Mobile Security

  • 83 views
Uploaded on

 

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
83
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
2
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Mobile Security David Mann – CIO & EVP david.mann@atmecs.com (714) 606-9356 May 6, 2014 © ATMECS
  • 2. Agenda • About ATMECS • Why Mobile Security? • Mobile Security Challenges • Mobile Security Strategy • Gartner’s Magic Quadrant • References Let's Partner
  • 3. Let's Partner ATMECS is a trusted technology partner providing real business solutions. • Application Development • Systems Integration • Database Solutions • Data Monetization • Big Data • Behavior Insight • Predictive Analytic • BI & Data Warehouse • Data Security • Quality Assurance • QA Manual Testing • QA Automation • Service Oriented Architecture • SOA Assessment • SOA Implementation • Expert Offshore Resources • Maintenance and Support What is ATMECS?
  • 4. ATMECS VISION Trusted Partnership Let's Partner
  • 5. ATMECS MISSION To Improve Our Clients’ IT Projects Success Let's Partner
  • 6. Let's Partner What’s in the name? A – Aspire T – Think M – Manage E – Engage C – Create S – Succeed ATMECS – Passionate Minds
  • 7. Let's Partner PEOPLE (Users, Employees, Contractors, Customers, Partners) DEVICES (Mobile Phones, IOTs, Servers, Laptops, Tablets) DATA (Unstructured & Structured) Network is no longer point of control. So security is no more single point of control. Why Mobile Security ?
  • 8. Let's Partner Mobile Usage Statistics As per Google ThinkInsights, mobile search is of 48%. As per Consumer Preference Q4 2013, 89% of time is spent on Mobile App
  • 9. Let's Partner Mobile Threats Loss / Stolen Devices Mobile Malware / Phishing Too many mobile platforms Traversing insecure networks Overlap of Personal and Official Usage Outside enterprise network, mobile access of Cloud based data storage IoT devices with gateway Any other threats Mobile Security Threats and Challenges
  • 10. Mobile Threats Let's Partner
  • 11. Lost & Stolen Mobile Devices • As per The Huffington Post, • In San Francisco, record rose 23% in 2013 • In New York, iPhones/iPads stolen reported 8% increase in 2013 • In Washington D.C, 6% increase in 2013 • In Philadelphia, 6% increase from 2012, 44% increase from 2011 Let's Partner 0 5 10 15 20 25 San Francisco New York Washington D.C Philadelphia Percentage Increase in Thefts - 2013
  • 12. Mobile Security Strategy Let's Partner Mobile Security StrategyMobile Device Management (MDM) Mobile Application Management (MAM) Mobile Device Security Mobile Data Protection Mobile Virtual Desktop Infrastructure Mobile App Risk Management Always-On- VPN Trusted Execution Environment
  • 13. Mobile Device Management • MDM software secures, manages, controls smartphones and tablets. • MDM tools include the ability to enforce policies, track inventory and perform real- time monitoring and reporting. • Keeping Track of Assets • Corporate Owned • BYOD (Bring Your Own Device) • Onboarding Procedure, Training • Ownership (who has them) • Configuration (software & hardware) Let's Partner
  • 14. • Keeping Devices Safe • Password Protection • Numeric & Alphanumeric • Biometric (face detection, voice, fingerprint) • Virus & Malware • Lost Devices – Remote Wipe, Remote Lock, Locators (ex: Find My iPhone) • Backup & Restore Let's Partner Mobile Device Security
  • 15. Mobile Device Data Protection • Decide what Corporate Data is allowed on the Device • Email, File Sharing, App Data Access • Protect the Data • Secure Application Development Guidelines • Encryption (data at rest, data in transition, data in use) • Local Password Protection for Accessing the Data • Minimal Data on User’s Device • Wipe the Data when we lose physical control Let's Partner
  • 16. Mobile Virtual Desktop Interface • Vendors have begun offering VDI clients for mobile platforms • Remote Access, Organizations at low risk • Protect the Data • Data access is on server, no download to mobile Let's Partner
  • 17. Mobile App Risk Management Let's Partner • Enterprise can use private clouds for their apps • Instead of downloading app from App Store, enterprise apps can be available in private clouds • Protect as per Enterprise Policy • It ensures risk based policy and apps downloaded from private clouds are risk free from malicious attacks
  • 18. Always-On-VPN Let's Partner • It involves routing all data traffic to company/organization • Use encrypted tunnel, traffic load on corporate usage • Ensures organizations centrally implemented countermeasures apply to mobile as well
  • 19. Trusted Execution Environment (TEE) • GlobalPlatform is standardizing TEE technology • It offers separate execution space alongside of OS • It offers high level of security • Protects Every Data • Protects user input entered on screen through touch or keyboard • Protects data displayed on screen • Protects sensitive data such as encryption keys, and PINs Let's Partner
  • 20. Magic Quadrant (Mobile Device Management Software) Let's Partner Gartner’s Magic Quadrant (2012) Top Five Vendors of 2012 1. MobileIron 2. AirWatch 3. Fiberlink 4. Zenprise 5. Good Technology Gartner’s Magic Quadrant (2013) Top Three Vendors of 2013 1. AirWatch 2. MobileIron 3. Citrix
  • 21. Magic Quadrant (Mobile Data Protection products) Let's Partner Gartner’s Magic Quadrant (2013) Top Three Vendors of 2013 1. McAfee 2. Sophos 3. Check Point
  • 22. ATMECS’ Experience (Neoforma)
  • 23. Let's Partner Q & A www.atmecs.com
  • 24. References • http://searchconsumerization.techtarget.com/feature/Mobile-device- management-vs-mobile-application-management • https://www.owasp.org/index.php/OWASP_Mobile_Security_Project • http://appleinsider.com/articles/14/02/27/apple-touts-secure-design-of-ios-as- google-chief-admits-android-is-best-target-for-malicious-hackers • http://www.slideshare.net/jay123min/report-on-mobile- security?qid=8b57be79-a610-4290-8a51- a9f34e94c1d7&v=qf1&b=&from_search=5 • http://globalplatform.org/aboutus.asp • http://www.slideshare.net/OracleMKTPR20/oracle-id-m-mobile-security- overview • http://blog.cygnet-infotech.com/2013/06/mobile-device-management-mdm- essential.html • https://codeproof.com/PressRelease/Mobile_Security_Infographics_2013 Let's Partner