Bryley - mobility in the work place

1. Mobility in the Workplace Manage • Optimize • Secure™ – Since 1987

2. Today 1. Mobility is the most disruptive technology since PC introduced in 1981. 2. Mobility growth: • Mobile devices (2b) > desktops (1.3b) • Mobile traffic exceeded desktop in 2015 • Online time via mobility at 51% in USA • Mobile commerce 30% at $104.5B in ‘15 3. Traditional mobile device=SwissArmyknife: • Assistant, tour guide, gamer, entertainer • Camera, compass, flashlight, scanner • Alert, monitor, and sense Slide 2 Copyright 2016Bryley Systems Inc.

3. Trends 1. Integration: • Lifestyle – Fitness or gaming; image • Social integration – Search, messaging, video: Facebook video exceeds YouTube 2. Emerging technologies: • AI – Siri/Cortana; hands-free in vehicles • Wearables – Wrist-ware, fitness trainers, eye-ware, ear-ware, etc. – 39.5 million 3. Other changes: • Cell-service price wars • Cell-bandwidth freed by emerging Wi-Fi Slide 3 Copyright 2016Bryley Systems Inc.

4. Players 1. Software (operating system and apps): • Apple (iOS) • Google (Android) • Microsoft (Windows Phone) 2. Cellular service: • AT&T • Sprint • Verizon 3. Social: Facebook, Twitter, LinkedIn • Facebook • Twitter Slide 4 Copyright 2016Bryley Systems Inc.

5. Workplace 1. Blurring social-media lines*: • Social-advocacy programs in the office • Social messaging apps have 4B users • Social-media advertising – Look like posts and tweets targeted with precision – $24B • Social video – Facebook > YouTube 2. Bring your own device (BYOD): • Organization does not own the device • Outside of control and protection • Mixes organization data with personal data *Ryan Holmes, HootSuite CEO: 2016 Biggest Social Media Trends for Business Slide 5 Copyright 2016Bryley Systems Inc.

6. Workplace (continued) 3. Compliance: • Massachusetts 201 CMR 17 (2010) • HIPPA (1996) • Sarbanes Oxley (2002) 4. Employee state-of-mind: • Access from anywhere; anytime • Extends reach of corporate applications • Happier, productive employees or over- loaded and burnt out? Slide 6 Copyright 2016Bryley Systems Inc.

7. Threats 1. Most-common issues: • Poor user habits: Password, 2-factor, loss • Lack of encrypted transmission: BT+Wi-Fi • Out-of-date, unpatched OS and apps • Lack of malware protection • Unencrypted sensitive data 2. Example: Android Bankosy (2014)*: • Locks device and steals 2nd-factor passcode via call-forwarding • Matches passcode to user credentials * Android malware steals one-time passcodes Jeremy Kirk at CIO on 1/12/16 Slide 7 Copyright 2016Bryley Systems Inc.

8. Other risks 1. Applications: • Email – Confidential data not encrypted • File-sharing service – Unrestricted access 2. Accessories: • Credit-card readers – SSL encrypt while processing, no local storage, password • Remote control – Password & encrypted • Storage (SD cards) – Encrypted • Door locks – Password • Anti-theft keychains • Scanners Slide 8 Copyright 2016Bryley Systems Inc.

10. Security – Policies 1. Device: • Anti-malware and updates/patches • Encrypt data • Backups 2. User: • Complex passwords with auto-lock • Browser high-security mode 3. Remote access: • Encrypted transmission • Provide virtualized access • Do not store data locally Slide 10 Copyright 2016Bryley Systems Inc.

11. Security – Training 1. Authentication and encryption: • Password and biometrics • Require two-factor • Encrypt data 2. Reduce risk of loss or theft: • Vigilance • Phone-tracking apps • Physical-locking device 3. Safely deploy new applications: • Specific guidelines • Enforcement mechanism Slide 11 Copyright 2016Bryley Systems Inc.

12. Security – Training (continued) 4. Securely backup data • Scheduled and verified • Restrict online • Tethering 5. Wi-Fi connection: • Encrypt wireless transmission • Man-in-the-Middle Attacks (MITM) • Use Bluetooth cautiously in public 6. Dispose of properly: • Remove all data • Wipe internal storage Slide 12 Copyright 2016Bryley Systems Inc.

13. Security – Enforcement 1. Mobile Device Management (MDM): • Central administration aided by software • Deploy, secure, integrate, monitor, and manage all mobile devices • Enforce user-security policy • Recover lost/stolen devices • Control mobile-device applications • Airwatch, MobileIron, Kaseya, Exchange 2. Virtual Private Network (VPN): • Point-to-point encrypted tunnel • VPN appliance validates device Slide 13 Copyright 2016Bryley Systems Inc.

14. 3. Encryption: • Requires authentication to unencrypt • Add to device, folders, transmissions 4. Anti-malware: • Avast – 9/10; $15/year • AVG – 7/10; $15/year • BitDefender – 8/10; $15/year • Malwarebytes – Free 5. Backup: • Content creation: Tablets and notebooks • Access files via VPN or Cloud Slide 14 Copyright 2016Bryley Systems Inc. Security – Enforcement (continued)

15. Security – Enforcement (continued) 6. First steps: • Backup where needed • Deploy anti-malware app • Enable on-board encryption • Require password with auto-lock • Enforce two-factor authentication • Update through managed patching • Require VPN access to organization data Slide 15 Copyright 2016Bryley Systems Inc.

16. Mobility in Business Gavin Livingstone Bryley Systems Inc. GLivingstone@Bryley.com Manage • Optimize • Secure™ – Since 1987