Bring Your Own Device (BYOD) Security By Josh Bennett & Travis Miller.

Slides:



Advertisements
Similar presentations
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 © 2010 Cisco and/or its affiliates. All rights reserved. 1 BYOD: Security, Policy.
Advertisements

Embrace Mobility. Without Compromise. The apps they need. On the devices they want. Without sacrificing compliance. Strategic Approach to Mobile Security.
!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.
MANAGING AND SECURING BYOD Legal ITs Next Great Challenge.
Enable Bring Your Own Device with SCCM 2012 David Caddick Solutions Architect, Quest Software WCL315.
Mobile Device Management: Do You Know Whos Accessing Your Network? Umesh Shah, Dir. Channel Marketing.
Security for Mobile Devices
November 14, 2012 Securely Manage your devices, applications and data. Deploy your corporate policies on smart devices. Comply with Regulatory Laws. Detroit.
Securely connecting users and applications from anywhere to anywhere in todays global economy MY-ARRAY DesktopDirect Bring.
Identify risks with mobile devices: Portable data storage Wireless connections 3 rd party applications Data integrity Data availability 2.
Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
1 Confidential Lessons Learned from the First Generation of Mobile Apps Sean Ginevan, Product Management MobileIron - Confidential1.
Mobile Access: BYOD Trends SCOTT DUMORE - DIRECTOR, TECHNOLOGY, CHANNELS & ALLIANCES AUTONOMY, HP SOFTWARE.
MOBILE DEVICES & THEIR IMPACT IN THE ENTERPRISE Michael Balik Assistant Director of Technology Perkiomen Valley School District.
5 Possible Device Selection Models. Bring Your Own 'x' (BYOx) is a term used to describe a digital device ownership model where students and/or staff.
Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.
SANS Technology Institute - Candidate for Master of Science Degree Design Phase 1 of an iPhone Rollout Mark Baggett, Jim Horwath June 2010.
Avaya – Proprietary. Use pursuant to the terms of your signed agreement or Company policy. idEngines® Avaya Identity Engines And Mobile Device Management.
6218 Mobile Devices- Are They Secure Enough for our Patient's Data? Presented By Aaron Hendriks, CISSP Other: Employee of University Health Network, Toronto,
Week 9, Network Communication Software, Dept of Informatics, Faculty of Business.
INFORMATION TECHNOLOGY FOR MINNESOTA GOVERNMENT Christopher P. Buse Assistant Commissioner and CISO State of Minnesota Mobile Device Management Assessing.
BYOD: RISKS, MATURITY, AND SOLUTIONS ADAM ELY
Course ILT Security overview Unit objectives Discuss network security Discuss security threat trends and their ramifications Determine the factors involved.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
August 9, 2005 UCCSC IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Empower Enterprise Mobility. of employees use personal devices for work purposes.* of employees that typically work on employer premises, also frequently.
SAM for Mobile Device Management Presenter Name. of employees spend at least some portion of their time working outside their office. Mobility is the.
IOS 8 for MDM/EMM Greg Elliott Shiv Chandra Kumar.
Philippe LE TERTRE IS Governance Consultant  Founder and managing partner of VADEGIS (company specialized in Information System Management.
Windows Server 2012 R2 Capabilities for BYOD Scenario Yuri Diogenes Senior Knowledge Engineer Data Center, Devices & Enterprise Client – CSI Team’s Page:
Managing BYOD Legal IT’s Next Great Challenge. Agenda  The BYOD Trend – benefits and risks  Best practices for managing mobile device usage  Overview.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Security issues for mobile devices Cvetko Andreeski.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
1 ZIXCORP The Criticality of Security Dena Bauckman Director Product Management April 2015.
Telenet for Business Mobile & Security? Brice Mees Security Services Operations Manager.
Mobility Without Vulnerability: Secure and Enable Your Mobile Users, Apps, and Devices David Clapp – Intuitive.
Mobile Policy. Overview Security Risks with Mobile Devices Guidelines for Managing the Security of Mobile Devices in the Enterprise Threats of Mobile.
Your storage on the ground; Your files in the cloud.
Android in the Cloud Chromebooks, BYOD and Wearables Joel Isaacson Copyright 2014 Joel Isaacson
Supporting BYOD Dennis Cromwell Supporting BYOD  CISCO Study – 15B devices capable of connecting to a network by 2015  The Consumerization.
E-Security: 10 Steps to Protect Your School’s Network NEN – the education network.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Best Practices for Protecting Data. Section Overview Mobile Computing Devices Technical Procedures Data Access and Permissions Verbal Communication Paper.
Imagine a health system that focuses on health, not just health care. Imagine a sustainable health system with one goal: to improve the lives of the people.
1. Scomis now Apple certified ACSP – Apple Certified Support Professional ACTC – Apple Certified Technical Coordinator 2.
Microsoft Virtual Academy Preparing for the Windows 8.1 MCSA Module 5: Managing Devices & Resource Access.
User and Device Management
Cyber Security in the Mobile Era KEEPING ENTERPRISE DATA SAFE IN THE BYOD ERA.
Created by Alexis Ford Research done by Rebecca Tanner Ford 1.
BYOD: An IT Security Perspective. What is BYOD? Bring your own device - refers to the policy of permitting employees to bring personally owned mobile.
©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. Securing Your Data in Endpoint and Mobile Environments Frank Suijten Security.
69% of employees say they are accessing business apps on personal devices Organizations say 34% of their employees are accessing business apps on.
La Salle University – Fall 2013 INL 880 – Capstone Presentation Presented by: Loc Nguyen & Shweta Somalwar December 18, 2013.
Moving to BYOD Gary Audin 1.
Managed IT Services JND Consulting Group LLC
1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant.
Total Enterprise Mobility Comprehensive Management and Security
Mobile Devices in the Corporate World
EAST AFRICAN DATA HANDLERS DATA SECURITY/MOBILITY
The time to address enterprise mobility is now
Transforming business
Impact of IT Consumerisation on Enterprise Security
BYOD Enterprise Mobile Security for IOS Devices
11/23/2018 3:03 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
In the attack index…what number is your Company?
Chapter 10. Mobile Device Security
IT Management, Simplified
IT Management, Simplified
Presentation transcript:

Bring Your Own Device (BYOD) Security By Josh Bennett & Travis Miller

Today's Agenda Introduction of BYOD systems Benefits of BYOD systems BYOD Risks - Reduced Security Case Studies o Malware: IOS_IKEE Worm Exploit o Corporate Data Exfiltration: TTB No-Data Clients o Approved Applications: EEOC BYOD Pilot 10-Step Secure Implementation Process BYOD Security Policies Closing Thoughts Questions

Benefit of BYOD Systems -Improved mobility -Avoiding carrying / maintaining multiple devices -Employee benefit -Reduced costs

Diminished Regard for Security Driving Risks -Lack of awareness -Increased workload -Technical support prioritization -Mobile OS updating difficulty -Impulsive MDM solution purchases -Informal adoption

Case Study: iOS Malicious Worm Issue: Presence of Malware Security Approach: Maintain Original OS & Patches Example: IOS_IKEE worm; exploits jailbroken Apple mobile devices

Case Study: Alcohol and Tobacco Tax and Trade Bureau (TTB) Issue: Corporate Data Exfiltration Security Approach: Virtual Desktop & No-Data Thin Clients VMware servers => RSA encrypted => WinLogon Read-Only permissions

Case Study: U.S. Equal Employment Opportunity Commission (EEOC) BYOD Pilot Issue: Approved Application Downloads/Agreement Security Approach: Required Third-Party Apps - Novell GroupWise Notifylink MDM cloud provider was required GroupWise apps to connect

Bradford Network's 10-Step Secure Implementation Process

1.Determine the Mobile Devices That Are Allowed (Acceptable, Safe Devices) 2.Determine the OS Versions That Are Allowed (Secure OS Versions) 3.Determine the Apps That Are Mandatory/Required (Configuration) 4.Define the Devices Allowed By Group/Employees (Device Policies by Users) 5.Define Network Access (Who, What, Where, When)

10-Step Secure Implementation Process 6.Educate Your Employees (Communicate Policies) 7.Inventory Authorized & Unauthorized Devices (Trusted vs. Untrusted Devices) 8.Inventory Authorized & Unauthorized Users (Trusted vs. Untrusted Users) 9.Controlled Network Access Based on Risk Posture (Provision Network Access) 10.Continuous Vulnerability Assessment & Remediation (Enhance Other Solutions)

BYOD Security Policies 1.Prohibit download/transfer of sensitive business data 2.Required password(s) on personal device(s) 3.Agreement to maintain original OS with appropriate patches/updates 4.Device will not be shared with others 5.Remote wipe after X password attempts or device is reported lost 6.Agreement to encryption connection policies (ex. Federal Information Processing Standard (FIPS) 140-2)

Closing Thoughts -BYOD is already common -Risks and rewards BYOD Organizations should: -Educate themselves on nature and variety of risks -Research organizational impacts -Develop implementation process based on best practices -Establish and enforce sound security policies

Questions?

Bibliography byod-strategy#btnNext many-it-groups-still-struggle-with-consumerization/ papers/wp_decisive-analytics-consumerization-surveys.pdf content/us/pdfs/business/reports/rpt_implementing_byod_plans.pdf

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.