Mobile devices are always on the move, switching from network to network and place to place constantly. The best way to keep your company's information safe is through a unified approach securing at the device, app and network levels.

1. Webinar: A Three-Pronged Approach to
Mobile Security

2. • View Webinar Archive: http://go.mojave.net/webinar-3pronged-
mobile-security
• Learn more about Mojave Networks: http://www.mojave.net
Information

3. Primer on Mobile Security
Tyler Shields, Forrester Research
3

4. Making Leaders Successful
Every Day

5. Mobile Security Trends
Security Requires More Than Just MDM!
Tyler Shields
Senior Analyst, Mobile and Application Security
June XX, 2014

6. © 2014 Forrester Research, Inc. Reproduction Prohibited 6
What doyour USERSwant!
Anywhere Access No Roadblocks Any Device All Data

7. © 2014 Forrester Research, Inc. Reproduction Prohibited 7
What willthey DO to get it!
16%
22%
35%
42%
Installed unsupportedsoftware that
will help me do my job
Use awebsiteor Internet-based
servicethat my company doesn’t
support to help me do myjob
Bought somethingwith my own
money to help me do myjob
Use my ownpersonal computer or
smartphoneto help me do myjob
SHADOW IT BYOD

8. © 2014 Forrester Research, Inc. Reproduction Prohibited 8
• What mobile device managementoptions are there? Vendor selection?
• How do I get off of Blackberry? Should I get off of Blackberry?
• We don’t think MDM is quite enough. Which technologies do I need to secure my environment?
• How do I apply application security and managementto my mobile strategy?
• What should I do to secure the content that is on my mobile devices?
What isthe ENTERPRISEasking?

9. © 2014 Forrester Research, Inc. Reproduction Prohibited 9
What SHOULD theENTERPRISEbe asking?
• What level of security do I need to offset my mobile risk?
• What combination of technologies can help me meet my business goals?
• Where is the real risk in mobile?
• How can I securely enable my users to get their jobs DONE!

10. © 2014 Forrester Research, Inc. Reproduction Prohibited 10
10
22%
20%
14%
26%
26%
27%
26%
22%
48%
48%
46%
45%
45%
38%
42%
45%
24%
23%
36%
18%
19%
17%
16%
26%
Support a wider variety of mobile devices and platforms (e.g., tablets,
iOS, Android)
Improve or modernize our mobile app(s) to deliver more information or
transaction support
Update our security technologies and processes to better support
mobile interactions
Re-architect traditional or back-end apps to make it easier to interface
with and support mobile front-end apps
Re-architect our middleware to better support mobile front-end
applications
Expand machine-to-machine (M2M) or 'Internet of things' initiatives
Create a set of standard APIs or services that allow mobile app
developers to more easily access functions from transactional business
applications
Expand or enhance data center infrastructure to handle increasing
volume of customers' mobile interactions
Low priority High priority Critical priority
“How important is each of the following
initiatives in your firm's mobility strategy
for supporting your customers over the
next 12 months?”
Base: 891 North American and European enterprise network and telecommunications decision-makers
Source: Forrsights Mobility Survey, Q2 2013
82%

11. © 2014 Forrester Research, Inc. Reproduction Prohibited 11
44%
29%
59%
64%
33%
45%
The number of different platforms/operating systems
Rate of releases of the different operating
systems/platforms
Providing device security
Securing the apps and data
Complying with regulatory requirements
Managing devices that are used for both personal
and corporate apps
“What challenges, if any, does your firm face when managing
smartphone/tablet applications and devices?”
Source: Forrsights Mobility Survey, Q2 2013
Base: 891 North American and European enterprise network and telecommunications decision-makers

12. © 2014 Forrester Research, Inc. Reproduction Prohibited 12
AreYouOverwhelmedYet?!
• Mobile Device Management
• Enterprise Mobile Management
• Mobile Application Management
• Mobile Security Platform
• Application Wrapping SDK
• Mobile Static Analysis
Competing Visions and Solutions
• Application Wrapping
• Secure Network Gateways
• Machine Learning
• Mobile Behavioral Analysis
• RBMM
Emerging Technologies

13. © 2014 Forrester Research, Inc. Reproduction Prohibited 13
Mobile
Device
Management
Containerization
Virtualization
Application
Hardening
Application
Wrapping
Anti-Malware
App Reputation
Mobile
Authentication
Device
Reputation
Mobile DLP
Mobile Endpoint
Security
Static Code
Analysis
Secure Mobile
Content Sharing
Secure Mobile
Network
Gateways
1. Application hardening
2. Application wrapping
3. Containerization
4. Mobile anti-malware
5. Mobile application reputation
services
6. Mobile authentication solutions
7. Mobile device management
8. Mobile device reputation services
9. Mobile DLP
10. Mobile end point security
11. Mobile static code analysis
12. Mobile virtualization
13. Secure mobile content sharing
14. Secure mobile network gateways
Mobile Security
Technologies

14. © 2014 Forrester Research, Inc. Reproduction Prohibited 14
TechnologiesBy Layer
The Mobile Security Stack

15. The Future State of Mobile!

16. © 2014 Forrester Research, Inc. Reproduction Prohibited 16
Impact of User / Admin Experience on Technology Success
Minimal B-Value Add Moderate B-Value Add Significant B-Value Add
Anti-malware Mobile Device Reputation Mobile Content Sharing
Virtualization Mobile DLP Mobile Device Management
App Hardening Mobile Application Reputation
Secure Mobile Network Gateway
Application Wrapping
Mobile Authentication
Mobile Static Code Analysis
Containerization
Good Experience Moderate Experience Bad Experience Unknown

17. © 2014 Forrester Research, Inc. Reproduction Prohibited 17
Impact of User / Admin Experience on Technology Success
Minimal B-Value Add Moderate B-Value Add Significant B-Value Add
Anti-malware Mobile Device Reputation Mobile Content Sharing
Virtualization Mobile DLP Mobile Device Management
App Hardening Mobile Application Reputation
Secure Mobile Network
Gateway
Containerization Mobile Authentication Application Wrapping
Mobile Static Code Analysis
Good Experience Moderate Experience Bad Experience Unknown

18. © 2014 Forrester Research, Inc. Reproduction Prohibited 18
Device Management
2012
2012 andBEFORE
Mobile Device ManagementMobile device management (MDM)
solutions use platform API hooks to
impose
control onto smartphones and tablets.
This technology allows support for
multiple
platforms and form factors, extends
management and security policies to
both
corporate-liable and employee-owned
devices, and automates service desk
support.

19. © 2014 Forrester Research, Inc. Reproduction Prohibited 19
Secure Network
Gateway
2013
Device Management
2012
2013
Application
Wrapping
2013
Secure Mobile
Content Sharing
2013
Isolated TechnologiesApplication wrapping and secure
network gateway technologies gain
traction. Secure mobile content
sharing becomes an easy plug and
play for vendor offerings. Price drops
rapidly as base MDM becomes
commoditized.

20. © 2014 Forrester Research, Inc. Reproduction Prohibited 20
Secure Network
Gateway
2013
Device Management
2012
2014
Application
Wrapping
2013
Secure Mobile
Content Sharing
2013
Enterprise Mobile
Management
2014
*
Enterprise Mobile ManagementA new offering is born. EMM is the
new buzz. Isolated technologies sold
in a single platform offering.. The
same players with a slightly different
game.

21. © 2014 Forrester Research, Inc. Reproduction Prohibited 21
Secure Network
Gateway
2013
Device Management
2012
2015 and BEYOND
Application Wrapping
2013
Secure Mobile
Content Sharing
2013
Enterprise Mobile
Management
2014
*
Mobile Authentication
Risk Based Security
Risk Based Mobile
Management
Risk Based
Mobile ManagementUnderstanding WHO is at the device
and real risk values are as important
as security of the device is itself. 2015
adds mobile authentication to the
offering mix. Quantification of risk is
the future trend. Applying math to risk
and using calculated risk values to
enforce security controls. The future
is in RBMM.

22. © 2014 Forrester Research, Inc. Reproduction Prohibited 22
TheNextWaveofAwesome –TechsThatQuantifyRisk
Up andComingTechnologies
VS VS VS
Mobile Application
Reputation
Mobile Device
Reputation
Mobile
Authentication
Risk Based
Mobile
Management &
Security

23. © 2014 Forrester Research, Inc. Reproduction Prohibited 23
What ItMeans- Enterprises
$
Find roadmaps that go
beyond point solutions
Risk tolerance versus user
experience
Expect significant
consolidation
Defense in Depth
Maximize security while
minimizingUX impact
Demand innovation!

24. © 2014 Forrester Research, Inc. Reproduction Prohibited 24
Nobody Ever Got FiredFor Buying…
TechnologyLeading Products

25. Webinar: A Three-Pronged Approach to
Mobile Security

26. • Mobile Risks
• Pillars of Mobile Security
• Device
• Apps
• Network
• Analytics
• Background
• Ask our Experts: Q&A
Agenda
26

27. 27
Understanding Mobile Risk

28. Why is Knowing Your Mobile Risk Important?
28
• Protecting company data
• Safeguarding other enterprise infrastructure
• Identifying compliance issues
• Creating better policies with better visibility

29. Quantifying Mobile Risk
29
• Employee Data Access
• Installed Apps
• User / Device Behavior
• Non-mobile Events

30. Understanding Mobile Risk is Imperative
Source: Verizon 2014 Data Breach Investigations Report
Number of breaches per category

31. 31
Pillars of Mobile Security

32. Mobile Security
Network AnalyticsApplicationsDevice
Four Pillars of Mobile Security to Reduce Risk

33. • MDM
• Password policies
• Containers
Typical Device Level Security
33

34. Typical Application Level Security
34
• App catalog
• White / Black List
• App wrapping

35. Typical Network Level Security
PC’s Traditionally
Protected
Mobile is Completely
Unprotected

36. Typical Mobile Analytics Available to other Platforms

37. 37
How Does Mojave Manage the Pillars?

38. Health
Evaluate apps,
processes, diagnostics,
and behavior to assess
risk
Native Experience
No wrapping or containers to
interfere with the native experience
Privacy
Wipe corporate information and set
granular employee privacy policies
Policies
Set configurations, deliver
policies, and manage apps
Device – Security without the Hassle
38

39. 39
Monitoring Device Health
• Over 50 data points
collected daily
• Monitor for critical
changes in device
health
• Feeds of data for
other security tools
to analyze

40. Results
1. More visibility
2. Better DLP
3. Block threats
Analysis
1. Static & dynamic
2. Enterprise risk
3. Protocol identification
App Reputation
Collection
1. Thousands of apps/day
2. App stores, 3rd parties,
and devices
40

41. Gain Visibility into App Risk
41

42. App Data
All Data
Globally Distributed Network Optimized for Mobile
42

43. Gain Visibility into Data Flow
43

44. Network threats blocked per device
10 per month
120 per year
44** Based on Mojave Networks aggregate customer usage data

45. • Tie mobile events to broader
user profile
• Leverage existing security
tools
• See activity that has never
been available
Real-time Event API Completes the Loop
45
Policy

46. Mojave Connect Real-time API
Common Syslog formats
Better Correlate Mobile Events with Other Enterprise Data
Real-time API’s = Faster Risk Assessment
46

47. Visibility Security
Effortless & Seamless
Mojave Networks Delivers
47
Control

48. • MDM solutions only protect from a small subset of mobile risks
• 4 pillars necessary to provide true mobile security
• Mobile risk should be combined with other threat intelligence
Summary
48

49. 49
About Mojave Networks

50. Mojave Networks Background
• Founded in 2011 and based in Silicon Valley
• Lead investment from Bessemer Venture Partners & Sequoia Capital
• Veteran team from Symantec, McAfee, Lookout, Palo Alto Networks, Cenzic
• Deep security DNA with patent pending technology
• Customers in Healthcare, Finance, Transportation, Government and more
50

51. 51
Questions & Answers