Securing the Enterprise Mobile Perimeter

1,163 views
1,098 views

Published on

Marble’s mobile security management platform prevents sophisticated attacks on enterprise networks. By combining primary research from its labs with a real-time, big data engine, Marble learns and adapts to emerging threats before widespread attacks can be launched.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,163
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
9
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Securing the Enterprise Mobile Perimeter

  1. 1. Securing the Enterprise Mobile Perimeter Protecting workers’ mobile devices from sophisticated attacks
  2. 2. About Marble “Most Important Security Startups Of 2013” •  Mobile security risk management as a service •  Android, iOS, Windows & Mac •  Spun-off from IronKey in 2012 •  70+ enterprise customers 2
  3. 3. BYOD Presents Real Security Challenges 66% 63% OF IT SAY BYOD POSES ‘MASSIVE’ RISK* SAY THEIR MOBILE SECURITY WON’T PASS AN AUDIT** *Dell/Vanson Bourne global survey of 1,485 IT leaders **Gartner, CIO Attitudes Toward Consummerization of Mobile Devices and Applications,” Gartner, May 2011 3
  4. 4. The Mobile Perimeter Is Under Attack •  Data loss •  Malware, trojans, zero-day attacks •  Compromised Wi-Fi hotspots •  Poisoned DNS •  Malicious, privacy-leaking apps •  Spear phishing •  Advanced persistent threats 4
  5. 5. Mobile Malware, Trojans, Zero-Day Attacks 700% *McAfee Threats Report: Second Quarter 2012 INCREASE IN MOBILE MALWARE 2011 TO 2012* 5
  6. 6. Network Attacks •  Wi-Fi hotspots are easily hijacked at hotels, cafés, airports •  Criminals follow employees’ sessions into the enterprise 6
  7. 7. Advanced Persistent Threats •  APTs typically involve compromises of users’ devices or credentials •  45% of enterprises see increase in spear phishing attacks targeting employees •  Criminals know mobile is a vector •  Uncontrolled environment with new risks 7
  8. 8. The Solution: Mobile Perimeter Defense •  Defends against ever-changing cyberthreats •  Detects and defends against APTs on mobile devices •  Dynamically assesses risk of users, devices, networks •  Controls access to cloud and enterprise services •  Easily-managed, simple to use •  Compatible with MDM 8
  9. 9. Marble Security Platform MOBILE SECURITY MANAGEMENT (MSM) Dynamic risk score & remediation Secure messaging App-scanning & reputation Jailbreak jammer detection Secure DNS &anti-phishing Secure browser Secure per-app VPN Anti-Malware Site black listing & white listing Geo fencing & location policies MOBILE APP MANAGEMENT (MAM) App black list & white list App push & removal App catalog MOBILE DEVICE MANAGEMENT (MDM) Jailbroken & rooted detection Corp email set-up & sync Wi-Fi, camera, Bluetooth control Encryption Remote lock, wipe, selective wipe Password set, strength, attempts 9
  10. 10. Marble Security Architecture MARBLE ACCESS CLIENT • Scans for and removes malware, malicious apps • Profiles systems, detects rooted and jail broken devices • Connects securely via VPN to the Marble Network • Implements Marble Control Policy • Secure Browsing • Secure Messaging Marble VPN DNS Blacklist Providers SSL/IPSEC VPN Tunnel Secure Browser HTTP/ HTTPS Secure Messaging App Security Marble VPN Node DNS Black List HTTP/ HTTPS Public/Private Network MARBLE NETWORK Marble Control Policy MARBLE CONTROL • Secured, encrypted connections • Thwarts attacks on Wi-Fi, cellular or wired networks • Secure DNS service with real-time blacklists • Protects against accessing phishing and malware sites • Protects the privacy of communications and credentials • Dynamic risk analysis of user, device, apps and network • Correlates real-time, security feeds • Managed security deployment over the Internet • Sets and manages security policies with built-in MDM features • Rich reporting and analytics for users, devices, apps and data downloads 10
  11. 11. Marble Access Client Architecture App Scanning Device Risk Assessment Network Access Control Secure Containerization Layer Authentication and device fingerprinting Data Encryption and Certificate Management Key Management and Remote Wipe Policy Enforcement and Device Management 11
  12. 12. MPD: Risk and Policy Architecture Cloud Infrastructure Activity & Logs Enterprise SIEM Device Risk Posture Network Risks Behavioral Risks App Risks OS, Firmware Geo-Location Login/Idleness Malware Secure Storage Network Segment URL Access Behavior User Data Blacklists Malware Wi-Fi, Blue Tooth, NFC Mobile App Usage/ Install Application Vulnerabilities VPN Privacy Leaks Blacklisted Apps Compromised DNS Risk Control Assessment Remediation Risk Scoring Detection Engines Risk Correlation Engine 12
  13. 13. Marble Control: Risk by Location 13
  14. 14. Marble Control: Risk Management 14
  15. 15. Mobile Perimeter Defense Components Marble Access Client App •  Download from Apple App Store or Google Play •  Or, push through your MDM •  Free lightweight Mobile Device Management, or use your own Marble Network •  Risk-based access control •  Easy integration with public and private clouds Marble Control •  Cloud service for managing mobile security •  No on-premise installation required 15

×