Uploaded bycherienetclarity
PPTX, PDF576 views

BYOD and Your Business

This document discusses enabling inside-out network security to address risks associated with BYOD (bring your own device) trends in businesses. It outlines how BYOD introduces security risks if not properly managed, such as malware being unintentionally downloaded onto devices and entering the network. The document recommends a multi-faceted BYOD strategy involving people, processes, policies, and technologies like NAC (network access control) and MDM (mobile device management) to secure networks from internal threats. It promotes NetClarity's internal security solution using NACwalls to identify and remediate vulnerabilities, defend against malware, and control device access.

Embed presentation

Downloaded 13 times
Enabling Inside-Out Network Security BYOD and Your Business Learn about the BYOD trend, the risks associated with this trend, and how to successfully adopt BYOD while securing your network.
Agenda Enabling Inside-Out Network Security • The rise of BYOD • Security risks associated with BYOD • A BYOD strategy • NetClarity’s Internal Security Solution
The Rise of BYOD Enabling Inside-Out Network Security • Gartner projects a 9-40% savings using employee PCs • 1 in 10 use personal computers for primary work device today • 50% use personal computers for work at some time • 43% of companies have a written policy, with specific rules
BYOD: A fast-growing Dilemma Enabling Inside-Out Network Security The challenge: seamless and secure management of ALL device Personal AND Professional Wired AND Wireless ANY operating system By 2016 at least 50% of enterprise email users will rely primarily on a browser, tablet or mobile client instead of a desktop client. – Gartner - AND - Today, 80% of attacks occur inside the network - SANS
The “Security” dilemma of BYOD Enabling Inside-Out Network Security 1. People 2. Processes 3. Policy 4. Technology 5
Breach Statistics Enabling Inside-Out Network Security 174 million compromised records last year …and their firewall didn’t stop them! Verizon 2012 Data Breach Investigations Report
Enabling Inside-Out Network Security And you thought a firewall was all you needed?
BYOD: How is security breached? Enabling Inside-Out Network Security 1. Accidentally download malware onto your device. 2. Bring that device into work and bypass the firewall. 3. A Trojan gets onto the network. 4. Data gets transferred to a hacker without you even knowing it! Data
What’s the real internal security problem? Enabling Inside-Out Network Security All Networks and IP Devices have Holes that are known as: Common Vulnerabilities and Exposures (CVE) https://nvd.nist.gov/
BYOD Risk: New Malware Outbreaks… Enabling Inside-Out Network Security  Your favorite anti-virus program catches no more than 70-90% of malware!  What’s running on everyone’s personal device? Who knows?
BYOD Risk: New Malware Outbreaks… Enabling Inside-Out Network Security “Here's a video of my Droid cell phone that was hacked after I loaded the new "Mobile Skype" program. It's as if the phone has been possessed. Had to get a new cell.” http://www.youtube.com/watch?v=mpZgw5Db2ok “Noticed this crazy messaging happening on my iPad2 earlier this evening. You can see that there are messages being sent (blue background) and the keypad is not being used at the time. Secondly, I don't have a Romanian number or contact. Thirdly, I don't speak Romanian. Weird I tells ye! and it's still messaging back and forth as I type here.” http://www.youtube.com/watch?v=wa9H-8Q1FeA
BYOD Risk: CVEs (iPhone sample…) Enabling Inside-Out Network Security The current value of credit cards on the black market – Look, you can even buy in bulk! See: http://nvd.nist.gov
BYOD Risk: Lost or Stolen? Enabling Inside-Out Network Security “More than a third of consumers have had cell phones lost or stolen”
BYOD Risks: Control and Compliance Enabling Inside-Out Network Security Behind every firewall, you need to manage BYOD. The businesses in each of these vertical markets are all very different, but they are all faced with similar challenges: • Ensuring Business Continuity. • Controlling Network Access. • Ensuring Regulatory Compliance.
BYOD Strategy Enabling Inside-Out Network Security People  Awareness, training, culture Process  Assessments, real-time monitoring, onboarding/departing employees, quarantining devices Policy  Acceptable use, email security, access control, password policy, patch mgmt., incident response, business continuity Technology  NAC, MDM, firewalls, A/V, IPS/WIPS, etc.
Multi-faceted Internal Security Enabling Inside-Out Network Security IPS/IDS Firewall End Point Protection  Asset Management and Access Control. Internal Security  Vulnerability management, compliance reporting and Auditing  Zero-Day Defense
Internal UTM: Critical technology Enabling Inside-Out Network Security Remember, while firewalls protect networks from the outside-in, over 80% of successful attacks come from the inside. There is a major need for internal UTM to secure networks from the inside-out.
Inside-Out Network Security™ Appliances Enabling Inside-Out Network Security Scalable from 25 devices to thousands • Immediately control access by any and all types of devices – if you don’t want them on the network, they don’t get on the network. • Identify network holes (CVE®s) on the inside of your network and guide proactive remediation process • Defend against malware through automated detection and blocking
Enabling Inside-Out Network Security
Enabling Inside-Out Network Security
Enabling Inside-Out Network Security
How NetClarity stops a breach Enabling Inside-Out Network Security 1. Accidentally download malware onto your device. 2. Bring that device into work and bypass the firewall. 3. A Trojan gets onto the network. 4. NetClarity quarantines the device that has a Trojan installs 5. NetClarity stops the hacker from receiving the data he was hoping to obtain! Data
The BYOD NACwall Appliance Awards Enabling Inside-Out Network Security “NetClarity Picks Up Where Firewalls, Anti-virus, Intrusion Detection Systems and Intrusion Prevention Systems Leave Off” – John Gallant, President, Network World “The only Next Gen. NAC solution to be “The Most integrated with RSA enVision® for Innovative NAC enterprise-wide internal risk management” Vendor in the World” – Network Products Guide, Hot – Apurva More, RSA Secured Program Manager Companies, 2009, 2010, 2011
Next Generation NAC, Manages BYOD! Enabling Inside-Out Network Security “When evaluating NAC solutions, look for vendors that understand the consumerization trend and support, or have plans to support, policies for managing the non-Microsoft endpoints that will inevitably attempt to connect to your network…. • Convenient to install • Universal in application • All devices, OS, wired/wireless Gartner NAC Report, 12/2010
In Summary: Managing BYOD Enabling Inside-Out Network Security 1. Personal devices are pervasive but the BYOD trend isn’t going anywhere. 2. They add a new level of risk management to the organization. 3. There are technologies to mitigate the risk, like NetClarity’s NACwalls!
Questions? Enabling Inside-Out Network Security www.netclarity.net

More Related Content

PDF
Privacy & Security for the Internet of Things
byGerry Elman
 
PPTX
8 Threats Your Anti-Virus Won't Stop
bySophos
 
PPTX
CH. 5 Computer Security and Safety, Ethics and Privacy
bymalik1972
 
PDF
Internet of Things - Privacy and Security issues
byPierluigi Paganini
 
PPTX
Computer Security risks Shelly
byAdeel Khurram
 
PPTX
BYOD - Protecting Your School
bySophos
 
PPTX
Chapter 11
byMohd Khairil Borhanudin
 
PDF
Free Libre Open Source Software Development
byFrederik Questier
 
Privacy & Security for the Internet of Things
byGerry Elman
 
8 Threats Your Anti-Virus Won't Stop
bySophos
 
CH. 5 Computer Security and Safety, Ethics and Privacy
bymalik1972
 
Internet of Things - Privacy and Security issues
byPierluigi Paganini
 
Computer Security risks Shelly
byAdeel Khurram
 
BYOD - Protecting Your School
bySophos
 
Chapter 11
byMohd Khairil Borhanudin
 
Free Libre Open Source Software Development
byFrederik Questier
 

What's hot

PPTX
Cyber Security
byfrcarlson
 
PDF
Is Your Network Ready for BYOD?
bySophos
 
PPT
Voice securityprotocol review
byFabio Pietrosanti
 
PDF
Mobile security - Intense overview
byPrivateWave Italia SpA
 
PPTX
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
bymike parks
 
PDF
C0c0n 2011 mobile security presentation v1.2
bySantosh Satam
 
PPTX
Ite pc v40_chapter9_edited_h
byDave Arvin
 
PPTX
Operating Systems: Computer Security
byDamian T. Gordon
 
PPTX
Sophos Mobile Control - Product Overview
bySophos
 
PDF
Computer Security and Safety, Ethics & Privacy
bySamudin Kassan
 
PDF
IMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FI
byIJNSA Journal
 
PPTX
Operating Systems: Computer Security
byDamian T. Gordon
 
PDF
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
bySecurity B-Sides
 
PPT
Security Intelligence: Advanced Persistent Threats
byPeter Wood
 
PPT
2010: Mobile Security - WHYMCA Developer Conference
byFabio Pietrosanti
 
PPTX
Endpoint Protection
bySophos
 
PDF
Advanced persistent threats(APT)
byNetwork Intelligence India
 
PDF
Hakin9 interview w Prof Sood
byZsolt Nemeth
 
PPTX
Exposing the Money Behind Malware
bySophos
 
PPTX
Discovering Computers: Chapter 11
byAnna Stirling
 
Cyber Security
byfrcarlson
 
Is Your Network Ready for BYOD?
bySophos
 
Voice securityprotocol review
byFabio Pietrosanti
 
Mobile security - Intense overview
byPrivateWave Italia SpA
 
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
bymike parks
 
C0c0n 2011 mobile security presentation v1.2
bySantosh Satam
 
Ite pc v40_chapter9_edited_h
byDave Arvin
 
Operating Systems: Computer Security
byDamian T. Gordon
 
Sophos Mobile Control - Product Overview
bySophos
 
Computer Security and Safety, Ethics & Privacy
bySamudin Kassan
 
IMPLEMENTATION OF A SECURITY PROTOCOL FOR BLUETOOTH AND WI-FI
byIJNSA Journal
 
Operating Systems: Computer Security
byDamian T. Gordon
 
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
bySecurity B-Sides
 
Security Intelligence: Advanced Persistent Threats
byPeter Wood
 
2010: Mobile Security - WHYMCA Developer Conference
byFabio Pietrosanti
 
Endpoint Protection
bySophos
 
Advanced persistent threats(APT)
byNetwork Intelligence India
 
Hakin9 interview w Prof Sood
byZsolt Nemeth
 
Exposing the Money Behind Malware
bySophos
 
Discovering Computers: Chapter 11
byAnna Stirling
 

Similar to BYOD and Your Business

PDF
White Paper: Is Your Network Safe Behind Just a Firewall?
byWindstream Enterprise
 
PDF
7.5 steps to overlaying byod & iot
byCaston Thomas
 
PDF
Dont Let Data And Business Assets Slip Out The Back Door Cm101243
byErik Ginalick
 
PDF
Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...
byNovell
 
PPTX
Network Security of Data Protection
byUthsoNandy
 
PDF
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
byAndris Soroka
 
DOCX
Protecting Intellectual Property in the Age of WikiLeaks
bySocialKwan
 
PDF
How I learned to stop worrying & love the BYOD
byCaston Thomas
 
PDF
Mobile malware and enterprise security v 1.2_0
byJavier Gonzalez
 
PDF
BYOD: Device Control in the Wild, Wild, West
byJay McLaughlin
 
PDF
Paper Florencio Cano - Patient data security in a wireless and mobile world
byWTHS
 
PDF
It's 2012 and My Network Got Hacked - Omar Santos
bysantosomar
 
PDF
Pawaa OCC Presentation
byCloudComputing
 
PDF
White Paper: Securing Nomadic Workforce
byCourtland Smith
 
PDF
BYOD Monitoring
byNetFlow Analyzer
 
PPTX
Information Security, Cybercrime and technology futures allowing you to get a...
byInsight UK
 
PDF
Protecting Data on Laptops
byProduct Marketing Services
 
PDF
7.5 steps to overlaying BYoD & IoT on Existing Investments
byCaston Thomas
 
PPTX
iPads on your network? Take Control with Unified Policy and Management
byCisco Mobility
 
PPTX
Cybersecurity - Keeping Your Business Protected
byRobert E Jones
 
White Paper: Is Your Network Safe Behind Just a Firewall?
byWindstream Enterprise
 
7.5 steps to overlaying byod & iot
byCaston Thomas
 
Dont Let Data And Business Assets Slip Out The Back Door Cm101243
byErik Ginalick
 
Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...
byNovell
 
Network Security of Data Protection
byUthsoNandy
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
byAndris Soroka
 
Protecting Intellectual Property in the Age of WikiLeaks
bySocialKwan
 
How I learned to stop worrying & love the BYOD
byCaston Thomas
 
Mobile malware and enterprise security v 1.2_0
byJavier Gonzalez
 
BYOD: Device Control in the Wild, Wild, West
byJay McLaughlin
 
Paper Florencio Cano - Patient data security in a wireless and mobile world
byWTHS
 
It's 2012 and My Network Got Hacked - Omar Santos
bysantosomar
 
Pawaa OCC Presentation
byCloudComputing
 
White Paper: Securing Nomadic Workforce
byCourtland Smith
 
BYOD Monitoring
byNetFlow Analyzer
 
Information Security, Cybercrime and technology futures allowing you to get a...
byInsight UK
 
Protecting Data on Laptops
byProduct Marketing Services
 
7.5 steps to overlaying BYoD & IoT on Existing Investments
byCaston Thomas
 
iPads on your network? Take Control with Unified Policy and Management
byCisco Mobility
 
Cybersecurity - Keeping Your Business Protected
byRobert E Jones
 

Recently uploaded

PDF
January Patch Tuesday
byIvanti
 
PDF
Top 5 Best Dedicated Server Providers in Los Angeles (Updated Edition)
byAtal Networks
 
PPTX
WIFI Enabled 8 by 32 Matrix.pptx for final year project
bymdsabbirhossain524856
 
PPTX
The Abomination of AI – keynote at ICoSCI 2026
byAlan Dix
 
PDF
A paper in the leading academic journal Telecommunication Policy cited Scott ...
byScott M. Graffius
 
PDF
AI Data Analyst: Smarter Insights for Modern Real Estate Decisions
byLeni Analyst
 
PDF
Adding Copilot+ PCs with Snapdragon to your HP fleet won’t require IT deploym...
byPrincipled Technologies
 
PDF
One String, Many Prompts: AI Code Generation
byGeoffrey Goetz
 
PDF
Building Voice Agents with Google Agent Development Kit
bySuresh Peiris
 
PDF
Special Reeling Cable Specification _ Anhui Feichun Special Cable Co., Ltd_.pdf
byAnhui Feichun Special Cable Co., Ltd.
 
PDF
Zniber Partners. Audience Foresight for Confident Decisions
bySamuel Zniber
 
PDF
Why Enterprises Are Moving to Dedicated Servers in the Netherlands
byAtal Networks
 
PPTX
Apache Kafka 101 for Techies in IT dep.pptx
byamulyareddyk97
 
PPTX
Storage-and-HCI-Positioning-update-sales.pptx
byhungungphu123
 
PDF
Pervasive Encryption - Keeping Data Secure.pdf
byPrecisely
 
PPTX
UNIT 1- Introduction to Basic of Computer Fundamentals
bypawarbhaktiit
 
PDF
Profiting from Technological Innovation: Managing Intellectual Property to Bu...
byDavid Teece
 
PPTX
Becoming Frontier for Dynamics 365 Finance PPT
byjonbravetti
 
PPTX
computer science class 11 ( phishing and fraud mails) .pptx
bybalajichess314
 
PDF
Chapter 2 Computer Threat .pdf
byGetnet Tigabie Askale -(GM)
 
January Patch Tuesday
byIvanti
 
Top 5 Best Dedicated Server Providers in Los Angeles (Updated Edition)
byAtal Networks
 
WIFI Enabled 8 by 32 Matrix.pptx for final year project
bymdsabbirhossain524856
 
The Abomination of AI – keynote at ICoSCI 2026
byAlan Dix
 
A paper in the leading academic journal Telecommunication Policy cited Scott ...
byScott M. Graffius
 
AI Data Analyst: Smarter Insights for Modern Real Estate Decisions
byLeni Analyst
 
Adding Copilot+ PCs with Snapdragon to your HP fleet won’t require IT deploym...
byPrincipled Technologies
 
One String, Many Prompts: AI Code Generation
byGeoffrey Goetz
 
Building Voice Agents with Google Agent Development Kit
bySuresh Peiris
 
Special Reeling Cable Specification _ Anhui Feichun Special Cable Co., Ltd_.pdf
byAnhui Feichun Special Cable Co., Ltd.
 
Zniber Partners. Audience Foresight for Confident Decisions
bySamuel Zniber
 
Why Enterprises Are Moving to Dedicated Servers in the Netherlands
byAtal Networks
 
Apache Kafka 101 for Techies in IT dep.pptx
byamulyareddyk97
 
Storage-and-HCI-Positioning-update-sales.pptx
byhungungphu123
 
Pervasive Encryption - Keeping Data Secure.pdf
byPrecisely
 
UNIT 1- Introduction to Basic of Computer Fundamentals
bypawarbhaktiit
 
Profiting from Technological Innovation: Managing Intellectual Property to Bu...
byDavid Teece
 
Becoming Frontier for Dynamics 365 Finance PPT
byjonbravetti
 
computer science class 11 ( phishing and fraud mails) .pptx
bybalajichess314
 
Chapter 2 Computer Threat .pdf
byGetnet Tigabie Askale -(GM)
 

BYOD and Your Business

  • 1.
    Enabling Inside-Out NetworkSecurity BYOD and Your Business Learn about the BYOD trend, the risks associated with this trend, and how to successfully adopt BYOD while securing your network.
  • 2.
    Agenda Enabling Inside-Out NetworkSecurity • The rise of BYOD • Security risks associated with BYOD • A BYOD strategy • NetClarity’s Internal Security Solution
  • 3.
    The Rise ofBYOD Enabling Inside-Out Network Security • Gartner projects a 9-40% savings using employee PCs • 1 in 10 use personal computers for primary work device today • 50% use personal computers for work at some time • 43% of companies have a written policy, with specific rules
  • 4.
    BYOD: A fast-growingDilemma Enabling Inside-Out Network Security The challenge: seamless and secure management of ALL device Personal AND Professional Wired AND Wireless ANY operating system By 2016 at least 50% of enterprise email users will rely primarily on a browser, tablet or mobile client instead of a desktop client. – Gartner - AND - Today, 80% of attacks occur inside the network - SANS
  • 5.
    The “Security” dilemmaof BYOD Enabling Inside-Out Network Security 1. People 2. Processes 3. Policy 4. Technology 5
  • 6.
    Breach Statistics Enabling Inside-OutNetwork Security 174 million compromised records last year …and their firewall didn’t stop them! Verizon 2012 Data Breach Investigations Report
  • 7.
    Enabling Inside-Out NetworkSecurity And you thought a firewall was all you needed?
  • 8.
    BYOD: How issecurity breached? Enabling Inside-Out Network Security 1. Accidentally download malware onto your device. 2. Bring that device into work and bypass the firewall. 3. A Trojan gets onto the network. 4. Data gets transferred to a hacker without you even knowing it! Data
  • 9.
    What’s the realinternal security problem? Enabling Inside-Out Network Security All Networks and IP Devices have Holes that are known as: Common Vulnerabilities and Exposures (CVE) https://nvd.nist.gov/
  • 10.
    BYOD Risk: NewMalware Outbreaks… Enabling Inside-Out Network Security  Your favorite anti-virus program catches no more than 70-90% of malware!  What’s running on everyone’s personal device? Who knows?
  • 11.
    BYOD Risk: NewMalware Outbreaks… Enabling Inside-Out Network Security “Here's a video of my Droid cell phone that was hacked after I loaded the new "Mobile Skype" program. It's as if the phone has been possessed. Had to get a new cell.” http://www.youtube.com/watch?v=mpZgw5Db2ok “Noticed this crazy messaging happening on my iPad2 earlier this evening. You can see that there are messages being sent (blue background) and the keypad is not being used at the time. Secondly, I don't have a Romanian number or contact. Thirdly, I don't speak Romanian. Weird I tells ye! and it's still messaging back and forth as I type here.” http://www.youtube.com/watch?v=wa9H-8Q1FeA
  • 12.
    BYOD Risk: CVEs(iPhone sample…) Enabling Inside-Out Network Security The current value of credit cards on the black market – Look, you can even buy in bulk! See: http://nvd.nist.gov
  • 13.
    BYOD Risk: Lostor Stolen? Enabling Inside-Out Network Security “More than a third of consumers have had cell phones lost or stolen”
  • 14.
    BYOD Risks: Controland Compliance Enabling Inside-Out Network Security Behind every firewall, you need to manage BYOD. The businesses in each of these vertical markets are all very different, but they are all faced with similar challenges: • Ensuring Business Continuity. • Controlling Network Access. • Ensuring Regulatory Compliance.
  • 15.
    BYOD Strategy Enabling Inside-OutNetwork Security People  Awareness, training, culture Process  Assessments, real-time monitoring, onboarding/departing employees, quarantining devices Policy  Acceptable use, email security, access control, password policy, patch mgmt., incident response, business continuity Technology  NAC, MDM, firewalls, A/V, IPS/WIPS, etc.
  • 16.
    Multi-faceted Internal Security EnablingInside-Out Network Security IPS/IDS Firewall End Point Protection  Asset Management and Access Control. Internal Security  Vulnerability management, compliance reporting and Auditing  Zero-Day Defense
  • 17.
    Internal UTM: Criticaltechnology Enabling Inside-Out Network Security Remember, while firewalls protect networks from the outside-in, over 80% of successful attacks come from the inside. There is a major need for internal UTM to secure networks from the inside-out.
  • 18.
    Inside-Out Network Security™Appliances Enabling Inside-Out Network Security Scalable from 25 devices to thousands • Immediately control access by any and all types of devices – if you don’t want them on the network, they don’t get on the network. • Identify network holes (CVE®s) on the inside of your network and guide proactive remediation process • Defend against malware through automated detection and blocking
  • 19.
  • 20.
  • 21.
  • 22.
    How NetClarity stopsa breach Enabling Inside-Out Network Security 1. Accidentally download malware onto your device. 2. Bring that device into work and bypass the firewall. 3. A Trojan gets onto the network. 4. NetClarity quarantines the device that has a Trojan installs 5. NetClarity stops the hacker from receiving the data he was hoping to obtain! Data
  • 23.
    The BYOD NACwallAppliance Awards Enabling Inside-Out Network Security “NetClarity Picks Up Where Firewalls, Anti-virus, Intrusion Detection Systems and Intrusion Prevention Systems Leave Off” – John Gallant, President, Network World “The only Next Gen. NAC solution to be “The Most integrated with RSA enVision® for Innovative NAC enterprise-wide internal risk management” Vendor in the World” – Network Products Guide, Hot – Apurva More, RSA Secured Program Manager Companies, 2009, 2010, 2011
  • 24.
    Next Generation NAC,Manages BYOD! Enabling Inside-Out Network Security “When evaluating NAC solutions, look for vendors that understand the consumerization trend and support, or have plans to support, policies for managing the non-Microsoft endpoints that will inevitably attempt to connect to your network…. • Convenient to install • Universal in application • All devices, OS, wired/wireless Gartner NAC Report, 12/2010
  • 25.
    In Summary: ManagingBYOD Enabling Inside-Out Network Security 1. Personal devices are pervasive but the BYOD trend isn’t going anywhere. 2. They add a new level of risk management to the organization. 3. There are technologies to mitigate the risk, like NetClarity’s NACwalls!
  • 26.
    Questions? Enabling Inside-Out NetworkSecurity www.netclarity.net

Editor's Notes

  • #4 Cost savingsConvenienceAlready in serviceCost savingsIncreased employee satisfactionIncreased employee productivityCost savings
  • #5 80% of attacks occur inside a network – behind the firewallMost BYOD devices will be wireless – but must be managed in tandem with wired.A myriad of:devices (phones, tablets, laptops), operating systems (Linux, IP-phone, Windows, iOS, Android), threats (malware, vulnerabilities)inside the network
  • #6 When do we know if a BYOD is on our network?How do we stop Rogue or Untrusted BYOD access?Is all BYOD Traffic Encrypted Well Enough to Ensure Compliance with PCI-DSS, HIPAA/HITECH, FERPA, GLBA or SOX-404?Are BYODs Harboring Personally Identifiable Information (PII)?Can we Require Whole Device Data Encryption to Protect this very Sensitive/High Risk Data?What if a BYOD gets lost or stolen? Can we (IT Staff) force a remote ‘wipe’ or ‘kill code’ on an employee owned device with corporate data on it?How do we Sync? How do we Backup BYOD?Is there any Good Firewall or Anti-virus/Anti-malware for BYOD?How do we Enforce Policies on BYOD employee-owned equipment?
  • #8 Firewalls do NOTPrevent malware from infecting a deviceStop the spread of malware within your networkPrevent high risk data, PII, etc from leaving your network
  • #9 Keyloggers and the use of stolen credentialsBackdoors and command controlTamperingPretextingPhishingBrute forceSQL injectionFor the most part, firewalls are one-way streets. Once the attacker is on the inside, they are presumed trusted, and can connect outward just as easily as a person surfing the web or checking email.
  • #13 http://blog.imperva.com/2011/10/current-value-of-credit-cards-on-the-black-market-part-ii.html
  • #14 What if the Former Employee was using Personally Owned Mobile Devices?What is your IT Security/Human Resources combined Checklist you go through when an Employee Leaves (voluntarily or involuntarily)?Does the Plan include Mobile Devices and their Company-related Data stored on the device? (Or are You Ready to Crack a Potentially Encrypted Backup you may have Retained?)
  • #15 In school settings:Students bring devices at their own riskThis means that if they bring a device, they are responsible for keeping it safe and secureThey should not leave their device in a classroom, even if the teacher allows itThe students are responsible for the appropriate use of their personal computing devicesIn government and business settings:Employees bring devices at the organizations’ riskThis means that if you bring a device, The IT STAFF is responsible for ensuring it does not increase risk by way of DATA LEAKAGE, DATA THEFT, HACKING and MALWARE OUTBREAKS
  • #16 Bottom line: GET THE DEVICE OWNER TO ASSUME SOME LEVEL OF RESPONSIBILITYTechnology affords you time, security
  • #17 “Consumerization is an unstoppable trend, and most organizations need to demonstrate flexibility and allow employees to use their personal devices for work. But, they also need to establish limits and not permit every device, every operating system and every configuration. Although approaches such as server-based computing and virtualization will also be used to deal with consumerization, NAC provides the flexibility that enterprises need in a BYOD environment, while providing the controls that enable network and security managers to retain control over the network.”
  • #23 Keyloggers and the use of stolen credentialsBackdoors and command controlTamperingPretextingPhishingBrute forceSQL injectionFor the most part, firewalls are one-way streets. Once the attacker is on the inside, they are presumed trusted, and can connect outward just as easily as a person surfing the web or checking email.
  • #25 Convinient to install, and universal in application.NetClarity is the vendor that targets SMBs and can manage all endpoints. Its family of NACwall appliances use an agentless (no additional software on the PCs) approach to baseline the health of the endpoints. NACwalls are deployed out of band in LANs, so they install easily and are not in the line of traffic…”