• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Toys in the office 11

Toys in the office 11



2011 may be the "year of the handheld". That is unless 2010 was! iPad sales exceeded all expectations in 2010. For the holiday season, many manufacturers came out with (and are coming out with) ...

2011 may be the "year of the handheld". That is unless 2010 was! iPad sales exceeded all expectations in 2010. For the holiday season, many manufacturers came out with (and are coming out with) tablets. iPhones and Android devices can be seen everywhere... including the office. That means that people want to use these personal devices for work for a variety of reasons: they are more convenient; might be more powerful than company-issued gear; easy interfaces; they can carry less equipment, but, perhaps most importantly; these devices are finally like "real" computers. But use of these personally owned devices bring all kinds of security concerns including data leakage and vulnerabilities in these newer operating systems and apps.
We'll take a look at the convergence of mobile and desktop computing devices, security concerns and discuss some potential solutions.
Session Learning Objectives: 1. Define the convergence of mobile and desktop computing devices. 2. Discuss the tablet phenomenon. 3. Review security concerns with the use of these devices, particularly employee-owned. 4. Discuss possible solutions.



Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment
  • Stefan Magdalinski from South Africa gave his wife an ipad embedded in chocolate for her birthday in 6/2010. The ipad wasn’t yet available in SA so he had to get it from England! This is his wife in the “unboxing” process.
  • Spring Break 2011 in Chicago. There was a line each morning across from our hotel.
  • 1 st iPad, 4/3/2010. 300K iPads sold, 1M apps, 250K ebooks downloaded on the first day.
  • http://news.cnet.com/8301-31921_3-57335715-281/how-carrier-iq-was-wrongly-accused-of-keylogging/ - Dan Rosenberg, an exceptionally talented security consultant who has discovered  more than 100 vulnerabilities  in the Linux kernel, FreeBSD, and GNU utilities, extracted a copy of Carrier IQ's software from his own  Android phones . He then analyzed the assembly language code with a debugger that allowed him to look under the hood. "The application does not record and transmit keystroke data back to carriers," Rosenberg told CNET. His reverse-engineering showed that "there is no code in Carrier IQ that actually records keystrokes for data collection purposes."
  • Control app installs; nuke only work data

Toys in the office 11 Toys in the office 11 Presentation Transcript

  • You Got Chocolate On My iPad! Barry Caplin Chief Information Security Officer MN Department of Human Services MN Gov’t. IT Symposium Session 100: Thurs. Dec. 8, 2011 [email_address] bc@bjb.org, @bcaplin, +barry caplin (Toys in the Office)
  • http://about.me/barrycaplin
  • Apr. 3, 2010 300K ipads 1M apps 250K ebooks … day 1!
  • http://www.bbspot.com/News/2010/03/should-i-buy-an-ipad.html
  • Don't Touch! Pharmaceutical coating
    • 17% have > 1 in their household
    • 37% - their partner uses it
    • 14% bought cause their kid has one
    • 19% considering purchasing another
    • http://today.yougov.co.uk/sites/today.yougov.co.uk/files/Tablet_ownership_in_households.pdf
    Of iPad owners...
  • Our Story Begins...
  • PEDs Computers Device Convergence
  • Example
    • The “PED” policy
    • Personal Electronic Device
        • Acceptable use
        • Connections
        • Data storage
  • 1 Day
  • 5 Stages of Tablet Grief
    • Surprise
    • Fear
    • Concern
    • Understanding
    • Evangelism
  • Considerations
  • What needs to change for “local” remote access?
        • BYO
        • BYO
    BYOC or BYOD
  • Security Concerns
  • Data Leakage Remnants
  • Unauthorized Access
  • “ Authorized” Access
  • Risk v Hype
  • How can we do BYOC?
  • Method 1 - Sync
    • Direct or Net Connect
    • Issues:
    • Need Controls – a/v, app install control, filtering, encryption, remote detonation
    • Authentication – 2-factor?
    • Leakage!
    • Support
  • Method 2 – ssl vpn
    • Citrix or similar
    • Pros:
    • Leakage – no remnants; disable screen scrape, local save, print
    • Reduced support needed
    • Web filtering covered
    • Issues:
    • Unauthorized access still an issue; User experience; Support
  • Method 3 – data/app segregation
    • Encrypted sandbox
    • Separate work and home
    • Many products
    • Pros:
    • Better user experience
    • Central management/policy
    • Many products – local/cloud
    • Leakage – config separation, encryption
    • Issues: access ; support; cloud issues
  • DHS view
    • Policy
    • Supervisor approval
    • Citrix only
    • No Gov't records on POE (unencrypted)
    • 3G or wired
    • Guest wireless
    • 802.1x
    • FAQs for users/sups
    • Metrics
  • Other Issues
    • Notes or manually entered data
    • Enterprise email/OWA
    • Discovery
    • Voicemail/video
  • The Future
    • More tablets/phones/small devices
    • More “slim” OS's – chrome, android, ios, etc
    • Cost savings/stipend?
    • Cloud
    • User Experience – Citrix GoldenGate, Divide, Good
    • BES Fusion
  • Capabilities to Consider
    • Device encryption
    • Transport encryption
    • Complex PWs/policy
    • VPN support
    • Disable camera
    • Restrict/block apps
    • Anti-malware
    • InfoWorld March 2011 MDM Deep Dive
    • Restrict/block networks
    • Remote lockout
    • Remote/selected wipe
    • Policy enforcement
    • OTA management
    • 2-factor/OTP
  • Discussion… Slides at http://slideshare.net/bcaplin [email_address] bc@bjb.org, @bcaplin, +barry caplin