Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Mobile Devices in the Enterprise: What IT needs to know
1. Mobile Devices in the Enterprise:
What IT Needs to Know
Ashish Jain
Director, Product Management, VMware
@itickr
2. About VMware
Company Overview
– $3.77 billion in 2011 revenues
– >$4.5 billion in cash and equivalents
– ~12,000 employees worldwide
– 5th largest infrastructure software
company in the world
Proven in the Trenches
– 300,000+ VMware customers
– 100% of Fortune 100
– 100% of Fortune Global 100
– 99% of Fortune 1000
– 97% of Fortune Global 500
Partner Network
– 2,200+ Technology & Consulting Partners
– 25,000 Channel Partners
– 59,000 VMware Certified Professionals
10. Challenges
Joint ownership: Who owns the device? Liability ?
Privacy: Does IT gets to monitor all activity?
Lost Device: What happens if lose the device? Or I
sell?
Job change: What happens when I leave the
company? Can IT wipe everything?
Data Leakage: I copy data locally? USB drive?
Malicious apps?
Cost: Does it cost more to support BYOD?
…
11. IT Response
“If you access business resources from a device,
you give us the right to manage, lock and even
wipe that device, even if you end up losing
personal data and apps as a result”
13. Solutions
Data Loss Prevention (DLP)
Mobile Device Management (MDM)
Mobile App Management (MAM)
14. Data Loss Prevention (DLP)
Text analysis, Metatagging, monitoring, blocking
via Gateway server, or native mobile app or
baking content management into apps
17. iOS
src - http://blog.amadeusconsulting.com/wp-content/uploads/2012/05/audiobooksiosdistribution.png
Version Release %
Date
iOS 3.x June, 2009 1%
iOS 4.x June 2010 15%
iOS 5.x June 2011 83%
18. Android’s Fragmentation Issue
Version Name Release %
Date
2.2 Froyo May 2010 17.3%
2.3.x Gingerbread Dec 2010 64%
3.X Honeycomb Feb 2011 2.4%
4.X Ice Cream Oct 2011 10.9%
Sandwitch
22. SSO Flow (with mobile app)
IdP RP
4
AD AS, RS
SAML
5 3 6
OAuth
2
Mobile
1
App
23. SSO Flow (challenges)
RP
IdP RP
4
AD AS, RS
SAML
5 3 6
OAuth
2
Authentication per Mobile App. No Authn State on Device
No invalidation of access token during AD deprovisioning
No clean up of offline/cached data on device Mobile
1
App
24. SSO Flow (challenges)
IdP RP
4
AD AS, RS
SAML
5 3 6
? 2
OAuth
Native IdP
Mobile
AS 1
App
We are uniquely qualified to support customers’ journey to the new era of IT, given our clear leadership in virtualization – the foundation for cloud computing architectures. Through innovation, and by challenging the status quo, VMware has become central to the IT transformation wave taking place in small to large global enterprises, fueling continual growth and investment in further product development.
We are facing considerable change in this new era:New virtual and cloud sourced infrastructure modelsNew device form factors to support mobility, with enhanced user experiences born from consumer technologyLeading to a new class of mobile and SaaS applicationsSupporting more real-time, collaborative work styles
We are facing considerable change in this new era:New virtual and cloud sourced infrastructure modelsNew device form factors to support mobility, with enhanced user experiences born from consumer technologyLeading to a new class of mobile and SaaS applicationsSupporting more real-time, collaborative work styles