• Save
IT Hot Topics - Mobile Security Threats at Every Layer
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

IT Hot Topics - Mobile Security Threats at Every Layer

on

  • 426 views

 

Statistics

Views

Total Views
426
Views on SlideShare
426
Embed Views
0

Actions

Likes
1
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

IT Hot Topics - Mobile Security Threats at Every Layer Presentation Transcript

  • 1. Risk - noun `riskThe possibility of loss or injury
  • 2. • •• •• •• •• •• •• • • • • • • • •
  • 3. • •• •• •• •• •• ••••••
  • 4. •••••
  • 5. ••••••
  • 6. ••••••
  • 7. ••••• •
  • 8. ••••••
  • 9. •••••
  • 10. ••••••
  • 11. •••••••
  • 12. • ‣ ‣•
  • 13. ••
  • 14. ••
  • 15. • • • • • •
  • 16. ••••
  • 17. Crowd Sourced Current Solutions Inadequate Internal Teams DevelopersDev Site A Dev Site B Security Consultants • Very expensive • In short supply iPhone • Time to results too long Dev Site C Apps Crowd Internal Sourcing Tools • Do not scale across sites Open 3rd Party • Very high noise ratio Source Open Software Software Vendors • Can not test 3rd party code Source SYMC MSFT • Separation of duties issue Outsourced Developers Offshore • Do not know how to write Oracle secure code Provider • Prioritize time-to-ship, functionality over security Processes • Difficult to implement Eastern China • Years to fine tune Europe India • Low adoption (< 1% of US Contractors companies CMMI Level 5 certified) Unknown Skills
  • 18. •• ‣••
  • 19. •••
  • 20. Whitelisting• Conduct static analysis of candidate applications• Create a whitelist• Use an unbiased 3rd party• Enforcement via mobile policy