Check Point Mobile Security


Published on

The Mobile Organization
Bridging the consumer and enterprise worlds

Published in: Technology, Business
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Hi, today we will talk about the mobile organization
  • So, up until fewyears ago or organization was our fortress. We had the ability to understand what our data is stored. It was in side the organization. People were working remotely at all times and road warriors is not something new – but those employees connected remotely – usually from managed devices, and data was traveling between the organization and those devices in a control manner. Today…. Everybody has its mobile device and everybody expects to use it… so, what are we doing with those devices today?
  • Need to work on your data when away? Not a problem – its very simple to send it to your personal email address and continue working from your personal mobile device…
  • Email servers can’t handle large files anymore. Got an error message about the size of the file? Not a problem as well, there are so many cloud-based services that allow us to upload huge files to the web and use them from anywhere.
  • ….so, I’m sure that many of the people in the room say – “well…. those are simple problems, and at our organization it does NOT happen, because that we educated our employees, and block the abilities to do it”. So let’s see what our recent analysis discovered:During the year of 2012, Check Point Software have analyzed the perimeter traffic of 900 organization. A total of 120,000 hours of traffic were collected and analyzer, so our security report is not based on yet another survey that was filled by people, but it reflects reality. So – what have we seen?...
  • First, we’ve seen that 80% of the organizations are using file storage and sharing applications today. At 70% of the organizations that we’ve analyzed we’ve seen files being uploaded to dropbox, followed by Windows Live, Yousend it and other web services. That’s a lot of files being uploaded from your organization into the public web.
  • At more than half of the organizations that were analyzed, there was a severe leak of business data into the network. In 36% of financial organizations – credit card information was sent outside of the buisnessIn 16% of healthcare organizations – some protected health information was sent outside of the business – And all of that – were sent over the web and email to attendees that probably should not have access to this data.
  • Last, when askingthese organizations, we see that more than 9 out of any 10 businesses today is allowing a verity of smartphones and tablets to access any resources in the business.
  • So, as we can see, it is simpler than ever to use data anywhere today – On smartphones, tablets, over USB devices and over the web. Users would like to use business resources anywhere, and they have a lot of free and public means to do so. The challenge is that each and everyone of those means can not be controlled by the organization – not the personal smartphones, not USB devices, and of course that not services such as dropbox or public email services. All of these are uncontrolled environments.
  • So, what are the risks of having data in uncontrolled environment?First, of course that any device such as USB, smartphone or tablet can be very easily got lost or stolen. All data on those devices will be simply available to anybody finds them.Data uploaded to the web is not very safe as well. services such as dropbox or evernote were hacked in the past, and additionally hackers try (and many times succeed) to login to those services with usernames and passwords that were reveleaed in other hackes – since eventually, most of us use the same user and password on many services.Sharing data with external partners is important to do business, but once data was transmitted to a business partner – we consider that an ‘uncontrolled environment’ as well, as we have no way to guarantee that the business partner will not loss this data (by mistake, or maybe on purpose….?)
  • And finally – malware on mobile devices proliferates in the last two years. Only recently, Check Point discovered and published an interesting case study about more than 30,000 people in the EU that were infected with a virus on their mobile device more than EU36M were stolen from those people. Malware can get today to mobile devices at the same way it gets to PC and access easily data on native apps on the device such as the native email app, calendar, and others.
  • So, when organizations come today to protect their assets, they usually try to protect data at the same way they protect data in “controlled environments” – meaning control the devices that store the data. Organizations try today to manage the entire device – even if it belongs to the end user, telling the user that “you need to comply with our policy in case that you can to connect to the business”. They will try to block file-sharing applications, although that eventually users will connect to those networks as they can be outside of the business or get connected to a 3G/4G network that is not routed via the business, and last – organizations will try to continue and contain everything inside the perimeter.The question that we need to ask ourselves is whether in the era of the mobile organization – such approach is still realistic. Can we still control the devices and keep all data inside the perimeter?
  • We need to start to adopt a new way, and for that we need a change of mind. The new way is not looking at the devices – just because that the variant of devices and methods of using data becomes infinite, and instead we need to look at the data itself and understand how can we protect the business data. The new organization will expect data to:Be available anywhereUnderstand the end-users, meet their needs, and allow the security team to roll out a solution successfully. Understand that protecting data is a multi layer challenge ; a one that requires a multi layer, let’s see how we can think into the future in order to enable the mobile organization and still protect our business data
  • End-users expect their data to be available anywhere today: On their smartphones and tablets, in USB devices and in cloud-applications such as dropbox, iCloud, Google Drive, etc. The organization needs to enable those devices, and have the ability to encrypt only the business data stored on those devices, without encrypting anything else – that is not considered to be business. The organization should be able to control the authentication to access this data – and set access rights to it – so only authorised users can see it, while others can’t. The business needs to have the ability to get alerts in case that business data is not used properly, and as a result should have the ability to block any further access to it from remote.
  • And last – as the challenge is very wide, there are also a wide variety of technologies that business can adopt to protect their data. For the ability of the organization to control the security policy in an effective manner – we need to try to adopt a technology that will be orchestrated and provide us added value – such as Data Loss Protection with Data Rights Management, or Data Loss Protection and USB encryption that can protect and set access rights to data automatically once leaving the network. And last – of course that all businesses are expecting to adopt a solution that is simple to manage – as organizations don’t have the ability to increase IT human resources and spend.
  • Check Point Mobile Security

    1. 1. The Mobile Organization Bridging the consumer and enterprise worlds Eyal Manor ©2013 Check Point Software Technologies Ltd.
    2. 2. Organizational Boundaries Disappear ©2013 Check Point Software Technologies Ltd. 2
    3. 3. I need to continue to work tonight… …I’ll send this data via email ©2013 Check Point Software Technologies Ltd. 3
    4. 4. Error 552: Sorry, this message exceeds your maximum size limit. Dropbox YouSendIt Windows Live ©2013 Check Point Software Technologies Ltd. 4
    5. 5. This doesn’t affect me… right? ©2013 Check Point Software Technologies Ltd. 5
    6. 6. Let’s Have a Closer Look at your Network 900 Businesses 120,000 Hours of Inspected Traffic ©2013 Check Point Software Technologies Ltd. 6
    7. 7. Storing and Sharing Applications 70 Dropbox 51 Windows Live 25 Curl 22 YouSendIt Sugarsync PutLocker 13 10 80% of Organizations Use File Storage and Sharing Apps Source: Check Point Security Report 2013, 900 companies, 120,000 of traffic monitored ©2013 Check Point Software Technologies Ltd. 7
    8. 8. Data Loss at Organizations 54% of Organizations Experienced Data Loss Source: Check Point Security Report 2013, 900 companies, 120,000 of traffic monitored [Restricted] ONLY for designated groups and individuals ©2013 Check Point Software Technologies Ltd. 8
    9. 9. …And Where All This Data Goes To? 93% of Organizations Allow Mobile Devices into the Business Source: Check Point Mobile Survey, March 2013, 790 IT professionals ©2013 Check Point Software Technologies Ltd. 9
    10. 10. Organizational Boundaries Disappear Smartphones and Tablets USB Devices Data Collaboration Email Data Leaves to Uncontrolled Environments ©2013 Check Point Software Technologies Ltd. 10
    11. 11. The Risks Device Lost or Stolen Data Uploaded to the web Sharing Data with External Parties ©2013 Check Point Software Technologies Ltd. 11
    12. 12. The Risks Device Lost Data Uploaded A new version Stolen for or of Zeus malware designed to the web mobile devices has stolen 36 million euros from more than 30,000 customers. Sharing Data with External Parties Malware on Mobile Devices ©2013 Check Point Software Technologies Ltd. 12
    13. 13. Conventional Security Thinking Protect the Device at All Costs (even if it blocks the business…) Manage ALL Devices Block Is that Realistic? File-Sharing Apps Contain Everything in the Perimeter ©2013 Check Point Software Technologies Ltd. 13
    14. 14. Protect Business Data Wherever Its Used Available anywhere Meet All User Needs Multi Layered Solution ©2013 Check Point Software Technologies Ltd. 14
    15. 15. Control the Access and Usage of Business Data USB Devices Smartphones and Tablets Available anywhere Data Collaboration Encrypt Data in Uncontrolled Environments Set Authentication & Access Rights to Data Look for Exceptions in the “Trail of Data” Be Able to Revoke Access to Data if Needed ©2013 Check Point Software Technologies Ltd. 15
    16. 16. On Mobile Devices Use Business Data within a Secure Business Application ***** Only Authenticated Users Access the Business Container ©2013 Check Point Software Technologies Ltd. 16
    17. 17. On Mobile Devices Use Business Data within a Secure Business Application Use Emails Securely Use Documents Securely ©2013 Check Point Software Technologies Ltd. 17
    18. 18. On USB Drives Use Business Data Within a Secure Folder Personal Data  Data is not encrypted  Access to any user/device Business Data  Data is encrypted  Transparent access only to approved users and devices ©2013 Check Point Software Technologies Ltd. 18
    19. 19. Sharing Documents Use and Share Documents Securely with Anyone Data is Encrypted Upon Creation Access to Authorized Users Only Authorized Non Authorized ©2013 Check Point Software Technologies Ltd. 19
    20. 20. Sharing Documents Transparent Access to Documents from any Device ©2013 Check Point Software Technologies Ltd. 20
    21. 21. Engage People and Allow Them to Work Enable BYOD – Manage only Business Data Engage and Educate End-users Meet All User Needs ©2013 Check Point Software Technologies Ltd. 21
    22. 22. Bring Your Own Device - BYOD Personal data & apps Business information NOT MANAGED Use Personal Devices for Business Data MANAGED Only Business Data is Managed Remotely Wipe Business Data ©2013 Check Point Software Technologies Ltd. 22
    23. 23. Engage and Educate End Users Salaries Simple to Understand the Problem & Resolution ©2013 Check Point Software Technologies Ltd. 23
    24. 24. Protect Data with a Multi Layered Solution Orchestrated Together Simple to Manage Policy and Incidents Multi Layered Solution ©2013 Check Point Software Technologies Ltd. 24
    25. 25. Mobile Information Protection – A Multi Layer Solution Mobile Security Enables Secure BYOD Document Security Enables Secure Document Sharing DLP Keeps Data Away from Wrong Hands Endpoint Security Protects Data on PCs and USBs ©2013 Check Point Software Technologies Ltd. 25
    26. 26. Summary Protect Business Information Wherever it is Used Meets End Users Needs – Enables BYOD & Information Sharing Multi Layer Solution Protect Data on Mobile Devices, Documents & Endpoints ©2013 Check Point Software Technologies Ltd. 26