Presentation is loading. Please wait.

Presentation is loading. Please wait.

Assurance for the Mobile User: Mobile Device Security.

Published byGabriela Hankey Modified over 10 years ago

Similar presentations

Presentation on theme: "Assurance for the Mobile User: Mobile Device Security."— Presentation transcript:

1 Assurance for the Mobile User: Mobile Device Security

2 Symantec Mobile Enterprise Security2 Agenda Who are we? Evolving Device Security Market Call To Action 1 2 3

3 Market for Device Security

4 Symantec Mobile Enterprise Security4 Consumers Grow Sophisticated as the World Converges.. Mobile Content, Services, Providers all Converging … Emergence of the Prosumer Mobile Content, Services, Providers all Converging … Emergence of the Prosumer Better Devices –100 Million Symbian Smart Phones shipped to-date –High penetration in matured markets & youth segments in emerging markets –IMS Services Enabled Devices Richer Content –Open Standards Push eMail –38.2% CAGR grow in Mobile eMail –Richer Content on Devices –Better cameras, more storage Richer Services –M-Commerce Resurgence –Content to Blog sites

5 Symantec Mobile Enterprise Security5 The Smart Phone Security Perfect Storm Outdated Thinking: 75% of companies have not addressed smart phone security* (60% cite security as biggest mobility obstacle*) IT is Organizing: Ad hoc deployment giving way to centralized policies that include all endpoints (Server, PC, Laptop and Mobile) Mobile/wireless IT spending likely to exceed IT budget growth in many organizations: 12.5% avg. growth rate (Source: Gartner) Increasing Mobile Device Threats: Mobile virus variants have doubled every 6 months since 2004 (235 mobile virus variants in H106) (Source: Symantec Security Response) Enterprise Faith: 80% of companies are allowing corporate data on devices, yet continue to not secure the data* Fastest Growing Device Segment: Smart phone growth = 77% Other mobiles = 27% Mobiles out ship PCs 5:1 in 2006 (Source: Canalys for H105 to H106, IDC & Gartner) * Q1 2006 Symantec survey conducted by Economist Intelligence Unit

6 Symantec Mobile Enterprise Security6 Global Survey on Enterprise Attitudes Toward Mobile Device Security OBJECTIVES –To explore corporate attitudes regarding enterprise mobile device security –Survey done against 248 companies headquartered in North America, Western Europe, and Asia Pacific RESULTS –60% said security biggest obstacle –Only 9% addressed security issues –88% of companies deals with security on an ad-hoc basis or do not address it at all –25% of senior management fully understands the risks of mobile computing in North America, compared with 30% in Western Europe and 37% in Asia Pacific. –4 out of 5 companies surveyed view the risk of mobile data services the same or greater than wired data risks. Source : Economist Intelligence Unit

7 Symantec Mobile Enterprise Security7 Global Survey on Enterprise Attitudes Toward Mobile Device Security NOTABLE DATA –Reasons for companies permitting mobile access Improve employee productivity - 73%, to enable increased business flexibility - 46%, and increase responsiveness to customers - 33%. POLICIES ON STORAGE OF CORPORATE DATA –While 21% of North American companies allow storage of corporate data on employee-owned mobile devices and leave security to employees, only 13% of companies in other global regions do the same. –Only 53% of North American companies limit storage of corporate data to company-owned mobile devices; 64% of companies outside North America allow storage of corporate data only on company- owned devices. Source : Economist Intelligence Unit

8 Symantec Mobile Enterprise Security8 Cabir released Skulls[A-B] released Cabir.B Released Cabir Source Code released 18 Variants in 1 Month Commwarrior[A-B], Dampig, Drever[A-C], Skulls[E-H] released Doomboot[A-C], Skulls[K-L], Cabir.U released First Symbian Spyware Released. Threat Landscape: Wireless Threats Continue to Proliferate Symantec Response has already identified over 30 vulnerabilities on the Windows Mobile 5 OS. Threats for Windows Mobile are likely to follow a similar evolution pattern as Symbian and PC threats.

9 Symantec Mobile Enterprise Security9 Increasing amount of personal content on mobiles –Highly personal pictures, videos e.g. lost mobile content in HK sold for profit Attacks now for Financial Gain… not Notoriety –30 of the top 50 threats exposed user confidential data (source Symantec ISTR X http://www.symantec.com/enterprise/threatreport/index.jsp ) http://www.symantec.com/enterprise/threatreport/index.jsp Premium SMS attacks can drain user accounts –RedBrowser.A and Webser released in February 2006 –No predictive fraud detection methods in many mobile payment mechanism similar ass offered by Visa and MasterCard Devices increasingly becoming payment instruments –Pay-with-a-wave in Japan, UK… add financial risk to mobile New Platform, New Risks: Pranking4Profit Mobiles are becoming digital wallets and identities but Mobile payment fraud methods are comparatively immature Mobiles are becoming digital wallets and identities but Mobile payment fraud methods are comparatively immature

10 Symantec Mobile Enterprise Security10 People are the Perimeter: Mobile blurs the distinction between Employee and Consumer, between user and network –If a mobile phone is always with you… it is always a risk 70% use their mobile phones as alarm clocks (source ICM Research) –Snoopware: Mobile spyware exploits the telephony apps… not eMail Consult the calendar to determine the best times to snoop Remotely activate the microphone to eavesdrop on conversations or spy via pictures and video Examples: FlexiSpy and iCam (available April 2006) New Platform, New Risks: Snoopware… an Invasion of Privacy Snoopware puts a Stranger in your Bedroom and a Competitor in your Boardroom

11 Symantec Mobile Enterprise Security11 Loss/Theft/Damage of a mobile device far more likely than PCs –Phones lost 15X more frequently than PCs by some estimates –In the UK, 20,000 devices are lost or stolen in the UK each month and one third of all robberies now solely involve mobile phones (Sources: ARC & UK Govt Stats) Loss Mitigation: Flexible defense to match the risk –Anti-Virus, Remote wipe and kill, Data Encryption, File Activity Log AV prevents undetected loss of data Activity Log = peace-of-mind & a regulatory compliance option without the overhead of encryption –Future of Loss Mitigation: Data Backup and Recovery Data tagged as personal or business, encrypted on the phone, sent over-the-air and targeted at either the work or home PC for back-up New platform, New risks: Mobile Loss Mitigation Lost phones hurt everyone: Users, Employers and Operators

12 Symantec Mobile Enterprise Security12 Call to Action Managed Anti-Virus Prevent virus & malware outbreaks Anti-SPAM eMail SPAM prevention Secure User Identities Prevention of identity theft IM Threat Protection SPAM prevention on IM Managed Apps Back Up & Storage Protecting business critical information Managed Web Content Prevent attacks on corporate web sites Mobile Device Protection Anti-Virus & Firewall Managed Anti-Virus Prevent virus & malware outbreaks Anti-SPAM eMail SPAM prevention

13 Q&A

Download ppt "Assurance for the Mobile User: Mobile Device Security."

Similar presentations

Symantec 2004 Pulse of IT Security in Canada Volume II Survey shows Increases in Concern and Spending for IT Security Andrew Bisson Director, Planning.

Symantec 2004 Pulse of IT Security in Canada Volume II Survey shows Increases in Concern and Spending for IT Security Andrew Bisson Director, Planning.
User Authentication on Mobile Devices Google Two Factor Authentication OTP (One Time Password)

User Authentication on Mobile Devices Google Two Factor Authentication OTP (One Time Password)
1 Fortinet Confidential 1 T I T R E Fortinet 2013 Global Survey.

1 Fortinet Confidential 1 T I T R E Fortinet 2013 Global Survey.
©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Best Practices to Secure the Mobile Enterprise Macy Torrey

©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Best Practices to Secure the Mobile Enterprise Macy Torrey
Www.sophos.com/loveyourphone Mobile device security Practical advice on how to keep your mobile device and the data on it safe.

Mobile device security Practical advice on how to keep your mobile device and the data on it safe.
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Copyright Critical Software S.A. 1998-2008 All Rights Reserved. COTS based approach for the Multilevel Security Problem Bernardo Patrão.

Copyright Critical Software S.A All Rights Reserved. COTS based approach for the Multilevel Security Problem Bernardo Patrão.
Copyright - 2008 Movidan, Inc. All rights reserved. 1 Dont think, however, that we have lost our taste for risk. We remain prepared to lose $6 billion.

Copyright Movidan, Inc. All rights reserved. 1 Dont think, however, that we have lost our taste for risk. We remain prepared to lose $6 billion.
Office 365 for Enterprises ITExpo February 2, 2012.

Office 365 for Enterprises ITExpo February 2, 2012.
and o REMOTE SUPPORT o ON-SITE SUPPORT o ONE-TIME TUNE-UP BASIC SERVICES.

and o REMOTE SUPPORT o ON-SITE SUPPORT o ONE-TIME TUNE-UP BASIC SERVICES.
WHICH TO CHOOSE RIGHT SERVER FOR THE RIGHT JOB. Today’s business environment demands that small and midsize businesses do more with less. The large majority.

WHICH TO CHOOSE RIGHT SERVER FOR THE RIGHT JOB. Today’s business environment demands that small and midsize businesses do more with less. The large majority.
EMERGING TOPICS IN DATA, APPLICATION AND INFRASTRUCTURE PROTECTION Taher Elgamal ITU 12-2011.

EMERGING TOPICS IN DATA, APPLICATION AND INFRASTRUCTURE PROTECTION Taher Elgamal ITU
Www.accessdata.com Digital Investigations of Any Kind ONE COMPANY Cyber Intelligence Response Technology (CIRT)

Digital Investigations of Any Kind ONE COMPANY Cyber Intelligence Response Technology (CIRT)
Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.
Layered Security Solutions - Simplified www.SoftwareSecuritySolutions.com 303-232-9070 © 2008 Monte Robertson - CEO Layered Security Solutions – Simplified!

Layered Security Solutions - Simplified © 2008 Monte Robertson - CEO Layered Security Solutions – Simplified!
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Security for Today’s Threat Landscape Kat Pelak 1.

Security for Today’s Threat Landscape Kat Pelak 1.
Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility. Simplify authentication.

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility. Simplify authentication.
Global Information Security Issues According to the E&Y Global Survey, Managers Say the Right Thing… –90% of 1400 companies surveyed in 66 countries say.

Global Information Security Issues According to the E&Y Global Survey, Managers Say the Right Thing… –90% of 1400 companies surveyed in 66 countries say.

Similar presentations

Ads by Google