetFlow Ninjas http://www.linkedin.com/groups?about=&gid=2261596&trk=anet_ug_grppro  NetFlow Ninjas Challenge http://www.lancope.com/netflow-ninja-quiz 21
  • 22. Webinar with Forrester Research 22 ©2012 Lancope , Inc. All Rights Reserved.