Presentation is loading. Please wait.

Presentation is loading. Please wait.

BYOD Security Maintaining a Secure Infrastructure Friday 15 th March 2013.

Published byDavid Wareham Modified over 9 years ago

Similar presentations

Presentation on theme: "BYOD Security Maintaining a Secure Infrastructure Friday 15 th March 2013."— Presentation transcript:

1 BYOD Security Maintaining a Secure Infrastructure Friday 15 th March 2013

2 Paul Whitton ▶ Senior IT Security Specialist within ESISS ▶ TigerScheme and Crest accredited. ▶ Been working at Loughborough University since 2001 in variety of teams. ▶ Labs ▶ Staff Desktop ▶ Systems Services ▶ Networks and Security ▶ Now ESISS

3 About ESISS ▶ ESISS is the Education Shared Information Security Service. ▶ A collaboration with the eight universities within the East Midlands region. ▶ A genuine requirement for shared security service was identified. ▶ HEFCE pump primed for first year. ▶ Launched in August 2009, now used by over 50 UK institutions and growing

4 About the ESISS team ▶ Contract awarded to Loughborough University. ▶ Dedicated team providing the services. ▶ Information Security Assurance: CISSP, Tiger Scheme QSTM, CCNP, CCSP, Crest Registered Tester, etc. ▶ Trusted Introducer Accredited procedures

5 BYOD Challenges ▶ Technical Challenges ▶ Security Considerations ▶ Legal Issues

6 Technical Challenges ▶ Which device types/operating systems are allowed ▶ What apps may be installed and used ▶ What IT systems maybe accessed ▶ How data is stored on the device ▶ How data is transferred to/from the device ▶ Blurring of business and personal use

7 Security considerations ▶ Data privacy - personal and corporate data on the same device. This works both ways. ▶ Data privacy/remote wipe for lost/stolen devices ▶ What to do if the person who owns the device leaves the company. ▶ Copyright Infringement from the device.

8 How to address these issues What the Data Protection Act 1998 says: ▶ Appropriate technical and organisational measures shall be taken against accidental loss or destruction of, or damage to, personal data. ▶ All of the previous mentioned issues can be mitigated to some extent with a suitable/effective BYOD policy.

9 Designing a BYOD Policy Must meet the needs of both IT and employees E.g.: ▶ Secure corporate data ▶ Minimise cost to implement and enforce ▶ Preserve user experience ▶ Keep up with user technology and preferences.

10 What to consider ▶ JANET AUP already covers a fair amount of the responsibilities ▶ Maybe a need to create a social media policy ▶ Regular checks for compliance.

11 Device settings Best practise indicated by Gartner and elsewhere suggests devices supported should be able to support: ▶ Device Lock code ▶ Automatic device lock on idle ▶ Remote device wipe function ▶ Device data encryption

12 Mobile Device Management ▶ Investigate remote locate and wipe facilities ▶ Appropriate process to remove rights to lost/stolen devices. ▶ Approved devices only ▶ Educate users about untrusted apps and data protection ▶ Segregation of corporate and personal data (Mobile Application Management)

13 Exchange ActiveSync Policy ▶ Exchange allows admins to define a policy for any clients connecting. ▶ This can include remote wipe, enforce encryption, etc.

14 Virtual Desktop/Thin Client ▶ Some places are implementing virtual desktop infrastructure. ▶ This allows BYOD clients to access a normal corporate desktop by running an application ▶ Segregates corporate data from the BYOD

15 Type of Network Access ▶ Clients are typically wireless devices. ▶ Expect to be able to just turn wireless on and it works with minimal or no configuration

16 Wireless Access and Auditing ▶ eduroam ▶ Captive portal style wireless networks. ▶ Consideration for BYOD network access to main network.

17 eduroam ▶ Based on 802.1X standard and a hierarchy of RADIUS proxy servers. ▶ Role of the RADIUS hierarchy is to forward the users' credentials to the users' home institution, where they can be verified and validated. ▶ Can allow visitors from a participating sites to use your wireless/wired networks, but segregate them from your main network and vice versa.

18 eduroam

19 Pros: Secure wireless configuration. Device only needs to be configured once for all sites Supports wireless and wired. Internationally available. Cons: Maybe complicated to setup/configure/maintain for small FE sites with small numbers of network staff.

20 Typical open guest network

21 Open guest network Pros: Easy to setup/maintain. Cons: Users can see other peoples traffic. (Mitigated to an extent by forcing the use of SSL web proxy). Requires user to configure their wireless settings for each site they visit.

22 Further Information ▶ http://www.eduroam.org http://www.eduroam.org ▶ www.ico.gov.uk/news/latest_news/2013/~/media /documents/library/Data_Protection/Practical_ap plication/ico_bring_your_own_device_byod_guid ance.ashx www.ico.gov.uk/news/latest_news/2013/~/media /documents/library/Data_Protection/Practical_ap plication/ico_bring_your_own_device_byod_guid ance.ashx

23 Any Questions? Thank you for listening p.whitton@lboro.ac.uk https://www.esiss.ac.uk/

Download ppt "BYOD Security Maintaining a Secure Infrastructure Friday 15 th March 2013."

Similar presentations

©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Best Practices to Secure the Mobile Enterprise Macy Torrey

©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Best Practices to Secure the Mobile Enterprise Macy Torrey
Security for Mobile Devices

Security for Mobile Devices
Bring Your Own Device (BYOD) Security By Josh Bennett & Travis Miller.

Bring Your Own Device (BYOD) Security By Josh Bennett & Travis Miller.
Managing Outsourced Service Providers By: Philip Romero, CISSP, CISA.

Managing Outsourced Service Providers By: Philip Romero, CISSP, CISA.
Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
Licia Florio EUNIS05, Manchester 1 Eduroam EUNIS Conference, June 22 2005 Licia Florio.

Licia Florio EUNIS05, Manchester 1 Eduroam EUNIS Conference, June Licia Florio.
Jisc Legal. John X Kelly - Mobile Devices - BYOD.

Jisc Legal. John X Kelly - Mobile Devices - BYOD.
URP Usage Scenarios for NAS Yoshihiro Ohba August 2001 Toshiba America Research, Inc.

URP Usage Scenarios for NAS Yoshihiro Ohba August 2001 Toshiba America Research, Inc.
The IT Manager’s Nightmare... “Good morning, the board decided last night that we need to have iPads in order to do our work properly. Can you please.

The IT Manager’s Nightmare... “Good morning, the board decided last night that we need to have iPads in order to do our work properly. Can you please.
The Natural way for Secure Mobile Email v.1.4 www.AGATSolutions.com.

The Natural way for Secure Mobile v.1.4
Secure Lync mobile Authentication

Secure Lync mobile Authentication
Secure SharePoint mobile connectivity

Secure SharePoint mobile connectivity
Meraki Mobile Device Management

Meraki Mobile Device Management
BYOD: Privacy and Security Andrew Paterson, Senior Technology Officer.

BYOD: Privacy and Security Andrew Paterson, Senior Technology Officer.
Data Security for Healthcare Facilities Debbie Abbott Health Information Consultant Resolutions (Int) Pty Ltd.

Data Security for Healthcare Facilities Debbie Abbott Health Information Consultant Resolutions (Int) Pty Ltd.
Www.ja.net/roaming Copyright JNT Association 2006 The JANET Roaming Service.

Copyright JNT Association 2006 The JANET Roaming Service.
Technical Review Group (TRG)Agenda 27/04/06 TRG Remit Membership Operation ICT Strategy ICT Roadmap.

Technical Review Group (TRG)Agenda 27/04/06 TRG Remit Membership Operation ICT Strategy ICT Roadmap.
Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.

Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.
SAM for Mobile Device Management Presenter Name. of employees spend at least some portion of their time working outside their office. Mobility is the.

SAM for Mobile Device Management Presenter Name. of employees spend at least some portion of their time working outside their office. Mobility is the.
Netop Remote Control Trusted. Secure. Experienced.

Netop Remote Control Trusted. Secure. Experienced.

Similar presentations

Ads by Google