SlideShare ist ein Scribd-Unternehmen logo

Enterprise Mobile Security

Als PPTX, PDF herunterladen
HP Enterprise Security
HP Enterprise Security

Paul Schwarzenberger from HP, looks at the business drivers towards the growing use of mobile devices and consumerisation, security risks, and the requirements for securely enabling the use of business apps

Technologie
1 von 12
Enterprise Mobile Security HP Enterprise Security Services Paul Schwarzenberger MSc, M.Inst.ISP, CISSP, CLAS 1 ©2011 Copyright 2010 Hewlett-Packard Development The information © Hewlett-Packard Development Company, L.P. Company, L.P. contained herein is subject to change without notice
ENTERPRISE MOBILE SECURITY – Senior executives want to use iPhones, iPads, Androids and other mobile devices to access corporate data – New business requirements for tablets, e.g. retail, medical – Consumerisation / BYOD – expand mobile workforce cost effectively What are the risks? What security can be applied? How to securely enable apps? 2 © Copyright 2010 Hewlett-Packard Development Company, L.P.
SECURITY RISKS – Malware / malicious apps Fake Netflix analysis by Symantec, October 2011 – No (or poorly implemented) encryption – Jailbroken operating systems – SMS – Data loss – corporate / personal emails – Data loss – email attachments / Dropbox – Sync and backup – to home PC and iCloud – Malicious, compromised, or inappropriate web sites 3 © Copyright 2010 Hewlett-Packard Development Company, L.P.
MOBILE MALWARE - CUMULATIVE The continued growth of mobile phone adoption globally is driving growth in the mobile malware sector. While malware targeting the Symbian platform is still the most prevalent, there has been a sea change in top targets in 2011. In Q3 nearly all of the malware samples discovered by McAfee Labs targeted the newer and more popular (now) Android platform. Others 1400 1200 Java ME 8% 1000 9% 800 Symbian 600 3rd Ed. 400 200 11% Symbian 0 Android 56% 16% Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 09 09 09 09 10 10 10 10 11 11 11 iOS – two viruses detected to date, both only effective against jailbroken devices 4 © Copyright 2010 Hewlett-Packard Development Company, L.P. data from McAfee
APP REQUIREMENTS – Personal /corporate apps – Public / in-house apps – Blacklist, Whitelist apps – Prevent data leakage – Secure connectivity – Authentication 5 © Copyright 2010 Hewlett-Packard Development Company, L.P.
ENTERPRISE MOBILE SECURITY MODEL Enable Applications • e-mail, calendar and contacts • Business applications Sandbox • Protect corporate data • Control Interaction with host Enforce Mobile Security • Device Password • Encryption • Whitelist or blacklist Apps • Connection methods • Block jailbroken devices • Remote wipe mobile device with • Control synchronisation optional security app • Mobile Anti-Virus e-mail and • Personal Firewall business application servers Device Management • Monitor and audit • Reporting and alerts • Remote unlock 6 © Copyright 2010 Hewlett-Packard Development Company, L.P.
ENTERPRISE MOBILE SECURITY - COMPONENTS – Mobile Device Management (Secure Container / Whole Device) – Anti-Malware – Secure Connectivity – Application control – VPN – Certificates – Data Loss Prevention – URL filtering 7 © Copyright 2010 Hewlett-Packard Development Company, L.P.
EXAMPLE: UK POLICE MOBILE DATA – Balfour Beatty Workplace – Mobile data workflow and information – Police outsource contract – Police / UK Government security standards – Ease of use – “invisible” security – Solution: SSL VPN / lockdown / certificate 8 © Copyright 2010 Hewlett-Packard Development Company, L.P.
EXAMPLE: IPAD APPLICATION ACCESS 9 © Copyright 2010 Hewlett-Packard Development Company, L.P.
EXAMPLE: ANDROID MALWARE PROTECTION – Mobile Device Management – Anti-Malware Client – App Inventory – App Control Policies • Disallow malware • Require Anti-Malware client 10 © Copyright 2010 Hewlett-Packard Development Company, L.P.
CONCLUSIONS – Strong demand for business use of mobile devices – Multiple security risks – Need to enable enterprise applications – Solutions available – No solution is perfect! 11 © Copyright 2010 Hewlett-Packard Development Company, L.P. 11
thank you paul.schwarzenberger@hp.com 07968 542371 ©2011 Copyright 2010 Hewlett-Packard Development The information 12 © Hewlett-Packard Development Company, L.P. Company, L.P. contained herein is subject to change without notice

Empfohlen

Mobile Security 101
Mobile Security 101Mobile Security 101
Mobile Security 101
Lookout
 
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM USUdløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
IBM Danmark
 
Mobile – Adoption and Adaption in 2012
Mobile – Adoption and Adaption in 2012Mobile – Adoption and Adaption in 2012
Mobile – Adoption and Adaption in 2012
Global Business Events - the Heart of your Network.
 
Dark Clouds and Rainy Days, the Bad Side of Cloud Computing
Dark Clouds and Rainy Days, the Bad Side of Cloud ComputingDark Clouds and Rainy Days, the Bad Side of Cloud Computing
Dark Clouds and Rainy Days, the Bad Side of Cloud Computing
David Rogers
 
Mobile Security
Mobile SecurityMobile Security
Mobile Security
Kevin Lee
 
Palo Alto Networks Soc Ent Okt2009
Palo Alto Networks Soc Ent Okt2009Palo Alto Networks Soc Ent Okt2009
Palo Alto Networks Soc Ent Okt2009
Zernike College
 
Presentatie mc afee emm 2011
Presentatie mc afee emm 2011Presentatie mc afee emm 2011
Presentatie mc afee emm 2011
SecutecGroup Baudewijns
 
Smart phone and mobile device security
Smart phone and mobile device securitySmart phone and mobile device security
Smart phone and mobile device security
CAS
 

Empfohlen

Mobile Security 101
Mobile Security 101Mobile Security 101
Mobile Security 101
Lookout
 
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM USUdløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
IBM Danmark
 
Mobile – Adoption and Adaption in 2012
Mobile – Adoption and Adaption in 2012Mobile – Adoption and Adaption in 2012
Mobile – Adoption and Adaption in 2012
Global Business Events - the Heart of your Network.
 
Dark Clouds and Rainy Days, the Bad Side of Cloud Computing
Dark Clouds and Rainy Days, the Bad Side of Cloud ComputingDark Clouds and Rainy Days, the Bad Side of Cloud Computing
Dark Clouds and Rainy Days, the Bad Side of Cloud Computing
David Rogers
 
Mobile Security
Mobile SecurityMobile Security
Mobile Security
Kevin Lee
 
Palo Alto Networks Soc Ent Okt2009
Palo Alto Networks Soc Ent Okt2009Palo Alto Networks Soc Ent Okt2009
Palo Alto Networks Soc Ent Okt2009
Zernike College
 
Presentatie mc afee emm 2011
Presentatie mc afee emm 2011Presentatie mc afee emm 2011
Presentatie mc afee emm 2011
SecutecGroup Baudewijns
 
Smart phone and mobile device security
Smart phone and mobile device securitySmart phone and mobile device security
Smart phone and mobile device security
CAS
 
Mobile security
Mobile securityMobile security
Mobile security
home
 
How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012
hemantchaskar
 
Zenprise ctia 10-11-2011_v02
Zenprise ctia 10-11-2011_v02Zenprise ctia 10-11-2011_v02
Zenprise ctia 10-11-2011_v02
Shafaq Abdullah
 
Zenprise ctia 10-11-2011_v02
Zenprise ctia 10-11-2011_v02Zenprise ctia 10-11-2011_v02
Zenprise ctia 10-11-2011_v02
Shafaq Abdullah
 
Challenges of today's wi fi hotspots and airegis solution
Challenges of today's wi fi hotspots and airegis solutionChallenges of today's wi fi hotspots and airegis solution
Challenges of today's wi fi hotspots and airegis solution
(((Airegis )))
 
Designing Secure Mobile Apps
Designing Secure Mobile AppsDesigning Secure Mobile Apps
Designing Secure Mobile Apps
Denim Group
 
BYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO'sBYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO's
Patrick Angel - MBA, CISSP(c) CISM(c) CRISC(c) CISA(c)
 
Shmoocon 2010 - The Monkey Steals the Berries
Shmoocon 2010 - The Monkey Steals the BerriesShmoocon 2010 - The Monkey Steals the Berries
Shmoocon 2010 - The Monkey Steals the Berries
Tyler Shields
 
Are Mobile Banking Apps Safe?
Are Mobile Banking Apps Safe?Are Mobile Banking Apps Safe?
Are Mobile Banking Apps Safe?
VISTA InfoSec
 
Android App
Android AppAndroid App
Android App
OnlineUser4
 
Onboarding in the IoT
Onboarding in the IoTOnboarding in the IoT
Onboarding in the IoT
Paul Madsen
 
(Pdf) yury chemerkin hackfest.ca_2013
(Pdf) yury chemerkin hackfest.ca_2013(Pdf) yury chemerkin hackfest.ca_2013
(Pdf) yury chemerkin hackfest.ca_2013
STO STRATEGY
 
Debashis banerjee mobile_webappintrosecurity
Debashis banerjee mobile_webappintrosecurityDebashis banerjee mobile_webappintrosecurity
Debashis banerjee mobile_webappintrosecurity
debashisb
 
(Pptx) yury chemerkin hacker_halted_2013
(Pptx) yury chemerkin hacker_halted_2013(Pptx) yury chemerkin hacker_halted_2013
(Pptx) yury chemerkin hacker_halted_2013
STO STRATEGY
 
Glimmerglass CyberSweep
Glimmerglass CyberSweepGlimmerglass CyberSweep
Glimmerglass CyberSweep
Scott Rickard
 
(Pdf) yury chemerkin intelligence_sec_2013
(Pdf) yury chemerkin intelligence_sec_2013(Pdf) yury chemerkin intelligence_sec_2013
(Pdf) yury chemerkin intelligence_sec_2013
STO STRATEGY
 
Marketing Plan For an Android App
Marketing Plan For an Android AppMarketing Plan For an Android App
Marketing Plan For an Android App
RAMAN PREET SINGH KHERA
 
Mobile application platforms - Introduction
Mobile application platforms - IntroductionMobile application platforms - Introduction
Mobile application platforms - Introduction
MobileMonday Switzerland
 
2011 Sales Presentation V6
2011 Sales Presentation V62011 Sales Presentation V6
2011 Sales Presentation V6
tina_williams
 
Styr mobile enheder med Mobile Device Management, Martin Vittrup, IBM
Styr mobile enheder med Mobile Device Management, Martin Vittrup, IBMStyr mobile enheder med Mobile Device Management, Martin Vittrup, IBM
Styr mobile enheder med Mobile Device Management, Martin Vittrup, IBM
IBM Danmark
 
Authentication Systems in Internet of Things
Authentication Systems in Internet of ThingsAuthentication Systems in Internet of Things
Authentication Systems in Internet of Things
Eswar Publications
 
Prior Authorization for Dermatology Practices (Sun Knowledge)
Prior Authorization for Dermatology Practices (Sun Knowledge)Prior Authorization for Dermatology Practices (Sun Knowledge)
Prior Authorization for Dermatology Practices (Sun Knowledge)
Saikat Mukherjee
 

Weitere ähnliche Inhalte

Was ist angesagt?

Mobile security
Mobile securityMobile security
Mobile security
home
 
Zenprise ctia 10-11-2011_v02
Zenprise ctia 10-11-2011_v02Zenprise ctia 10-11-2011_v02
Zenprise ctia 10-11-2011_v02
Shafaq Abdullah
 
Challenges of today's wi fi hotspots and airegis solution
Challenges of today's wi fi hotspots and airegis solutionChallenges of today's wi fi hotspots and airegis solution
Challenges of today's wi fi hotspots and airegis solution
(((Airegis )))
 
Shmoocon 2010 - The Monkey Steals the Berries
Shmoocon 2010 - The Monkey Steals the BerriesShmoocon 2010 - The Monkey Steals the Berries
Shmoocon 2010 - The Monkey Steals the Berries
Tyler Shields
 
Are Mobile Banking Apps Safe?
Are Mobile Banking Apps Safe?Are Mobile Banking Apps Safe?
Are Mobile Banking Apps Safe?
VISTA InfoSec
 
(Pdf) yury chemerkin hackfest.ca_2013
(Pdf) yury chemerkin hackfest.ca_2013(Pdf) yury chemerkin hackfest.ca_2013
(Pdf) yury chemerkin hackfest.ca_2013
STO STRATEGY
 
Debashis banerjee mobile_webappintrosecurity
Debashis banerjee mobile_webappintrosecurityDebashis banerjee mobile_webappintrosecurity
Debashis banerjee mobile_webappintrosecurity
debashisb
 
(Pptx) yury chemerkin hacker_halted_2013
(Pptx) yury chemerkin hacker_halted_2013(Pptx) yury chemerkin hacker_halted_2013
(Pptx) yury chemerkin hacker_halted_2013
STO STRATEGY
 
Glimmerglass CyberSweep
Glimmerglass CyberSweepGlimmerglass CyberSweep
Glimmerglass CyberSweep
Scott Rickard
 
(Pdf) yury chemerkin intelligence_sec_2013
(Pdf) yury chemerkin intelligence_sec_2013(Pdf) yury chemerkin intelligence_sec_2013
(Pdf) yury chemerkin intelligence_sec_2013
STO STRATEGY
 
2011 Sales Presentation V6
2011 Sales Presentation V62011 Sales Presentation V6
2011 Sales Presentation V6
tina_williams
 

Was ist angesagt? (20)

Mobile security
Mobile securityMobile security
Mobile security
 
How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012
 
Zenprise ctia 10-11-2011_v02
Zenprise ctia 10-11-2011_v02Zenprise ctia 10-11-2011_v02
Zenprise ctia 10-11-2011_v02
 
Zenprise ctia 10-11-2011_v02
Zenprise ctia 10-11-2011_v02Zenprise ctia 10-11-2011_v02
Zenprise ctia 10-11-2011_v02
 
Challenges of today's wi fi hotspots and airegis solution
Challenges of today's wi fi hotspots and airegis solutionChallenges of today's wi fi hotspots and airegis solution
Challenges of today's wi fi hotspots and airegis solution
 
Designing Secure Mobile Apps
Designing Secure Mobile AppsDesigning Secure Mobile Apps
Designing Secure Mobile Apps
 
BYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO'sBYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO's
 
Shmoocon 2010 - The Monkey Steals the Berries
Shmoocon 2010 - The Monkey Steals the BerriesShmoocon 2010 - The Monkey Steals the Berries
Shmoocon 2010 - The Monkey Steals the Berries
 
Are Mobile Banking Apps Safe?
Are Mobile Banking Apps Safe?Are Mobile Banking Apps Safe?
Are Mobile Banking Apps Safe?
 
Android App
Android AppAndroid App
Android App
 
Onboarding in the IoT
Onboarding in the IoTOnboarding in the IoT
Onboarding in the IoT
 
(Pdf) yury chemerkin hackfest.ca_2013
(Pdf) yury chemerkin hackfest.ca_2013(Pdf) yury chemerkin hackfest.ca_2013
(Pdf) yury chemerkin hackfest.ca_2013
 
Debashis banerjee mobile_webappintrosecurity
Debashis banerjee mobile_webappintrosecurityDebashis banerjee mobile_webappintrosecurity
Debashis banerjee mobile_webappintrosecurity
 
(Pptx) yury chemerkin hacker_halted_2013
(Pptx) yury chemerkin hacker_halted_2013(Pptx) yury chemerkin hacker_halted_2013
(Pptx) yury chemerkin hacker_halted_2013
 
Glimmerglass CyberSweep
Glimmerglass CyberSweepGlimmerglass CyberSweep
Glimmerglass CyberSweep
 
(Pdf) yury chemerkin intelligence_sec_2013
(Pdf) yury chemerkin intelligence_sec_2013(Pdf) yury chemerkin intelligence_sec_2013
(Pdf) yury chemerkin intelligence_sec_2013
 
Marketing Plan For an Android App
Marketing Plan For an Android AppMarketing Plan For an Android App
Marketing Plan For an Android App
 
Mobile application platforms - Introduction
Mobile application platforms - IntroductionMobile application platforms - Introduction
Mobile application platforms - Introduction
 
2011 Sales Presentation V6
2011 Sales Presentation V62011 Sales Presentation V6
2011 Sales Presentation V6
 
Styr mobile enheder med Mobile Device Management, Martin Vittrup, IBM
Styr mobile enheder med Mobile Device Management, Martin Vittrup, IBMStyr mobile enheder med Mobile Device Management, Martin Vittrup, IBM
Styr mobile enheder med Mobile Device Management, Martin Vittrup, IBM
 

Andere mochten auch

Prior Authorization for Dermatology Practices (Sun Knowledge)
Prior Authorization for Dermatology Practices (Sun Knowledge)Prior Authorization for Dermatology Practices (Sun Knowledge)
Prior Authorization for Dermatology Practices (Sun Knowledge)
Saikat Mukherjee
 
ICAM - Demo Architecture review
ICAM - Demo Architecture reviewICAM - Demo Architecture review
ICAM - Demo Architecture review
Ramesh Nagappan
 
Updating Security Operations For The Cloud
Updating Security Operations For The CloudUpdating Security Operations For The Cloud
Updating Security Operations For The Cloud
Mark Nunnikhoven
 
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
Ramesh Nagappan
 
APPNATION IV - The State of Security in the Mobile Enterprise - Cesare Garlati
APPNATION IV - The State of Security in the Mobile Enterprise - Cesare GarlatiAPPNATION IV - The State of Security in the Mobile Enterprise - Cesare Garlati
APPNATION IV - The State of Security in the Mobile Enterprise - Cesare Garlati
Masha Geller
 
Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise" Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise"
mycroftinc
 
Energy Optimized Link Selection Algorithm for Mobile Cloud Computing
Energy Optimized Link Selection Algorithm for Mobile Cloud ComputingEnergy Optimized Link Selection Algorithm for Mobile Cloud Computing
Energy Optimized Link Selection Algorithm for Mobile Cloud Computing
Eswar Publications
 
Design thinking class thadeu rodrigues
Design thinking class thadeu rodriguesDesign thinking class thadeu rodrigues
Design thinking class thadeu rodrigues
Thadeu Rodrigues
 

Andere mochten auch (18)

Authentication Systems in Internet of Things
Authentication Systems in Internet of ThingsAuthentication Systems in Internet of Things
Authentication Systems in Internet of Things
 
Prior Authorization for Dermatology Practices (Sun Knowledge)
Prior Authorization for Dermatology Practices (Sun Knowledge)Prior Authorization for Dermatology Practices (Sun Knowledge)
Prior Authorization for Dermatology Practices (Sun Knowledge)
 
Exam II Review Session Information Security 365/765
Exam II Review Session Information Security 365/765Exam II Review Session Information Security 365/765
Exam II Review Session Information Security 365/765
 
Disseminating Traffic Information in Vehicular Networks
Disseminating Traffic Information in Vehicular NetworksDisseminating Traffic Information in Vehicular Networks
Disseminating Traffic Information in Vehicular Networks
 
Security and Authentication at a Low Cost
Security and Authentication at a Low CostSecurity and Authentication at a Low Cost
Security and Authentication at a Low Cost
 
ICAM - Demo Architecture review
ICAM - Demo Architecture reviewICAM - Demo Architecture review
ICAM - Demo Architecture review
 
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and Ideas
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and IdeasBlack Hat USA 2015: A Visual Snapshot of Security Threats, Trends and Ideas
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and Ideas
 
Updating Security Operations For The Cloud
Updating Security Operations For The CloudUpdating Security Operations For The Cloud
Updating Security Operations For The Cloud
 
Mobile Two Factor Authentication
Mobile Two Factor AuthenticationMobile Two Factor Authentication
Mobile Two Factor Authentication
 
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
 
2014 IEEE DOTNET MOBILE COMPUTING PROJECT A qos-oriented-distributed-routing-...
2014 IEEE DOTNET MOBILE COMPUTING PROJECT A qos-oriented-distributed-routing-...2014 IEEE DOTNET MOBILE COMPUTING PROJECT A qos-oriented-distributed-routing-...
2014 IEEE DOTNET MOBILE COMPUTING PROJECT A qos-oriented-distributed-routing-...
 
APPNATION IV - The State of Security in the Mobile Enterprise - Cesare Garlati
APPNATION IV - The State of Security in the Mobile Enterprise - Cesare GarlatiAPPNATION IV - The State of Security in the Mobile Enterprise - Cesare Garlati
APPNATION IV - The State of Security in the Mobile Enterprise - Cesare Garlati
 
Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise" Multi-Factor Authentication - "Moving Towards the Enterprise"
Multi-Factor Authentication - "Moving Towards the Enterprise"
 
Energy Optimized Link Selection Algorithm for Mobile Cloud Computing
Energy Optimized Link Selection Algorithm for Mobile Cloud ComputingEnergy Optimized Link Selection Algorithm for Mobile Cloud Computing
Energy Optimized Link Selection Algorithm for Mobile Cloud Computing
 
Authentication protocols based on zero knowledge proof (Part 2 - Brief talk)
Authentication protocols based on zero knowledge proof (Part 2 - Brief talk)Authentication protocols based on zero knowledge proof (Part 2 - Brief talk)
Authentication protocols based on zero knowledge proof (Part 2 - Brief talk)
 
Design thinking class thadeu rodrigues
Design thinking class thadeu rodriguesDesign thinking class thadeu rodrigues
Design thinking class thadeu rodrigues
 
2FA, WTF? - Phil Nash - Codemotion Amsterdam 2016
2FA, WTF? - Phil Nash - Codemotion Amsterdam 20162FA, WTF? - Phil Nash - Codemotion Amsterdam 2016
2FA, WTF? - Phil Nash - Codemotion Amsterdam 2016
 
Using Security to Build with Confidence in AWS - Trend Micro
Using Security to Build with Confidence in AWS - Trend Micro Using Security to Build with Confidence in AWS - Trend Micro
Using Security to Build with Confidence in AWS - Trend Micro
 

Ähnlich wie Enterprise Mobile Security

Palo alto safe application enablement
Palo alto safe application enablementPalo alto safe application enablement
Palo alto safe application enablement
responsedatacomms
 
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Security
 
Palo alto networks_customer_overview_november2011-short
Palo alto networks_customer_overview_november2011-shortPalo alto networks_customer_overview_november2011-short
Palo alto networks_customer_overview_november2011-short
Ten Sistemas e Redes
 
Securing Mobile Apps: New Approaches for the BYOD World
Securing Mobile Apps: New Approaches for the BYOD WorldSecuring Mobile Apps: New Approaches for the BYOD World
Securing Mobile Apps: New Approaches for the BYOD World
Apperian
 
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
IBM Security
 
Federal Grade Security with Mocana
Federal Grade Security with MocanaFederal Grade Security with Mocana
Federal Grade Security with Mocana
Apperian
 
Udi and juniper networks BYOD
Udi and juniper networks BYODUdi and juniper networks BYOD
Udi and juniper networks BYOD
stefriche0199
 
IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...
IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...
IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...
AIP Foundation
 

Ähnlich wie Enterprise Mobile Security (20)

Palo alto safe application enablement
Palo alto safe application enablementPalo alto safe application enablement
Palo alto safe application enablement
 
Zabezpečení mobilních zařízení ve firemním prostředí
Zabezpečení mobilních zařízení ve firemním prostředíZabezpečení mobilních zařízení ve firemním prostředí
Zabezpečení mobilních zařízení ve firemním prostředí
 
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
 
Developing Secure Mobile Applications
Developing Secure Mobile ApplicationsDeveloping Secure Mobile Applications
Developing Secure Mobile Applications
 
Android Camp 2011 @ Silicon India
Android Camp 2011 @ Silicon IndiaAndroid Camp 2011 @ Silicon India
Android Camp 2011 @ Silicon India
 
Adaptive Trust for Strong Network Security
Adaptive Trust for Strong Network SecurityAdaptive Trust for Strong Network Security
Adaptive Trust for Strong Network Security
 
Mobile Payments: Protecting Apps and Data from Emerging Risks
Mobile Payments: Protecting Apps and Data from Emerging RisksMobile Payments: Protecting Apps and Data from Emerging Risks
Mobile Payments: Protecting Apps and Data from Emerging Risks
 
Palo alto networks_customer_overview_november2011-short
Palo alto networks_customer_overview_november2011-shortPalo alto networks_customer_overview_november2011-short
Palo alto networks_customer_overview_november2011-short
 
Protecting Data on Laptops
Protecting Data on LaptopsProtecting Data on Laptops
Protecting Data on Laptops
 
Securing Mobile Apps: New Approaches for the BYOD World
Securing Mobile Apps: New Approaches for the BYOD WorldSecuring Mobile Apps: New Approaches for the BYOD World
Securing Mobile Apps: New Approaches for the BYOD World
 
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
 
Symantec Advances Enterprise Mobility Strategy
Symantec Advances Enterprise Mobility StrategySymantec Advances Enterprise Mobility Strategy
Symantec Advances Enterprise Mobility Strategy
 
Securing Salesforce Mobile SDK Apps with Good Dynamics
Securing Salesforce Mobile SDK Apps with Good DynamicsSecuring Salesforce Mobile SDK Apps with Good Dynamics
Securing Salesforce Mobile SDK Apps with Good Dynamics
 
Top Seven Risks of Enterprise Mobility - How to protect your business
Top Seven Risks of Enterprise Mobility - How to protect your businessTop Seven Risks of Enterprise Mobility - How to protect your business
Top Seven Risks of Enterprise Mobility - How to protect your business
 
Evaluate Top Seven Risks of Enterprise Mobility
Evaluate Top Seven Risks of Enterprise MobilityEvaluate Top Seven Risks of Enterprise Mobility
Evaluate Top Seven Risks of Enterprise Mobility
 
Federal Grade Security with Mocana
Federal Grade Security with MocanaFederal Grade Security with Mocana
Federal Grade Security with Mocana
 
Udi and juniper networks BYOD
Udi and juniper networks BYODUdi and juniper networks BYOD
Udi and juniper networks BYOD
 
Securing the Enterprise Mobile Perimeter
Securing the Enterprise Mobile PerimeterSecuring the Enterprise Mobile Perimeter
Securing the Enterprise Mobile Perimeter
 
Pulse 2013 Mobile Build and Connect presentation
Pulse 2013 Mobile Build and Connect presentationPulse 2013 Mobile Build and Connect presentation
Pulse 2013 Mobile Build and Connect presentation
 
IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...
IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...
IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...
 

Kürzlich hochgeladen

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 

Kürzlich hochgeladen (20)

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 

Enterprise Mobile Security

  • 1. Enterprise Mobile Security HP Enterprise Security Services Paul Schwarzenberger MSc, M.Inst.ISP, CISSP, CLAS 1 ©2011 Copyright 2010 Hewlett-Packard Development The information © Hewlett-Packard Development Company, L.P. Company, L.P. contained herein is subject to change without notice
  • 2. ENTERPRISE MOBILE SECURITY – Senior executives want to use iPhones, iPads, Androids and other mobile devices to access corporate data – New business requirements for tablets, e.g. retail, medical – Consumerisation / BYOD – expand mobile workforce cost effectively What are the risks? What security can be applied? How to securely enable apps? 2 © Copyright 2010 Hewlett-Packard Development Company, L.P.
  • 3. SECURITY RISKS – Malware / malicious apps Fake Netflix analysis by Symantec, October 2011 – No (or poorly implemented) encryption – Jailbroken operating systems – SMS – Data loss – corporate / personal emails – Data loss – email attachments / Dropbox – Sync and backup – to home PC and iCloud – Malicious, compromised, or inappropriate web sites 3 © Copyright 2010 Hewlett-Packard Development Company, L.P.
  • 4. MOBILE MALWARE - CUMULATIVE The continued growth of mobile phone adoption globally is driving growth in the mobile malware sector. While malware targeting the Symbian platform is still the most prevalent, there has been a sea change in top targets in 2011. In Q3 nearly all of the malware samples discovered by McAfee Labs targeted the newer and more popular (now) Android platform. Others 1400 1200 Java ME 8% 1000 9% 800 Symbian 600 3rd Ed. 400 200 11% Symbian 0 Android 56% 16% Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 09 09 09 09 10 10 10 10 11 11 11 iOS – two viruses detected to date, both only effective against jailbroken devices 4 © Copyright 2010 Hewlett-Packard Development Company, L.P. data from McAfee
  • 5. APP REQUIREMENTS – Personal /corporate apps – Public / in-house apps – Blacklist, Whitelist apps – Prevent data leakage – Secure connectivity – Authentication 5 © Copyright 2010 Hewlett-Packard Development Company, L.P.
  • 6. ENTERPRISE MOBILE SECURITY MODEL Enable Applications • e-mail, calendar and contacts • Business applications Sandbox • Protect corporate data • Control Interaction with host Enforce Mobile Security • Device Password • Encryption • Whitelist or blacklist Apps • Connection methods • Block jailbroken devices • Remote wipe mobile device with • Control synchronisation optional security app • Mobile Anti-Virus e-mail and • Personal Firewall business application servers Device Management • Monitor and audit • Reporting and alerts • Remote unlock 6 © Copyright 2010 Hewlett-Packard Development Company, L.P.
  • 7. ENTERPRISE MOBILE SECURITY - COMPONENTS – Mobile Device Management (Secure Container / Whole Device) – Anti-Malware – Secure Connectivity – Application control – VPN – Certificates – Data Loss Prevention – URL filtering 7 © Copyright 2010 Hewlett-Packard Development Company, L.P.
  • 8. EXAMPLE: UK POLICE MOBILE DATA – Balfour Beatty Workplace – Mobile data workflow and information – Police outsource contract – Police / UK Government security standards – Ease of use – “invisible” security – Solution: SSL VPN / lockdown / certificate 8 © Copyright 2010 Hewlett-Packard Development Company, L.P.
  • 9. EXAMPLE: IPAD APPLICATION ACCESS 9 © Copyright 2010 Hewlett-Packard Development Company, L.P.
  • 10. EXAMPLE: ANDROID MALWARE PROTECTION – Mobile Device Management – Anti-Malware Client – App Inventory – App Control Policies • Disallow malware • Require Anti-Malware client 10 © Copyright 2010 Hewlett-Packard Development Company, L.P.
  • 11. CONCLUSIONS – Strong demand for business use of mobile devices – Multiple security risks – Need to enable enterprise applications – Solutions available – No solution is perfect! 11 © Copyright 2010 Hewlett-Packard Development Company, L.P. 11
  • 12. thank you paul.schwarzenberger@hp.com 07968 542371 ©2011 Copyright 2010 Hewlett-Packard Development The information 12 © Hewlett-Packard Development Company, L.P. Company, L.P. contained herein is subject to change without notice