Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.

Slides:

Advertisements

Similar presentations

Powerful and convenient management for Windows Mobile ® 6.1 devices in an enterprise environment. These features include: Centralized, over-the-air device.

Advertisements

McAfee One Time Password

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.

Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.

1 1 March 20, 2014 A SIMPLE APPROACH TO BYOD. WHAT THEY DONT WANT IS: Company monitoring of their personal activities or restriction of the apps they.

© 2009 VMware Inc. All rights reserved VMware Horizon Mobile Intro - NetHope Deepak Puri Director Mobile Business Development +1 (415)

1 GP Confidential © GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)

Lee Hang Lam Wong Kwun Yam Chan Sin Ping Wong Cecilia Kei Ka Mobile Phone OS.

Desktop Central Managing Desktops, Servers & Devices Romanus Prabhu R Technical Account Manager LinkedIn : romanus.prabhu.

Policy Weaving for Mobile Devices Drew Davidson. Smartphone security is critical – 1200 to 1400 US Army troops to be equipped with Android smartphones.

Meraki Mobile Device Management

A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.

Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.

Script Kiddies; CybercrimeCyber-espionage; Cyber-warfare CybercriminalsState sponsored actions; Unlimited resources Attacks on fortune 500All sectors.

Technical Brief v1.0. Communication tools that broadcast visual content directly onto the screens of computers, using multiple channels and formats Easy.

Data Devices People 6.5B Wireless connections today >42% of global population owns smartphone by end of 2015 >50% User will go to tablet or smartphone.

Security in By: Abdulelah Algosaibi Supervised by: Prof. Michael Rothstein Summer II 2010: CS 6/79995 Operating System Security.

Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

Android Security Enforcement and Refinement. Android Applications --- Example Example of location-sensitive social networking application for mobile phones.

Security issues for mobile devices Cvetko Andreeski.

Barracuda Networks Steve Scheidegger Commercial Account Manager

Office 365: Efficient Cloud Solutions Wednesday March 12, 9AM Chaz Vossburg / Gabe Laushbaugh.

Windows Phone 8 device and app management Alan Meeus Sr. Technical Product Manager Windows Phone Division Microsoft Corporation WPH205.

Mobility Without Vulnerability: Secure and Enable Your Mobile Users, Apps, and Devices David Clapp – Intuitive.

Managing Client Access

Module 4 Managing Client Access. Module Overview Configuring the Client Access Server Role Configuring Client Access Services for Outlook Clients Configuring.

Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.

Howard A. Carter III Senior Consultant Microsoft Consulting Services

May 30 th – 31 st, 2006 Sheraton Ottawa. Microsoft Certificate Lifecycle Manager Saleem Kanji Technology Solutions Professional - Windows Server Microsoft.

Securing Legacy Software SoBeNet User group meeting 25/06/2004.

RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.

Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam

LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.

By Mihir Joshi Nikhil Dixit Limaye Pallavi Bhide Payal Godse.

1. Windows Vista Enterprise And Mid-Market User Scenarios 2. Customer Profiling And Segmentation Tools 3. Windows Vista Business Value And Infrastructure.

ANDROID Presented By Mastan Vali.SK. © artesis 2008 | 2 1. Introduction 2. Platform 3. Software development 4. Advantages Main topics.

1 22 August 2001 The Security Architecture of the M&M Mobile Agent Framework P. Marques, N. Santos, L. Silva, J. Silva CISUC, University of Coimbra, Portugal.

1 Thomas Lippert Senior Product Manager - Mobile What’s new in SMC 5.0.

20 21 Remote Wipe.

…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.

Mobilize employees, field workers, and business partners with layered security infrastructure for mobile apps, Fiori apps, content, and devices Andreas.

Enforcing Cyber security in Mobile Applications – Public Sector Use Case SAPHINA MCHOME, VIOLA RUKIZA TANZANIA REVENUE AUTHORITY INFORMATION AND COMMUNICATION.

ANDROID BY:-AANCHAL MEHTA MNW-880-2K11. Introduction to Android Open software platform for mobile development A complete stack – OS, Middleware, Applications.

Securely Synchronize and Share Enterprise Files across Desktops, Web, and Mobile with EasiShare on the Powerful Microsoft Azure Cloud Platform MICROSOFT.

WPH301. announcement Overview Roadmap for Business Risk Management (security model, application security, security management) Deploying Windows Phone.

Wireless and Mobile Security

09:45-10:30 – Windows Mobile Update 10:30-11:30 – System Center Mobile Device Manager :30-11:45 - Break 11:45-12:30 -Deploying SCMDM and Customer.

Easy-to-Use RedFlag System Delivers Notifications via Phone, , Text, Social Media, and More to Improve Effectiveness of Your Communications COMPANY.

Craig Pringle & Derek Moir

TCS Internal Security. 2 TCS Internal Objective Objective :  Android Platform Security Architecture.

©2015 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE. 1 Bomgar Privileged Access Management.

20 21 Remote Wipe.

Why EMS? What benefit does EMS provide O365 customers Manage Mobile Productivity Increase IT ProductivitySimplify app delivery and deployment LOB Apps.

By: Collin Molnar. Overview  Intro to Android  Security basics  Android architecture  Application isolation  Application permissions  Physical access.

DeepDroid Dynamically Enforcing Enterprise Policy Manwoong (Andy) Choi

Technical and organisational measures for protecting data and ensuring data security Simon Rice Group Manager (Technology) 29 May 2014.

#SummitNow Managing Mobile Content Wednesday 13 th November 2013 Mike Hatfield, Lead Engineer Mobile Apps, Alfresco Marc Dubresson, Dir. Mobile Product.

Tech and Construction Mobile Technology in the Field Allen Small, Distribution Director Austin Energy SWEDE 2015 Workshop.

Short Customer Presentation September The Company  Storgrid delivers a secure software platform for creating secure file sync and sharing solutions.

Total Enterprise Mobility Comprehensive Management and Security

Google Apps for your business.

Phase 4: Manage Deployment

Understanding Android Security

Deployment Planning Services

Power BI Security Best Practices

Understanding Android Security

Microsoft Data Insights Summit

IT Management, Simplified

Presentation transcript:

Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies

Session Contents Overview of Mobility and Mobile Security – Introduction to Mobility – Mobile Security Best Practices for Secure Software Development Android OS – Security Architecture and deployment – Android Attack Surfaces – Enterprise features, What can we leverage? Questions? © 2011 Endeavour Software Technologies 2

A Capability Communicate and Access On the Move Anytime From Anywhere Voice, Messages, Data Enterprise Mobility The ability of an enterprise to connect to people and control assets from any location. Technologies that support enterprise mobility include wireless networks, mobile applications, middleware, devices, and security and management software. Forrester Research Definition Mobility © 2011 Endeavour Software Technologies 3

What is happening in the Corporate World? © 2011 Endeavour Software Technologies 4

Mobile Security – Everywhere! Device Level Network Level Application Level © 2011 Endeavour Software Technologies 5

Mobile Security Considerations Mobility Infrastructure – Security is a key focus area. – Ensuring existing policies is implemented – Integration with existing tools, systems – Keep devices light, manageable Mobile Middleware Platform – Composite Applications Landscape and devices – Mobile Device Management – Mobile Data Synchronization – Phased approach for Common Services and Mobile Applications Mobile Applications Distribution – Enterprise distribution through OTA to specific devices Infrastructure Middleware Application © 2011 Endeavour Software Technologies 6

Application Security – Must Include User Authentication Data Security on Device Data in Transit Issue Device Management and Application Provisioning © 2011 Endeavour Software Technologies 7

Mobile Security Considerations Credentials IMEI/ 2FA OTP, User – Agent Quick Access Code, Token Access Files Key Storage Resources Storage Session Protocols Connection Points Transportation © 2011 Endeavour Software Technologies 8

Enterprise Mobile Security – Do’s © 2011 Endeavour Software Technologies 9

Enterprise Mobile Security – Best Practices 1.Protect the Brand Your Customers Trust 2.Know Your Business and Support it with Secure Solutions 3.Understand the Technology of the Software 4.Ensure Compliance to Governance, Regulations, and Privacy 5.Know the Basic Tenets of Software Security 6.Ensure the Protection of Sensitive Information 7.Design, Develop and Deploy Software with Secure Features © 2011 Endeavour Software Technologies 10

Android Security Architecture Permission Based Model Remote App Management Sandbox © 2011 Endeavour Software Technologies 11

Android Security – Permission based model Permission-based Model – Linux + Android’s Permission – Well defined at system level – Approved by user at install – High-level permissions restricted by Android runtime framework – For example, an application that needs to monitor incoming SMS messages would specify... © 2011 Endeavour Software Technologies 12

Android Security – Remote App Management Remote Install/removal – Google can remove or install apps remotely – Users can install apps remotely from online Android Market © 2011 Endeavour Software Technologies 13

Android Security - Sandbox © 2011 Endeavour Software Technologies 14

Android’s Attack Surfaces Isolated applications is like having multi-user system Single UI/ Device  Secure sharing of UI and IO Principal maps to code, not user (like browsers) Appeals to user for all security decisions Phishing style attach risks Linux, not Java, Sandbox. Native code not a barrier Any java App can execute shell, load JNI libraries, write and exec programs Reference – iSEC PARTNERS © 2011 Endeavour Software Technologies 15

Enterprise features (Froyo/ GingerBread) Remote wipe – Remotely reset the device to factory defaults Improved security – Addition of numeric pin, alphanumeric passwords to unlock the device Exchange calendars Auto-discovery Global Address List C2DM* – Cloud to device messaging *Still it is part of Google Code Labs © 2011 Endeavour Software Technologies 16

Enterprise features (Honeycomb) New device administration policies – Encrypted storage – Password expiration – Password history – Complex characters in password Configure HTTP proxy for each connected WiFi access point (AOS 3.1 only) Encrypted storage cards © 2011 Endeavour Software Technologies 17

Thanks! You! – For patiently listening to us! Silicon India team Endeavour’s Android TCG team Happy to receive feedback and questions at 18