INFORMATION TECHNOLOGY FOR MINNESOTA GOVERNMENT Christopher P. Buse Assistant Commissioner and CISO State of Minnesota Mobile Device Management Assessing.

Slides:

Advertisements

Similar presentations

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 © 2010 Cisco and/or its affiliates. All rights reserved. 1 BYOD: Security, Policy.

Advertisements

Mobile Device Management: Do You Know Whos Accessing Your Network? Umesh Shah, Dir. Channel Marketing.

Bring Your Own Device (BYOD) Security By Josh Bennett & Travis Miller.

Securely connecting users and applications from anywhere to anywhere in todays global economy MY-ARRAY DesktopDirect Bring.

1 1 March 20, 2014 A SIMPLE APPROACH TO BYOD. WHAT THEY DONT WANT IS: Company monitoring of their personal activities or restriction of the apps they.

MOBILE DEVICES & THEIR IMPACT IN THE ENTERPRISE Michael Balik Assistant Director of Technology Perkiomen Valley School District.

Which server is right for you? Get in Contact with us

Building the case for Windows 8.1 Flexible Workstyle deployment Windows 8.1 Business Value Workshop Microsoft Consulting Services can help you build the.

The IT Manager’s Nightmare... “Good morning, the board decided last night that we need to have iPads in order to do our work properly. Can you please.

1 © Copyright 2013 EMC Corporation. All rights reserved. Online File Synchronization and Sharing for the Enterprise.

Enterprise Security A Framework For Tomorrow Christopher P. Buse, CPA, CISA, CISSP Chief Information Security Officer State of Minnesota.

Improving Connections for the Mobile Worker Theron Dodson Ascendent Systems August 9.

Top Questions Executives and Board Members Should be Asking About IT and Cloud Risks.

BYOD: RISKS, MATURITY, AND SOLUTIONS ADAM ELY

SAM for Mobile Device Management Presenter Name. of employees spend at least some portion of their time working outside their office. Mobility is the.

Introducing TakeCharge SyncedTool The most secure, agile hosted file-sharing platform for business.

Managing BYOD Legal IT’s Next Great Challenge. Agenda  The BYOD Trend – benefits and risks  Best practices for managing mobile device usage  Overview.

Office 365: Efficient Cloud Solutions Wednesday March 12, 9AM Chaz Vossburg / Gabe Laushbaugh.

Solution Briefing Flexible Workstyle. Solution Briefing work-life blur more mobile tech savvy multiple devices digital generation fast paced Consumerization.

1 ZIXCORP The Criticality of Security Dena Bauckman Director Product Management April 2015.

Empower Enterprise Mobility Jasbir Gill Azure Mobility.

Sybase Confidential Propriety.iAnywhere ConfidentialiAnywhere Confidential Proprietary.Sybase Confidential Propriety. Addressing the Challenges of Device.

Mobility Without Vulnerability: Secure and Enable Your Mobile Users, Apps, and Devices David Clapp – Intuitive.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

Market Trends Enterprise Web Applications Cloud Computing SaaS Applications BYOD Data Compliance Regulations 30 Second Elevator Pitch Web browsers have.

© 2013 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo are trademarks of AT&T Intellectual Property. Mobile Application Ecosystem.

Supporting BYOD Dennis Cromwell Supporting BYOD  CISCO Study – 15B devices capable of connecting to a network by 2015  The Consumerization.

1. Windows Vista Enterprise And Mid-Market User Scenarios 2. Customer Profiling And Segmentation Tools 3. Windows Vista Business Value And Infrastructure.

BRING YOUR OWN DEVICE. BYOD AND THE IMPACT ON IT SECURITY BYOD and pressure employees put on IT organization to supply or allow consumer mobility devices.

© 2012-Robert G Parker May 24, 2012 Page: 1 © 2012-Robert G Parker May 24, 2012 Page: 1 © 2012-Robert G Parker May 24, 2012 Page: 1 © 2012-Robert G Parker.

Building Tomorrow’s Corporate Portal David C. Hastings Director, Solutions Management

SAM for Virtualizatio n Presenter Name. Virtualization: a key priority for business decision makers Technavio forecasts that the global virtualization.

Mobility In the Enterprise Friend or Foe? Bob West, CEO, Echelon One 2012 Workshop on Cyber Security and Global Affairs 20 Junio, 2012 Barcelona, España.

1 Evolution and Revolution: Windows 7 and Desktop Virtualization How to Accelerate Migration to Windows 7 Miguel Sian, Sr. Enterprise Solutions Consultant.

Virtual Classes Provides an Innovative App for Education that Stimulates Engagement and Sharing Content and Experiences in Office 365 MICROSOFT OFFICE.

Company small business cloud solution Client UNIVERSITY OF BEDFORDSHIRE.

Deploying Windows 10 in the Enterprise Introduction and Windows as a Service Michael blogs.technet.com/mniehaus.

- NCSU project goals and requirements - Adoption Drivers - Current challenges and pain points - Identacor at NCSU - Identacor Features - NCSU Key Benefits.

Microsoft Desktop Virtualization Kiran N R Optimized Desktop – TSP Microsoft Corporation.

User and Device Management

INNOVATE THROUGH MOTIVATION Mobile Computing & Your Business KEVIN KIRKPATRICK – OWNER, MSP INC LOGO.

© 2008 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED,

BYOD: An IT Security Perspective. What is BYOD? Bring your own device - refers to the policy of permitting employees to bring personally owned mobile.

©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. Securing Your Data in Endpoint and Mobile Environments Frank Suijten Security.

69% of employees say they are accessing business apps on personal devices Organizations say 34% of their employees are accessing business apps on.

Tomaž Čebul Principal Consultant Microsoft Bring Your Own Device, kaj pa je to?

Mobile Security Solution Solution Overview Check Point Mobile Threat Prevention is an innovative approach to mobile security that detects and stops advanced.

Short Customer Presentation September The Company  Storgrid delivers a secure software platform for creating secure file sync and sharing solutions.

Workshifting Transform your business – empower your people.

Data-Tech Guardian Endpoint Security Suite. Guardian Endpoint Security Suite secures All Things Mobile TM from one management console.

Total Enterprise Mobility Comprehensive Management and Security

BYOD Security Risks Presentation by Ravi Namboori Visit

The time to address enterprise mobility is now

How to Define a Successful Mobility Strategy

Transforming business

SmartHOTEL Planner Add-In for Outlook: Office 365 Integration Enhances Room Planning, Booking, and Guest Management for Small Hotels and B&Bs OFFICE 365.

Impact of IT Consumerisation on Enterprise Security

Letsignit, an Automated Signature Solution for Microsoft Office 365 and Microsoft Exchange, Provides Efficiency in Branding and Customization OFFICE.

IWRITER 365 Offers Seamless, Easy-to-Use Solution for Using, Designing, Managing, and Sharing All Your Company Templates in Microsoft Office 365 OFFICE.

Microsoft Services Cloud Productivity Solutions

Skyhigh Enables Enterprises to Use Productivity Tools of Microsoft Office 365 While Meeting Their Security, Compliance & Governance Requirements Partner.

It’s About Time – ScheduleMe Outlook Add-In for Office 365 Enables Users to Schedule Meetings Easily with People Outside of Your Organization Partner Logo.

With IvSign, Office 365 Users Can Digitally Sign Word Documents in the Cloud from Any Device Without Having to Install Any Digital Certificates OFFICE.

Which is right for your business, Office 365 or Microsoft 365?

Which is right for your business, Office 365 or Microsoft 365?

The Jamespot for Office 365 Application Attaches Business Processes to Docs and Syncs Them to OneDrive to Simplify Collaboration and Sharing OFFICE 365.

BluVault Provides Secure and Cost-Effective Cloud Endpoint Backup and Recovery Using Power of Microsoft OneDrive Business and Microsoft Azure OFFICE 365.

Office 365 and Microsoft Project Integrations for HULAK Project Management Software Enable Teams to Remain Productive and Within Budget OFFICE 365 APP.

Letsignit, an Automated Signature Solution for Microsoft Office 365 and Microsoft Exchange, Provides Efficiency in Branding and Customization OFFICE.

Microsoft Virtual Academy

Presentation transcript:

INFORMATION TECHNOLOGY FOR MINNESOTA GOVERNMENT Christopher P. Buse Assistant Commissioner and CISO State of Minnesota Mobile Device Management Assessing the Benefits and Risks

About Me  Developed IT audit function  First CISO  Now Assistant Commissioner and CISO, overseeing “leadership” services

Agenda Value Proposition Risks Minnesota’s Strategy Q&A

Value Proposition Understanding the Drive to Go Mobile

Key Business Drivers  Productivity: Need to access data anytime from anywhere  Dissatisfaction with “work only” devices  Fueled by consumerization of mobile devices  Portability: Business process and applications going mobile  Health professionals  Transportation workers  Location-based applications Mobile devices and applications allow workers to be more satisfied, productive, and effective

Lingering Questions  Can I support the litany vendor products?  How do I address the legal issues?  BYOD : government data  BYOD: remote wipe  Work hour provisions  How does mobility impact our security posture?  What will it cost?

Infrastructure Executive Council, Information Technology Practice © 2011 The Corporate Executive Board Company. All Rights Reserved. 7 Enterprise technology roadmaps reflect substantial, cross- industry investment in mobile applications and support for employees’ mobile devices. By end-2011, a majority IT organizations had introduced some mobile applications and support for mobile device video. By mid-2012, a majority of IT organizations anticipate that they will support a “bring your own” program for employees’ mobile devices. Investments in desktop and application virtualization may enable additional access and support for mobile platforms. The Mobile Enterprise is Coming A majority of IT organizations had introduced video for mobile devices and mobile enterprise applications by end-2011, in some cases enabled through virtualization By mid-2012, a majority of IT organizations anticipate supporting a “bring your own” program for mobile devices End-User Computing Roadmap, For more in-depth information on the enterprise value, deployment risk and adoption timelines associated with emerging technologies, please check out the Infrastructure Executive Council’s Emerging Technology Roadmap.

Percentage of Employees Engaging in Risky Behaviors More Often than "Rarely"

Mobile Security Risks Pulling Back the Curtain

A Good News Story  Out of the box, mobile devices are more secure than PCs  Architected with security in mind  Not been the next security nightmare  But…..  The increased risk of loss must be addressed  The security model can be broken

Malware?  Not a significant issue  Dynamic code won’t run  Code can only come from application stores  Code is digitally signed  Applications run in a sandbox  Things to worry about  Rogue applications in the app stores  Apps installed from outside the app stores (Android specific issue)  “Jailbroken” phones

Lost or Stolen Devices  Biggest risk: Devices very susceptible to loss or theft  Without proper controls  Direct access to critical government business systems  Ability to harvest data housed on the device  Things to worry about  End users push for ease of use over controls  Example: No pins or screen timeouts

Remote Data Storage  Synchronizing data between devices and applications is an issue  No shared file system  Answer: Dropbox, Box, etc.  Things to worry about  Services have a history of security problems  Incomplete understanding of their security model  Click through contractual terms that are vendor centric

Caveats  Very few active exploits today in the mobile space  Why?  The mobile security model is solid  PCs and Macs are easy to hack  Predictions  PC and Mac security will continue to get better  Hackers will focus more attention on mobile devices  Cracks in the mobile security model will appear

Minnesota’s Strategy Staying in Front of the Curve

A Secure Foundation  Enterprise Security Portable Computing Device Standard (adopted June 2011)  Controls for both state and personally owned mobile devices  Key provisions  Authorize all devices  Pin and timeout requirements  Device encryption  Remote wipe  No jailbroken devices

Implementation of Security Controls  Requirements in standard enforced through technical controls  Goal: Devices that cannot comply cannot connect  Technical limitations  Controls applied at the “person” level  Exceptions for one device automatically create a low bar for others

Why MDM?  Project now underway  Offers additional security and management features  Key features  More granular security policies  Advanced tracking and management of devices  State app store  Data storage repository

Final Thoughts  Proliferation of mobile devices will continue  Risks can be appropriately managed  Laying out a comprehensive service strategy is vital Strategy Risks Value