GARL, in collaboration with the German security distributor Intellicomp, presents a compact guide on how to face the mobility challenge and adopt a mobile strategy that users can easily embrace. Giuseppe Paterno', IT Security Architect and Director at GARL, shows how all companies can securely manage their distributed workforce on any device, with particular focus on tablets and smartphones. The objective is to help customers selecting their own secure yet affordable mobile strategy: the content itself focus on practical aspects rather than a theoretical model. The consolidated adoption of personal mobile devices for business use, known as Bring Your Own Device (BYOD), has raised concerns over the security of both company's network and privacy policies. The use of unmanaged devices started with smartphones and now is moving to tablets as well as privately owned laptops and netbooks. As the number of mobile applications increases, companies are now facing the significative amount of risks that comes from the mixed use of the devices. Through the adoption of BYOD, users' comfort has increasingly improved, but it's important to embrace the proper tools to protect the users' credentials and company's on-line data. This the reason why a combined solution let appliances and services work together to guarantee the highest level of protection on the weakest points of the network, the ones that the Sysadmins can't control directly. To be successful, every strategy must rely on the cooperation of the users and this means that they should receive some advantages: the proposed strategy significantly boost their everyday work and avoiding losing time. Affordable solutions like SSL VPN or the adoption of Single Sign-On system let employees enjoy the benefit of working from everywhere, as well as having a centralized identity managed system that can grant the access only to the authorized users. To find out more about the suggested mobility strategy, have a look to presentation

1. Bring Your Own Data
in motion without risks
Adopt a mobile access strategy that users can easily embrace
Giuseppe Paternò
IT Security Architect - gpaterno@garl.ch

2. EVERY USER IS AN ADMIN
... of his devices (BYOD) ... of his apps, softwares,
. ... of his credential to virus installed with company’s
access to company’s data management tools

3. THE BYOD OPPORTUNITIES
Let your users choose their Lower costs and less time
devices dedicated to test and
development
Improve agility with Less time spent in the IT
teleworking helpdesk

4. THE BYOD RISKS
Access to company’s network
Unable to enforce company’s policies on the
device
Respect privacy regulations (ex. customers’
data stored within address book accessible by
social networks)
Users install mobile apps that accessing and
collecting data like bank and shopping accounts
Stolen or lost devices with credential to access
to company’ system

5. THE STRATEGY
The BYOD access strategy should be focused
on securing the users’ access, not the devices

6. STRONG
SECURITY
POLICY
A secure access gateway
+
A virtual desktop
infrastructure
+
A secure centralized identity
management system

7. ACCESS GATEWAY
Easy web access from
anywhere with SSL
Full HTML compatibility
Per-user customized portal
Access to applications based
on users’ role

8. VIRTUAL DESKTOP
INFRASTRUCTURE
Desktop experience from No need to rewrite
anywhere and any device existing desktop
applications
Easy to use for everybody

9. IDENTITY MANAGEMENT
Centralized identity
management across all on-line
applications
Grant users’ access with One
Time Passwords
Easy integration with all your
web based applications
Few minutes to secure
existing partner portals,
virtual desktops and VPN

10. AND DON’T FORGET BEST
PRACTICES!
Configure an SSL VPN Adopt a firewall and check
policies periodically

11. EASY SECURITY
FOR YOUR ON-LINE SERVICES
www.secure-pass.net www.intellicomp.de