SlideShare ist ein Scribd-Unternehmen logo

Enterprise Mobile Security for PeopleSoft

Hendrix Bodden
Hendrix Bodden
Technologie
1 von 12
Downloaden Sie, um offline zu lesen
Mobile Security for PeopleSoft A Roadmap 1 ©GreyHeller 2012 Enterprise Mobile Security - A Roadmap
Table of Contents Overview…………………………………………………………………………………………… 3 Authentication…………………………………………………………………………………… 4 - 6 Managing Identities on Corporate Systems………………………………………… 7 Controlling Mobile Access to Data & Processes………………………………….. 8 Protecting Application Data Stored on Devices………………………………….. 9 - 10 Device Loss or Theft…………………………………………………………………………… 11 Logging & Auditing…………………………………………………………………………….. 12 2 ©GreyHeller 2012 Enterprise Mobile Security - A Roadmap
Overview The rapid adoption of mobile technologies is both a boon to corporate productivity and end -user engagement and a nightmare as organizations try to keep up with the security/infrastructure requirements. According to Forrester Research, in 2016 350 million employees will use smartphones, 200 million of which will bring their own devices to use against corporate systems. In addition, Forrester Research contends that mobile is the flash point for a much more holistic, far- reaching change. This means that organizations will:  Empower people by focusing on their tasks and context in their moments of decision.  Protect business value by provisioning partners with tools in their daily workflow and context.  Accelerate business decisions by putting data dashboards into executives’ hands  Control smart products from mobile devices and extend the value of products with an app ecosystem. In order to achieve these benefits, organizations must provide mobile access to their systems, data, and processes while managing the security risks inherent in mobile technology:  Security/infrastructure tools to help organizations manage and administer mobile security risks are being developed and perfected  With the advent of Bring Your Own Device (BYOD) in the enterprise, standardizati on on mobile devices is much more problematic than for desktops or laptops  Because mobile devices aggregate personal, business, and collaboration information , security risks are high  Implementing physical security policies with mobile devices is problematic This white paper will examine the risks and solutions for providing mobile access to enterprise systems. We will cover the following topics:  Authenticating users from mobile devices  Managing the user’s identity to corporate systems  Controlling mobile access to data and processes  Protecting application data  Protecting your corporate network  Dealing with the loss or theft of devices  Analyzing system activity 3 ©GreyHeller 2012 Enterprise Mobile Security - A Roadmap
Authentication The first step to using any corporate system is authenticating the user. The authentication process generally involves a user providing identification as well as one or more correct responses to a system authentication challenge. Once the user has been authenticated, the system grants access to its data and business processes based on the user’s identity/role. When looking at the authentication process, organizations should consider the following:  Is there a consistent identity for the user across all applications he/she accesses?  Is there a need to protect against password fatigue?  Is there a need to protect against user id / password theft? Externalizing the authentication process The best way to protect against authentication risks is to externalize the authentication credentials from each application accessed by an end-user. Implementing a common infrastructure for authentication across all corporate systems allows the following:  Provide a single set of credentials that a user can remember for all corporate resources  Provide a single choke-point for shutting down access when a user is terminated  Ensuring that password controls are consistently enforced across all corporate systems Probably the most common means of accomplishing this is to leverage the protocols in place for managing a user’s identity on an organization’s network and using a single signon solution to allow each system to leverage those protocols. These solutions generally leverage Active Directory (LDAP) for the credentials, and GreyHeller’s Single Signon utilize protocols such as NTLM, Kerberos, and WML for securely authenticating users with those credentials. product, used by 50+ organizations to externalize GreyHeller believes this is best practice regardless of whether a user is accessing from a desktop machine or a authentication credentials from mobile device. PeopleSoft, is foundational to our mobile solution, What about authenticating from outside the PeopleMobile™. corporate network? Obviously, one of the most important benefits of mobile access to corporate systems is allowing users to perform tasks regardless of their location. However, allowing users to authenticate remotely raises the following considerations: 1. If you’re leveraging your network for a validating a user’s credentials, how do you authenticate when the user is external to the network? 2. How can you protect against unauthorized use of somebody else’s credentials? 4 ©GreyHeller 2012 Enterprise Mobile Security - A Roadmap
External Network Validation Historically, organizations have utilized VPN (Virtual Private Network) tunneling to allow users to authenticate themselves to networks and access network resources. This technique works well for workstations that need full access to all network resources. However, mobile devices do not access network resources in the same manner as workstations. In addition, VPN clients must be specially installed and configured for use. Therefore, the following techniques are generally used for mobile device authentication:  Web VPN Proxies  Special-purpose Browser / Email client applications It’s important to note that both techniques leverage server-side components that utilize common networking protocols for authentication: NTLM, Kerberos, and WML and can leverage single signon solutions that utilize these protocols. Web VPN Proxies A web VPN proxy allows a user to authenticate through a web browser. The server performs the validation and GreyHeller Single Signon works passes credentials to other systems such as a proxy server. Because the server is configured to communicate with with Web VPN Proxy solutions these other services and manage the process, the device for authentication outside a does not require software to be installed or configured. corporation’s network Common VPN proxies include Microsoft UAG and Cisco Web VPN. Special-purpose Browser/Email client application Another option is to utilize a special-purpose mobile application that isolates access from other resources on the mobile device. These applications have special logic for calling corporate servers for authentication and managing access to corporate resources. The application would authenticate itself to its server component, and the server would grant access to the servers and services that have been configured. Probably the most common solution in this category is Good Technologies’ Enterprise Server. PeopleMobile™ works with the From an authentication perspective, the servers would be leading enterprise configured to leverage common networking protocols, allowing single signon solutions to provide access to those Browser/Email applications systems. 5 ©GreyHeller 2012 Enterprise Mobile Security - A Roadmap
Two Factor Authentication One technique for protecting mobile users from unauthorized use of their credentials is to require additional authentication when accessing information from an insecure location or when accessing sensitive information or processes. For example, it is common practice today for banks to require additional authentication. There are a number of ways that the additional authentication can be implemented:  Prompting for and sending a PIN for the user to enter. PIN can be sent through a number of channels: o SMS message GreyHeller’s ERP Firewall o Telephone Call o Email software product is embedded  Pre-defining a one-time password the user into PeopleMobile™. It enforces can provide two-factor authentication based  Tying access to device identification on location and/or content  Utilizing a token, such as a SecureID token requested. Although this additional validation can be prompted upon initial access to the system, it is best practice to prompt for the additional validation at the point in time when the user is accessing sensitive data or processes. 6 ©GreyHeller 2012 Enterprise Mobile Security - A Roadmap
Managing User Identity on Corporate Systems What does it mean to be a given user on a given system? This is an important question, because the rights and privileges granted to that system are driven by this answer. Organizations typically spend significant time and effort defining, testing, and auditing this access. When looking at the architectures that drive mobile access, organizations must also look at the risks related to managing users’ identities on their corporate systems.  Do users have consistent privileges across With PeopleMobile™ and mobile and non-mobile systems?  How are changes in privileges propagated embedded ERP Firewall, users across mobile and non-mobile systems? have the same identity, rights,  How do organizations prove to auditors that and privileges as non-mobile sufficient controls are enforced across mobile systems without the need for and non-mobile systems? synchronization between mobile As such, organizations must develop a comprehensive and non-mobile systems. strategy for managing the identity of users across mobile and non-mobile systems. 7 ©GreyHeller 2012 Enterprise Mobile Security - A Roadmap
Controlling Mobile Access to Data and Processes In order to realize the benefits of utilizing mobile technologies, organizations, must allow access to the data and systems that drive those processes. This doesn’t mean, however, that organizations should provide unfettered access to all parts of these systems under all conditions. As part of providing remote access to data and processes, organizations should consider the following threats: Lack of oversight of employees How do you protect your organization against unauthorized use utilizing corporate systems by employees when they are remote? Should users have mobile access to transactions such as entering grades or administering payroll? Risks related to compromised How do you protect your organization against remote, system credentials unauthorized external parties using compromised system credentials? Risks related to lost or stolen How do you protect against unauthorized use compromised mobile devices mobile devices that contain system credentials? In order to protect against these threats, organizations should adopt the following techniques: PeopleMobile™ with embedded  Enforcement of location-based control over ERP Firewall meets all access to system content requirements for controlling  Adoption of 2-factor authentication challenges remote access to data and when the access location is questionable and/or processes the content accessed is sensitive  Implementation of user, location, process, and data access logging 8 ©GreyHeller 2012 Enterprise Mobile Security - A Roadmap
Protecting Application Data Stored on Devices As part of utilizing enterprise systems, users access data that is sensitive, confidential, and/or regulated, including:  Financial data PeopleMobile™ protects  HIPPA; FERPA application data by not storing it  SSN on the device. PeopleMobile™  Compensation; benefits controls access to sensitive  Pricing  Supplier Contracts documents. This information is provided and managed on devices in various ways, each of which requires protection: Delivery of Data over networks Implementing and enforcing SSL encryption of all traffic to an organization’s servers Caching of Application Data for Utilizing HTML5 browser-based applications for access to performance purposes or sensitive data. Alternatively, enforcing data encryption for all disconnected access data that is stored on mobile devices. Storing of documents, such as Restricting access to download documents containing sensitive PDF, word, and excel files data. Alternatively, implementing device-level capabilities for remotely wiping or firewalling files on mobile devices 9 ©GreyHeller 2012 Enterprise Mobile Security - A Roadmap
Network Security Mobile devices access corporate systems from the public internet or through corporate wireless networks. As with any computing device, organizations must protect their networks against viruses and other malware that may be resident on mobile devices. Accessing from the public internet Proper implementation of physical and application firewalls protects your internal network and servers. Accessing through WIFI – Guest One technique is to provide WIFI for guest access to mobile Access devices. Mobile devices connecting to this network would only have access to the servers that are firewalled off from the rest of your network. Accessing through WIFI – Internal As with any device connecting to an internal network, Access enforcement of virus and malware protection tools is critical for protecting the network and servers. Supporting Mobile Devices on your internal network It is imperative to define the policy by which you will support these devices connecting to your network, including:  Enforcing use of antivirus software  Not allowing access by rooted devices  Enforcing that updates on devices are consistently applied 10 ©GreyHeller 2012 Enterprise Mobile Security - A Roadmap
Loss or Theft of Device Due to the portability of mobile devices, the loss or theft of a device merits special consideration. In addition to the obvious risks related to corporate use of these devices, there are legal barriers related to a corporation’s allowable actions with an employee -owned device. While it is perfectly acceptable for an organization to wipe the memory of a device it owns, this is not the case in a “br ing your own device” scenario. It is imperative to adopt a comprehensive strategy toward handling of mobile devices: PeopleMobile™ with embedded No access by Usually, this consists of ERP Firewall enables a tiered Employee Owned providing employees with strategy for supporting mobile Devices mobile devices that are device access. completely controlled by the organization Restricted access Organizations can restrict by Employee access to mobile devices by Owned devices location and/or type of device to mitigate risks related to lost or stolen devices. Tiered access by Organizations can grant Employee Owned different levels of security devices depending on whether employees opt-in to allowing the organization to wipe the device of its data. 11 ©GreyHeller 2012 Enterprise Mobile Security - A Roadmap
Logging and auditing Capturing and analyzing system activity is a critical aspect of any mobile security strategy. This includes capturing information about who is accessing what content, from what location, and the data and processes being performed. This allows organizations to: Proactively Analyze all attempts to access system administer system resources, enabling organizations to find and security counter penetration attempts. Analyze system use for patterns that indicate PeopleMobile™ unauthorized use and adherence to policies with embedded Gather information Identify data to support disciplinary action for ERP Firewall needed to take employees action captures all Gather information to support legal information proceedings needed to comply Support Audit and Prove system integrity and adherence to with logging and Controls policies and controls auditing Document and understand scope of breaches requirements. 12 ©GreyHeller 2012 Enterprise Mobile Security - A Roadmap

Empfohlen

International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)International Journal of Engineering Inventions www.ijeijournal.com
 
Entrust Enterprise Authentication
Entrust Enterprise AuthenticationEntrust Enterprise Authentication
Entrust Enterprise AuthenticationEntrust Datacard
 
Managing Passwords for Mobile Users
Managing Passwords for Mobile Users Managing Passwords for Mobile Users
Managing Passwords for Mobile Users Hitachi ID Systems, Inc.
 
From Password Reset to Authentication Management
From Password Reset to Authentication ManagementFrom Password Reset to Authentication Management
From Password Reset to Authentication ManagementHitachi ID Systems, Inc.
 
Entrust Physical & Logical Access Solutions
Entrust Physical & Logical Access SolutionsEntrust Physical & Logical Access Solutions
Entrust Physical & Logical Access SolutionsEntrust Datacard
 
Hitachi ID Group Manager
Hitachi ID Group ManagerHitachi ID Group Manager
Hitachi ID Group ManagerHitachi ID Systems, Inc.
 
Hitachi ID Password Manager Brochure
Hitachi ID Password Manager BrochureHitachi ID Password Manager Brochure
Hitachi ID Password Manager BrochureHitachi ID Systems, Inc.
 
test
testtest
testpixeldemo
 

Empfohlen

International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)International Journal of Engineering Inventions www.ijeijournal.com
 
Entrust Enterprise Authentication
Entrust Enterprise AuthenticationEntrust Enterprise Authentication
Entrust Enterprise AuthenticationEntrust Datacard
 
Managing Passwords for Mobile Users
Managing Passwords for Mobile Users Managing Passwords for Mobile Users
Managing Passwords for Mobile Users Hitachi ID Systems, Inc.
 
From Password Reset to Authentication Management
From Password Reset to Authentication ManagementFrom Password Reset to Authentication Management
From Password Reset to Authentication ManagementHitachi ID Systems, Inc.
 
Entrust Physical & Logical Access Solutions
Entrust Physical & Logical Access SolutionsEntrust Physical & Logical Access Solutions
Entrust Physical & Logical Access SolutionsEntrust Datacard
 
Hitachi ID Group Manager
Hitachi ID Group ManagerHitachi ID Group Manager
Hitachi ID Group ManagerHitachi ID Systems, Inc.
 
Hitachi ID Password Manager Brochure
Hitachi ID Password Manager BrochureHitachi ID Password Manager Brochure
Hitachi ID Password Manager BrochureHitachi ID Systems, Inc.
 
test
testtest
testpixeldemo
 
Florida Dept. of Transportation Success Story
Florida Dept. of Transportation Success StoryFlorida Dept. of Transportation Success Story
Florida Dept. of Transportation Success StoryImprivata
 
5 reasons your iam solution will fail
5 reasons your iam solution will fail5 reasons your iam solution will fail
5 reasons your iam solution will failIBM Security
 
Hitachi ID Password Manager: Enrollment, password reset and password synchron...
Hitachi ID Password Manager: Enrollment, password reset and password synchron...Hitachi ID Password Manager: Enrollment, password reset and password synchron...
Hitachi ID Password Manager: Enrollment, password reset and password synchron...Hitachi ID Systems, Inc.
 
Windows intune
Windows intuneWindows intune
Windows intuneIron Cove Solutions
 
Hitachi ID Password Manager Security Analysis
Hitachi ID Password Manager Security AnalysisHitachi ID Password Manager Security Analysis
Hitachi ID Password Manager Security AnalysisHitachi ID Systems, Inc.
 
2-Factor Authentication for PeopleSoft
2-Factor Authentication for PeopleSoft2-Factor Authentication for PeopleSoft
2-Factor Authentication for PeopleSoftHendrix Bodden
 
Access management
Access managementAccess management
Access managementVenkatesh Jambulingam
 
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...IJCSIS Research Publications
 
Justice Federal Credit Union Success Story
Justice Federal Credit Union Success StoryJustice Federal Credit Union Success Story
Justice Federal Credit Union Success StoryImprivata
 
Intel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT Center
 
2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity RoadmapRaleigh ISSA
 
IBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Sverige
 
Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...
Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...
Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...Hitachi ID Systems, Inc.
 
Hitachi ID Identity Manager: Self-service and automated user provisioning
Hitachi ID Identity Manager: Self-service and automated user provisioningHitachi ID Identity Manager: Self-service and automated user provisioning
Hitachi ID Identity Manager: Self-service and automated user provisioningHitachi ID Systems, Inc.
 
A Better Method of Authentication
A Better Method of AuthenticationA Better Method of Authentication
A Better Method of AuthenticationOsterman Research, Inc.
 
Oracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracleIDM
 
Contextual Authentication
Contextual AuthenticationContextual Authentication
Contextual AuthenticationPortalGuard dba PistolStar, Inc.
 
Secure Your Mobile Enterprise
Secure Your Mobile EnterpriseSecure Your Mobile Enterprise
Secure Your Mobile EnterpriseUnisys Corporation
 
APPNATION IV - The State of Security in the Mobile Enterprise - Cesare Garlati
APPNATION IV - The State of Security in the Mobile Enterprise - Cesare GarlatiAPPNATION IV - The State of Security in the Mobile Enterprise - Cesare Garlati
APPNATION IV - The State of Security in the Mobile Enterprise - Cesare GarlatiMasha Geller
 
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...Maurice Dawson
 
A Business-Driven Approach to Mobile Enterprise Security
A Business-Driven Approach to Mobile Enterprise SecurityA Business-Driven Approach to Mobile Enterprise Security
A Business-Driven Approach to Mobile Enterprise SecurityJuniper Networks
 
Enterprise Mobile Security
Enterprise Mobile SecurityEnterprise Mobile Security
Enterprise Mobile SecurityHP Enterprise Security
 

Weitere ähnliche Inhalte

Was ist angesagt?

Florida Dept. of Transportation Success Story
Florida Dept. of Transportation Success StoryFlorida Dept. of Transportation Success Story
Florida Dept. of Transportation Success StoryImprivata
 
5 reasons your iam solution will fail
5 reasons your iam solution will fail5 reasons your iam solution will fail
5 reasons your iam solution will failIBM Security
 
Hitachi ID Password Manager: Enrollment, password reset and password synchron...
Hitachi ID Password Manager: Enrollment, password reset and password synchron...Hitachi ID Password Manager: Enrollment, password reset and password synchron...
Hitachi ID Password Manager: Enrollment, password reset and password synchron...Hitachi ID Systems, Inc.
 
Hitachi ID Password Manager Security Analysis
Hitachi ID Password Manager Security AnalysisHitachi ID Password Manager Security Analysis
Hitachi ID Password Manager Security AnalysisHitachi ID Systems, Inc.
 
2-Factor Authentication for PeopleSoft
2-Factor Authentication for PeopleSoft2-Factor Authentication for PeopleSoft
2-Factor Authentication for PeopleSoftHendrix Bodden
 
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...IJCSIS Research Publications
 
Justice Federal Credit Union Success Story
Justice Federal Credit Union Success StoryJustice Federal Credit Union Success Story
Justice Federal Credit Union Success StoryImprivata
 
Intel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT Center
 
2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity RoadmapRaleigh ISSA
 
IBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Sverige
 
Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...
Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...
Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...Hitachi ID Systems, Inc.
 
Hitachi ID Identity Manager: Self-service and automated user provisioning
Hitachi ID Identity Manager: Self-service and automated user provisioningHitachi ID Identity Manager: Self-service and automated user provisioning
Hitachi ID Identity Manager: Self-service and automated user provisioningHitachi ID Systems, Inc.
 
Oracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracleIDM
 

Was ist angesagt? (17)

Florida Dept. of Transportation Success Story
Florida Dept. of Transportation Success StoryFlorida Dept. of Transportation Success Story
Florida Dept. of Transportation Success Story
 
5 reasons your iam solution will fail
5 reasons your iam solution will fail5 reasons your iam solution will fail
5 reasons your iam solution will fail
 
Hitachi ID Password Manager: Enrollment, password reset and password synchron...
Hitachi ID Password Manager: Enrollment, password reset and password synchron...Hitachi ID Password Manager: Enrollment, password reset and password synchron...
Hitachi ID Password Manager: Enrollment, password reset and password synchron...
 
Windows intune
Windows intuneWindows intune
Windows intune
 
Hitachi ID Password Manager Security Analysis
Hitachi ID Password Manager Security AnalysisHitachi ID Password Manager Security Analysis
Hitachi ID Password Manager Security Analysis
 
2-Factor Authentication for PeopleSoft
2-Factor Authentication for PeopleSoft2-Factor Authentication for PeopleSoft
2-Factor Authentication for PeopleSoft
 
Access management
Access managementAccess management
Access management
 
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
 
Justice Federal Credit Union Success Story
Justice Federal Credit Union Success StoryJustice Federal Credit Union Success Story
Justice Federal Credit Union Success Story
 
Intel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management JourneyIntel IT's Identity and Access Management Journey
Intel IT's Identity and Access Management Journey
 
2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap2012-01 How to Secure a Cloud Identity Roadmap
2012-01 How to Secure a Cloud Identity Roadmap
 
IBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Security Identity & Access Manager
IBM Security Identity & Access Manager
 
Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...
Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...
Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...
 
Hitachi ID Identity Manager: Self-service and automated user provisioning
Hitachi ID Identity Manager: Self-service and automated user provisioningHitachi ID Identity Manager: Self-service and automated user provisioning
Hitachi ID Identity Manager: Self-service and automated user provisioning
 
A Better Method of Authentication
A Better Method of AuthenticationA Better Method of Authentication
A Better Method of Authentication
 
Oracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcast
 
Contextual Authentication
Contextual AuthenticationContextual Authentication
Contextual Authentication
 

Andere mochten auch

APPNATION IV - The State of Security in the Mobile Enterprise - Cesare Garlati
APPNATION IV - The State of Security in the Mobile Enterprise - Cesare GarlatiAPPNATION IV - The State of Security in the Mobile Enterprise - Cesare Garlati
APPNATION IV - The State of Security in the Mobile Enterprise - Cesare GarlatiMasha Geller
 
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...Maurice Dawson
 
A Business-Driven Approach to Mobile Enterprise Security
A Business-Driven Approach to Mobile Enterprise SecurityA Business-Driven Approach to Mobile Enterprise Security
A Business-Driven Approach to Mobile Enterprise SecurityJuniper Networks
 
Peregrine Guard - An Enterprise Mobile Security Product by i7 Networks
Peregrine Guard - An Enterprise Mobile Security Product by i7 NetworksPeregrine Guard - An Enterprise Mobile Security Product by i7 Networks
Peregrine Guard - An Enterprise Mobile Security Product by i7 NetworksProductNation/iSPIRT
 
Securing the Enterprise Mobile Perimeter
Securing the Enterprise Mobile PerimeterSecuring the Enterprise Mobile Perimeter
Securing the Enterprise Mobile PerimeterBrian Gleeson
 
MOBOCOP Enterprise Mobile Security
MOBOCOP Enterprise Mobile SecurityMOBOCOP Enterprise Mobile Security
MOBOCOP Enterprise Mobile SecurityJason AR
 
Are We There Yet? The Path Towards Securing the Mobile Enterprise
Are We There Yet? The Path Towards Securing the Mobile EnterpriseAre We There Yet? The Path Towards Securing the Mobile Enterprise
Are We There Yet? The Path Towards Securing the Mobile EnterpriseIBM Security
 
Five Trends from Mobile World Congress 2015
Five Trends from Mobile World Congress 2015Five Trends from Mobile World Congress 2015
Five Trends from Mobile World Congress 2015Ogilvy Consulting
 
Enterprise Mobile Security
Enterprise Mobile SecurityEnterprise Mobile Security
Enterprise Mobile Securitytbeckwith
 
Session 4 Enterprise Mobile Security
Session 4 Enterprise Mobile SecuritySession 4 Enterprise Mobile Security
Session 4 Enterprise Mobile SecuritySantosh Satam
 
Best practices for mobile enterprise security and the importance of endpoint ...
Best practices for mobile enterprise security and the importance of endpoint ...Best practices for mobile enterprise security and the importance of endpoint ...
Best practices for mobile enterprise security and the importance of endpoint ...Chris Pepin
 
CIS13: Don't Let Mobile be the Achilles Heel for Your Enterprise Security
CIS13: Don't Let Mobile be the Achilles Heel for Your Enterprise SecurityCIS13: Don't Let Mobile be the Achilles Heel for Your Enterprise Security
CIS13: Don't Let Mobile be the Achilles Heel for Your Enterprise SecurityCloudIDSummit
 
The Future of Enterprise Mobility: Predictions for 2014
The Future of Enterprise Mobility: Predictions for 2014The Future of Enterprise Mobility: Predictions for 2014
The Future of Enterprise Mobility: Predictions for 2014Enterprise Mobile
 
Bad for Enterprise: Attacking BYOD Enterprise Mobile Security Solutions
Bad for Enterprise: Attacking BYOD Enterprise Mobile Security SolutionsBad for Enterprise: Attacking BYOD Enterprise Mobile Security Solutions
Bad for Enterprise: Attacking BYOD Enterprise Mobile Security SolutionsVincent Tan
 

Andere mochten auch (16)

Secure Your Mobile Enterprise
Secure Your Mobile EnterpriseSecure Your Mobile Enterprise
Secure Your Mobile Enterprise
 
APPNATION IV - The State of Security in the Mobile Enterprise - Cesare Garlati
APPNATION IV - The State of Security in the Mobile Enterprise - Cesare GarlatiAPPNATION IV - The State of Security in the Mobile Enterprise - Cesare Garlati
APPNATION IV - The State of Security in the Mobile Enterprise - Cesare Garlati
 
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
 
A Business-Driven Approach to Mobile Enterprise Security
A Business-Driven Approach to Mobile Enterprise SecurityA Business-Driven Approach to Mobile Enterprise Security
A Business-Driven Approach to Mobile Enterprise Security
 
Enterprise Mobile Security
Enterprise Mobile SecurityEnterprise Mobile Security
Enterprise Mobile Security
 
Peregrine Guard - An Enterprise Mobile Security Product by i7 Networks
Peregrine Guard - An Enterprise Mobile Security Product by i7 NetworksPeregrine Guard - An Enterprise Mobile Security Product by i7 Networks
Peregrine Guard - An Enterprise Mobile Security Product by i7 Networks
 
Securing the Enterprise Mobile Perimeter
Securing the Enterprise Mobile PerimeterSecuring the Enterprise Mobile Perimeter
Securing the Enterprise Mobile Perimeter
 
MOBOCOP Enterprise Mobile Security
MOBOCOP Enterprise Mobile SecurityMOBOCOP Enterprise Mobile Security
MOBOCOP Enterprise Mobile Security
 
Are We There Yet? The Path Towards Securing the Mobile Enterprise
Are We There Yet? The Path Towards Securing the Mobile EnterpriseAre We There Yet? The Path Towards Securing the Mobile Enterprise
Are We There Yet? The Path Towards Securing the Mobile Enterprise
 
Five Trends from Mobile World Congress 2015
Five Trends from Mobile World Congress 2015Five Trends from Mobile World Congress 2015
Five Trends from Mobile World Congress 2015
 
Enterprise Mobile Security
Enterprise Mobile SecurityEnterprise Mobile Security
Enterprise Mobile Security
 
Session 4 Enterprise Mobile Security
Session 4 Enterprise Mobile SecuritySession 4 Enterprise Mobile Security
Session 4 Enterprise Mobile Security
 
Best practices for mobile enterprise security and the importance of endpoint ...
Best practices for mobile enterprise security and the importance of endpoint ...Best practices for mobile enterprise security and the importance of endpoint ...
Best practices for mobile enterprise security and the importance of endpoint ...
 
CIS13: Don't Let Mobile be the Achilles Heel for Your Enterprise Security
CIS13: Don't Let Mobile be the Achilles Heel for Your Enterprise SecurityCIS13: Don't Let Mobile be the Achilles Heel for Your Enterprise Security
CIS13: Don't Let Mobile be the Achilles Heel for Your Enterprise Security
 
The Future of Enterprise Mobility: Predictions for 2014
The Future of Enterprise Mobility: Predictions for 2014The Future of Enterprise Mobility: Predictions for 2014
The Future of Enterprise Mobility: Predictions for 2014
 
Bad for Enterprise: Attacking BYOD Enterprise Mobile Security Solutions
Bad for Enterprise: Attacking BYOD Enterprise Mobile Security SolutionsBad for Enterprise: Attacking BYOD Enterprise Mobile Security Solutions
Bad for Enterprise: Attacking BYOD Enterprise Mobile Security Solutions
 

Ähnlich wie Enterprise Mobile Security for PeopleSoft

IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...Entrust Datacard
 
Embracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifyEmbracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifySumana Mehta
 
Duo Platform Edition Overview
Duo Platform Edition OverviewDuo Platform Edition Overview
Duo Platform Edition OverviewNatalie Hewitt
 
Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)Radhakrishnan Govindan
 
Mobile Security for the Enterprise
Mobile Security for the EnterpriseMobile Security for the Enterprise
Mobile Security for the EnterpriseWill Adams
 
Primendi Pilveseminar - Enterprise Mobility suite
Primendi Pilveseminar - Enterprise Mobility suitePrimendi Pilveseminar - Enterprise Mobility suite
Primendi Pilveseminar - Enterprise Mobility suitePrimend
 
R ramya devi cloud computing
R ramya devi cloud computingR ramya devi cloud computing
R ramya devi cloud computingPriyadharshiniVS
 
Authentication_Best_Practices_WP(EN)_web
Authentication_Best_Practices_WP(EN)_webAuthentication_Best_Practices_WP(EN)_web
Authentication_Best_Practices_WP(EN)_webSafeNet
 
“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information securityAhmed Banafa
 
Salesforce DevOps Online Training Institute
Salesforce DevOps Online Training InstituteSalesforce DevOps Online Training Institute
Salesforce DevOps Online Training Instituteeshwarvisualpath
 
Arx brochure - Intellect Design
Arx brochure - Intellect DesignArx brochure - Intellect Design
Arx brochure - Intellect DesignRajat Jain
 
SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015Francisco Anes
 
MMS 2015: What is ems and how to configure it
MMS 2015: What is ems and how to configure itMMS 2015: What is ems and how to configure it
MMS 2015: What is ems and how to configure itPeter Daalmans
 
Mobilize your workforce with secure identity services
Mobilize your workforce with secure identity servicesMobilize your workforce with secure identity services
Mobilize your workforce with secure identity servicesSumana Mehta
 
Entrust IdentityGuard Mobile
Entrust IdentityGuard MobileEntrust IdentityGuard Mobile
Entrust IdentityGuard MobileEntrust Datacard
 
Mobile authentication
Mobile authenticationMobile authentication
Mobile authenticationHai Nguyen
 
Android Based Total Security for System Authentication
Android Based Total Security for System AuthenticationAndroid Based Total Security for System Authentication
Android Based Total Security for System AuthenticationIJERA Editor
 
Mobile Enterprise Application Platform
Mobile Enterprise Application PlatformMobile Enterprise Application Platform
Mobile Enterprise Application PlatformNugroho Gito
 
Remote Access and Dual Authentication for Cloud Storage
Remote Access and Dual Authentication for Cloud StorageRemote Access and Dual Authentication for Cloud Storage
Remote Access and Dual Authentication for Cloud StorageIJMER
 

Ähnlich wie Enterprise Mobile Security for PeopleSoft (20)

IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
 
Embracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifyEmbracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and Centrify
 
Duo Platform Edition Overview
Duo Platform Edition OverviewDuo Platform Edition Overview
Duo Platform Edition Overview
 
Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)
 
Mobile Security for the Enterprise
Mobile Security for the EnterpriseMobile Security for the Enterprise
Mobile Security for the Enterprise
 
Primendi Pilveseminar - Enterprise Mobility suite
Primendi Pilveseminar - Enterprise Mobility suitePrimendi Pilveseminar - Enterprise Mobility suite
Primendi Pilveseminar - Enterprise Mobility suite
 
R ramya devi cloud computing
R ramya devi cloud computingR ramya devi cloud computing
R ramya devi cloud computing
 
Authentication_Best_Practices_WP(EN)_web
Authentication_Best_Practices_WP(EN)_webAuthentication_Best_Practices_WP(EN)_web
Authentication_Best_Practices_WP(EN)_web
 
“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security
 
Salesforce DevOps Online Training Institute
Salesforce DevOps Online Training InstituteSalesforce DevOps Online Training Institute
Salesforce DevOps Online Training Institute
 
Arx brochure - Intellect Design
Arx brochure - Intellect DesignArx brochure - Intellect Design
Arx brochure - Intellect Design
 
Zero trust deck 2020
Zero trust deck 2020Zero trust deck 2020
Zero trust deck 2020
 
SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015
 
MMS 2015: What is ems and how to configure it
MMS 2015: What is ems and how to configure itMMS 2015: What is ems and how to configure it
MMS 2015: What is ems and how to configure it
 
Mobilize your workforce with secure identity services
Mobilize your workforce with secure identity servicesMobilize your workforce with secure identity services
Mobilize your workforce with secure identity services
 
Entrust IdentityGuard Mobile
Entrust IdentityGuard MobileEntrust IdentityGuard Mobile
Entrust IdentityGuard Mobile
 
Mobile authentication
Mobile authenticationMobile authentication
Mobile authentication
 
Android Based Total Security for System Authentication
Android Based Total Security for System AuthenticationAndroid Based Total Security for System Authentication
Android Based Total Security for System Authentication
 
Mobile Enterprise Application Platform
Mobile Enterprise Application PlatformMobile Enterprise Application Platform
Mobile Enterprise Application Platform
 
Remote Access and Dual Authentication for Cloud Storage
Remote Access and Dual Authentication for Cloud StorageRemote Access and Dual Authentication for Cloud Storage
Remote Access and Dual Authentication for Cloud Storage
 

Kürzlich hochgeladen

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 

Kürzlich hochgeladen (20)

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 

Enterprise Mobile Security for PeopleSoft

  • 1. Mobile Security for PeopleSoft A Roadmap 1 ©GreyHeller 2012 Enterprise Mobile Security - A Roadmap
  • 2. Table of Contents Overview…………………………………………………………………………………………… 3 Authentication…………………………………………………………………………………… 4 - 6 Managing Identities on Corporate Systems………………………………………… 7 Controlling Mobile Access to Data & Processes………………………………….. 8 Protecting Application Data Stored on Devices………………………………….. 9 - 10 Device Loss or Theft…………………………………………………………………………… 11 Logging & Auditing…………………………………………………………………………….. 12 2 ©GreyHeller 2012 Enterprise Mobile Security - A Roadmap
  • 3. Overview The rapid adoption of mobile technologies is both a boon to corporate productivity and end -user engagement and a nightmare as organizations try to keep up with the security/infrastructure requirements. According to Forrester Research, in 2016 350 million employees will use smartphones, 200 million of which will bring their own devices to use against corporate systems. In addition, Forrester Research contends that mobile is the flash point for a much more holistic, far- reaching change. This means that organizations will:  Empower people by focusing on their tasks and context in their moments of decision.  Protect business value by provisioning partners with tools in their daily workflow and context.  Accelerate business decisions by putting data dashboards into executives’ hands  Control smart products from mobile devices and extend the value of products with an app ecosystem. In order to achieve these benefits, organizations must provide mobile access to their systems, data, and processes while managing the security risks inherent in mobile technology:  Security/infrastructure tools to help organizations manage and administer mobile security risks are being developed and perfected  With the advent of Bring Your Own Device (BYOD) in the enterprise, standardizati on on mobile devices is much more problematic than for desktops or laptops  Because mobile devices aggregate personal, business, and collaboration information , security risks are high  Implementing physical security policies with mobile devices is problematic This white paper will examine the risks and solutions for providing mobile access to enterprise systems. We will cover the following topics:  Authenticating users from mobile devices  Managing the user’s identity to corporate systems  Controlling mobile access to data and processes  Protecting application data  Protecting your corporate network  Dealing with the loss or theft of devices  Analyzing system activity 3 ©GreyHeller 2012 Enterprise Mobile Security - A Roadmap
  • 4. Authentication The first step to using any corporate system is authenticating the user. The authentication process generally involves a user providing identification as well as one or more correct responses to a system authentication challenge. Once the user has been authenticated, the system grants access to its data and business processes based on the user’s identity/role. When looking at the authentication process, organizations should consider the following:  Is there a consistent identity for the user across all applications he/she accesses?  Is there a need to protect against password fatigue?  Is there a need to protect against user id / password theft? Externalizing the authentication process The best way to protect against authentication risks is to externalize the authentication credentials from each application accessed by an end-user. Implementing a common infrastructure for authentication across all corporate systems allows the following:  Provide a single set of credentials that a user can remember for all corporate resources  Provide a single choke-point for shutting down access when a user is terminated  Ensuring that password controls are consistently enforced across all corporate systems Probably the most common means of accomplishing this is to leverage the protocols in place for managing a user’s identity on an organization’s network and using a single signon solution to allow each system to leverage those protocols. These solutions generally leverage Active Directory (LDAP) for the credentials, and GreyHeller’s Single Signon utilize protocols such as NTLM, Kerberos, and WML for securely authenticating users with those credentials. product, used by 50+ organizations to externalize GreyHeller believes this is best practice regardless of whether a user is accessing from a desktop machine or a authentication credentials from mobile device. PeopleSoft, is foundational to our mobile solution, What about authenticating from outside the PeopleMobile™. corporate network? Obviously, one of the most important benefits of mobile access to corporate systems is allowing users to perform tasks regardless of their location. However, allowing users to authenticate remotely raises the following considerations: 1. If you’re leveraging your network for a validating a user’s credentials, how do you authenticate when the user is external to the network? 2. How can you protect against unauthorized use of somebody else’s credentials? 4 ©GreyHeller 2012 Enterprise Mobile Security - A Roadmap
  • 5. External Network Validation Historically, organizations have utilized VPN (Virtual Private Network) tunneling to allow users to authenticate themselves to networks and access network resources. This technique works well for workstations that need full access to all network resources. However, mobile devices do not access network resources in the same manner as workstations. In addition, VPN clients must be specially installed and configured for use. Therefore, the following techniques are generally used for mobile device authentication:  Web VPN Proxies  Special-purpose Browser / Email client applications It’s important to note that both techniques leverage server-side components that utilize common networking protocols for authentication: NTLM, Kerberos, and WML and can leverage single signon solutions that utilize these protocols. Web VPN Proxies A web VPN proxy allows a user to authenticate through a web browser. The server performs the validation and GreyHeller Single Signon works passes credentials to other systems such as a proxy server. Because the server is configured to communicate with with Web VPN Proxy solutions these other services and manage the process, the device for authentication outside a does not require software to be installed or configured. corporation’s network Common VPN proxies include Microsoft UAG and Cisco Web VPN. Special-purpose Browser/Email client application Another option is to utilize a special-purpose mobile application that isolates access from other resources on the mobile device. These applications have special logic for calling corporate servers for authentication and managing access to corporate resources. The application would authenticate itself to its server component, and the server would grant access to the servers and services that have been configured. Probably the most common solution in this category is Good Technologies’ Enterprise Server. PeopleMobile™ works with the From an authentication perspective, the servers would be leading enterprise configured to leverage common networking protocols, allowing single signon solutions to provide access to those Browser/Email applications systems. 5 ©GreyHeller 2012 Enterprise Mobile Security - A Roadmap
  • 6. Two Factor Authentication One technique for protecting mobile users from unauthorized use of their credentials is to require additional authentication when accessing information from an insecure location or when accessing sensitive information or processes. For example, it is common practice today for banks to require additional authentication. There are a number of ways that the additional authentication can be implemented:  Prompting for and sending a PIN for the user to enter. PIN can be sent through a number of channels: o SMS message GreyHeller’s ERP Firewall o Telephone Call o Email software product is embedded  Pre-defining a one-time password the user into PeopleMobile™. It enforces can provide two-factor authentication based  Tying access to device identification on location and/or content  Utilizing a token, such as a SecureID token requested. Although this additional validation can be prompted upon initial access to the system, it is best practice to prompt for the additional validation at the point in time when the user is accessing sensitive data or processes. 6 ©GreyHeller 2012 Enterprise Mobile Security - A Roadmap
  • 7. Managing User Identity on Corporate Systems What does it mean to be a given user on a given system? This is an important question, because the rights and privileges granted to that system are driven by this answer. Organizations typically spend significant time and effort defining, testing, and auditing this access. When looking at the architectures that drive mobile access, organizations must also look at the risks related to managing users’ identities on their corporate systems.  Do users have consistent privileges across With PeopleMobile™ and mobile and non-mobile systems?  How are changes in privileges propagated embedded ERP Firewall, users across mobile and non-mobile systems? have the same identity, rights,  How do organizations prove to auditors that and privileges as non-mobile sufficient controls are enforced across mobile systems without the need for and non-mobile systems? synchronization between mobile As such, organizations must develop a comprehensive and non-mobile systems. strategy for managing the identity of users across mobile and non-mobile systems. 7 ©GreyHeller 2012 Enterprise Mobile Security - A Roadmap
  • 8. Controlling Mobile Access to Data and Processes In order to realize the benefits of utilizing mobile technologies, organizations, must allow access to the data and systems that drive those processes. This doesn’t mean, however, that organizations should provide unfettered access to all parts of these systems under all conditions. As part of providing remote access to data and processes, organizations should consider the following threats: Lack of oversight of employees How do you protect your organization against unauthorized use utilizing corporate systems by employees when they are remote? Should users have mobile access to transactions such as entering grades or administering payroll? Risks related to compromised How do you protect your organization against remote, system credentials unauthorized external parties using compromised system credentials? Risks related to lost or stolen How do you protect against unauthorized use compromised mobile devices mobile devices that contain system credentials? In order to protect against these threats, organizations should adopt the following techniques: PeopleMobile™ with embedded  Enforcement of location-based control over ERP Firewall meets all access to system content requirements for controlling  Adoption of 2-factor authentication challenges remote access to data and when the access location is questionable and/or processes the content accessed is sensitive  Implementation of user, location, process, and data access logging 8 ©GreyHeller 2012 Enterprise Mobile Security - A Roadmap
  • 9. Protecting Application Data Stored on Devices As part of utilizing enterprise systems, users access data that is sensitive, confidential, and/or regulated, including:  Financial data PeopleMobile™ protects  HIPPA; FERPA application data by not storing it  SSN on the device. PeopleMobile™  Compensation; benefits controls access to sensitive  Pricing  Supplier Contracts documents. This information is provided and managed on devices in various ways, each of which requires protection: Delivery of Data over networks Implementing and enforcing SSL encryption of all traffic to an organization’s servers Caching of Application Data for Utilizing HTML5 browser-based applications for access to performance purposes or sensitive data. Alternatively, enforcing data encryption for all disconnected access data that is stored on mobile devices. Storing of documents, such as Restricting access to download documents containing sensitive PDF, word, and excel files data. Alternatively, implementing device-level capabilities for remotely wiping or firewalling files on mobile devices 9 ©GreyHeller 2012 Enterprise Mobile Security - A Roadmap
  • 10. Network Security Mobile devices access corporate systems from the public internet or through corporate wireless networks. As with any computing device, organizations must protect their networks against viruses and other malware that may be resident on mobile devices. Accessing from the public internet Proper implementation of physical and application firewalls protects your internal network and servers. Accessing through WIFI – Guest One technique is to provide WIFI for guest access to mobile Access devices. Mobile devices connecting to this network would only have access to the servers that are firewalled off from the rest of your network. Accessing through WIFI – Internal As with any device connecting to an internal network, Access enforcement of virus and malware protection tools is critical for protecting the network and servers. Supporting Mobile Devices on your internal network It is imperative to define the policy by which you will support these devices connecting to your network, including:  Enforcing use of antivirus software  Not allowing access by rooted devices  Enforcing that updates on devices are consistently applied 10 ©GreyHeller 2012 Enterprise Mobile Security - A Roadmap
  • 11. Loss or Theft of Device Due to the portability of mobile devices, the loss or theft of a device merits special consideration. In addition to the obvious risks related to corporate use of these devices, there are legal barriers related to a corporation’s allowable actions with an employee -owned device. While it is perfectly acceptable for an organization to wipe the memory of a device it owns, this is not the case in a “br ing your own device” scenario. It is imperative to adopt a comprehensive strategy toward handling of mobile devices: PeopleMobile™ with embedded No access by Usually, this consists of ERP Firewall enables a tiered Employee Owned providing employees with strategy for supporting mobile Devices mobile devices that are device access. completely controlled by the organization Restricted access Organizations can restrict by Employee access to mobile devices by Owned devices location and/or type of device to mitigate risks related to lost or stolen devices. Tiered access by Organizations can grant Employee Owned different levels of security devices depending on whether employees opt-in to allowing the organization to wipe the device of its data. 11 ©GreyHeller 2012 Enterprise Mobile Security - A Roadmap
  • 12. Logging and auditing Capturing and analyzing system activity is a critical aspect of any mobile security strategy. This includes capturing information about who is accessing what content, from what location, and the data and processes being performed. This allows organizations to: Proactively Analyze all attempts to access system administer system resources, enabling organizations to find and security counter penetration attempts. Analyze system use for patterns that indicate PeopleMobile™ unauthorized use and adherence to policies with embedded Gather information Identify data to support disciplinary action for ERP Firewall needed to take employees action captures all Gather information to support legal information proceedings needed to comply Support Audit and Prove system integrity and adherence to with logging and Controls policies and controls auditing Document and understand scope of breaches requirements. 12 ©GreyHeller 2012 Enterprise Mobile Security - A Roadmap