1

ZIXCORPThe BYOD Tug-of-War:Security versus Privacy

Neil FarquharsonJanuary, 2015

Founded in 1998 as an email encryption company

More than 11,000 active customers including:

Six divisions of the U.S. Treasury All of the FFIEC U.S. federal financial

regulators (incl. FDIC and OCC) The U.S. Securities and Exchange

Commission 24 U.S. state financial regulators More than 2,000 U.S. financial institutions 25% of all banks in the U.S. 20% of all hospitals in the U.S. 32 Blue Cross Blue Shield organizations

ABOUT ZIXCORP

2

3

BYOD REQUIRES…

4

MDMMobile Device Management

MAMMobile Application

Management

MCMMobile Content Management

EMMEnterprise Mobility

Management=

Advantageso Device inventory and management capabilitieso Access to multiple platforms from personal or

corporate deviceso Secure access to corporate datao Support for a wide range of wireless vendors

and operating systemso Some data protection with wiping capabilities

MOBILE DEVICE MANAGEMENT (MDM)

5

PROLIFERATION OF MDM VENDORS

6

7

MDMCOMPARISON

Source: MOBIwm.com

HUNDREDS OF APPLICATIONS

8

MOST POPULAR MOBILE BUSINESS APPSEMAIL, CALENDAR AND CONTACTS

9

Source: BYOD and Mobile Security Report, 2014, Holger Schulze, Information Security Community on LinkedIn

Survey results indicate45% of respondents report that within the

previous 12 months, one or more employees lost a mobile device containing company data

InformationWeek’s 2014 Mobile Security Report

3.1 Million smartphones were stolen

in the USA during 2013 - sixty per minute Consumer Reports’ Annual State of the Net survey, 2014

72% of respondents say their top mobile security concern is data loss from lost or stolen

devices InformationWeek’s 2014 Mobile Security Report

10

MARKET RESPONSE TO BYOD

MOBILE DEVICE USERS’ FRUSTRATION

11

“In their quest to do their jobs, mobile device users are offered comparatively sophisticated communications platforms that they're often untrained to effectively use, control, and make productive.

- Tom Henderson, IT World

ADDING TO BYOD CHALLENGES

12

MOBILE SECURITY

Trust the Platform orContainer

Trust the Viewer

Trust Nothing

Trust the App

Example:EMM

Example:Email Streaming

Example:Virtual

Example:App Wrapper

Security by Management Security by AbstractionSecurity by Isolation

13

From Gartner Spectrum of Trust for Mobile Enterprise Design, published April 4, 2014

14

TYPICAL MDM SOLUTIONEMAILS ARE RETAINED IN PERMANENT MEMORY

ZIXONE SOLUTIONEMAILS ARE VIEWED ONLY

15

ACCESSIBLE JAILBREAKING SOFTWARE

16

17

MDM SECURITY DISASTEROFFLINE PREVENTS WIPE

Mail Server ZixOne

18

ZIXONEA COMPLETELY NEW PHILOSOPHY

ZixONE app that delivers a view of corporate email, calendar and contacts on mobile devices

ZixONE server connects to Exchange or Office365

Efficient, secure protocols deliver information quickly

19

Advantageso Device inventory and management capabilitieso Access to multiple platforms from personal or corporate

deviceso Some data protection with wiping capabilities

Disadvantageso Leaves data on the device – exposes offline weaknesso Loss of employee control and privacyo Employee acceptance issueso Corporate liability

SUMMARY

20