Mobile – Adoption and Adaption in 2012
-
Upload
global-business-events-the-heart-of-your-network -
Category
Technology
-
view
594 -
download
0
description
Transcript of Mobile – Adoption and Adaption in 2012
Greg DaySecurity CTO & Director of strategy
Mobile – Adoption and Adaption in 2012
Mobile data usage up 4,000%
2
Business Drivers
• Fast route to market (quick app development)• User productivity (familiarity & use in personal time)• Cost saving (capex, support costs, contract/data costs)• Employee satisfaction• Staff attraction and retention• Easier to use?
Do you ever text and walk? Ever walk into something?
What if your camera was on and showed where you were going?
“There’s an app for that…$1.54”
• Found on 3rd party sites and torrents
It does two things:1. Sends info to a remote location2. Sends an SMS to all your contacts
IMEI, Name, Phone Number
SMS
Android.Walkinwat 7
95054
Typical Mobile Malware
8
Apple vulnerabilities – iOS5 – Access to last used app
Hold down the power button
2004 2005 2006 2007 2008 2009 2010 2011
0
20
40
60
80
100
120
140
Symbian
iPhone
Android
Symbian iPhone Android
Symbian requires signing
Ikee worms
on rooted
iPhones
20 Families
41 Variants
Mobile threat history across major platforms.
11
What Is Driving Security?Industry trends driving security challenges• Mobile computing• Social media• Consumerization of IT
Business concerns• Data on the device• Social networking (blurring personal/business identities)• Accountability for the device
(responsible/liable when managing)• Data privacy regulations• Malware (HTML5 adoption)• Location controls – social engineering• Device physical loss
BYOD concerns• 3rd party use of the device (family access to data)• Basic security controls vs user lockdown• Apps installed• Blending of data and identities• Jail broken devices• Damaged devices • Lost/stolen devices• Privacy of devices in public places• Other business users devices
Symantec research
Top three Mobile Security Practice “Must Haves”
To successfully enable and manage mobile technology, CISOs rated their top practices and related technologies:
1. Protecting information on devices (90%)2. Authentication to the network and applications (89%)3. Setting and maintaining security policies (88%)
Source: 2011 IDG/CSO Quick Poll Survey of 124 Qualified respondents.
Business decisions• Business or user owned• In-house or managed Service• Managed device or managed
applications• What controls– What the longer term use
case?
Mobile Security
Security baseline
Identity Mgmt
Data Protection
• Enable new devices• Consistently govern
cloud services
• Manage entitlements
• Hyper-distributed information
Cloud Services
Mobile EnterpriseCISO
CIO
Smart device = Cloud enabled
Managed Devices Unmanaged Devices
Datacenter/Private-Cloud Public Cloud Services
Security/protection agents
Security/protection agents
SYMANTEC O3
Governance
Protection
Visibility
03 - The Rise of Cloud Security Brokers
Consistent identity & information security policy setting & auditing across all cloud services
Context and content aware security gateway enforcing enterprise policies above the clouds
Complete cloud audit trail of who (identity), what (information, services) , how (devices) , when (time)
2011 Trends
Mobile Threats
19
Mobile – Adoption and Adaption in 2012Discussions on “Mobile” are everywhere right now, from the street to the boardroom, and it provides a two-sided challenge for forward-thinking businesses. On one side, how can the organisation open up new ways of generating engagement and revenue from its customer base? On the other, how can it open up new ways of working for its employees that increase their productivity and improve retention of the best and brightest? Both of these potentially positive changes must be held up against increasing expectations of the protection of both customer and employee information and identity. Derek O’Carroll from Symantec will host this workshop by first presenting a viewpoint and leading a discussion into how this is being addressed today and possible forward-looking strategies.