Telenet for Business Mobile & Security? Brice Mees Security Services Operations Manager.

Slides:

Advertisements

Similar presentations

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.

Advertisements

Security for Mobile Devices

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.

Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.

Everything you want to know about managing mobile devices in the enterprise Ivan Hemmans hemmans.com From A to Z.

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.

SAM for Mobile Device Management Presenter Name. of employees spend at least some portion of their time working outside their office. Mobility is the.

MobileFirst Protect 1. MobileFirst Protect (MaaS360) 2 Mobile Device Management Enable and Manage Apple iOS smartphones, and tablets with Apple DEP Gain.

Managing BYOD Legal IT’s Next Great Challenge. Agenda  The BYOD Trend – benefits and risks  Best practices for managing mobile device usage  Overview.

Security Guidelines and Management

© Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.

OWASP Mobile Top 10 Why They Matter and What We Can Do

Mobile Policy. Overview Security Risks with Mobile Devices Guidelines for Managing the Security of Mobile Devices in the Enterprise Threats of Mobile.

©2012 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties Building Your Security Strategy with 3D.

PBA. Observations  Growth, projects, busy-ness –Doing an incredible amount of work  Great Quality of work  Concern about being perfect  Attitudes.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

Market Trends Enterprise Web Applications Cloud Computing SaaS Applications BYOD Data Compliance Regulations 30 Second Elevator Pitch Web browsers have.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Securing Information Systems

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

INTEROP 2014 Mobile Issues in the Network. Mobile Issues Data loss – Hardware theft or failure – Data corruption Data theft – Hardware theft – Spyware,

DISCOVER IT PEACE OF MIND Staying HIPAA-Compliant Revised: April 13, 2015.

Network Security Lecture 9 Presented by: Dr. Munam Ali Shah.

ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Geneva, Switzerland, September 2014 Considerations for implementing secure enterprise mobility Eileen Bridges Aetna GIS Director.

Mobile device management

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Enforcing Cyber security in Mobile Applications – Public Sector Use Case SAPHINA MCHOME, VIOLA RUKIZA TANZANIA REVENUE AUTHORITY INFORMATION AND COMMUNICATION.

Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?

Exchange Deployment Planning Services Exchange 2010 Complementary Products.

Deconstructing API Security

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

FND2851. Mobile First | Cloud First Sixty-one percent of workers mix personal and work tasks on their devices* >Seventy-five percent of network intrusions.

Employees use multiple devices Employees use both corporate and personal applications Data is stored in various locations Cybersecurity is a top concern.

Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.

James Lewis and Simon Waight Office 365 security: everywhere you need it to be PRD33 1.

Computer Security By Duncan Hall.

Mobile Security By Jenish Jariwala. What is Mobile Security?  Mobile Security is the protection of smartphones, tablets, laptops and other portable computing.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Cyber Security in the Mobile Era KEEPING ENTERPRISE DATA SAFE IN THE BYOD ERA.

NADAV PELEG HEAD OF MOBILE SECURITY The Mobile Threat: Consumer Devices Business Risks David Parkinson MOBILE SECURITY SPECIALIST, NER.

BYOD: An IT Security Perspective. What is BYOD? Bring your own device - refers to the policy of permitting employees to bring personally owned mobile.

Enterprise Mobility Suite: Simplify security, stay productive Protect data and empower workers Unsecured company data can cost millions in lost research,

Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.

Juniper Networks Mobile Security Solution Nosipho Masilela COSC 356.

CLOSE THE SECURITY GAP WITH IT SOLUTIONS FROM COMPUTACENTER AND CISCO AUGUST 2014.

Managed IT Services JND Consulting Group LLC

James F. Fox MENA Cyber Security Practice Lead Presenters Cyber Security in a Mobile and “Always-on” World Booz | Allen | Hamilton.

Complete Cloud Security Anyone, anywhere, any app, any device.

No boundaries with Unified Web Security Solutions Steven Vlastra Sr. Systems Engineer - Benelux.

The Fallacy Behind “There’s Nothing to Hide” Why End-to-End Encryption Is a Must in Today’s World.

Mobile Devices in the Corporate World

ActiveSync & DLP management in Exchange Online

The time to address enterprise mobility is now

Cybersecurity - What’s Next? June 2017

Canberra OWASP Chapter meeting

Microsoft Intune MAM without Device Enrollment

Check Point Connectra NGX R60

12 STEPS TO A GDPR AWARE NETWORK

How to Mitigate the Consequences What are the Countermeasures?

The MobileIron® Threat Detection difference:

In the attack index…what number is your Company?

IT Management, Simplified

Microsoft Virtual Academy

Presentation transcript:

Telenet for Business Mobile & Security? Brice Mees Security Services Operations Manager

Agenda  Mobile Trends  Where to start?  Risks and Threats  Risk mitigation  Conclusion

Agenda  Mobile Trends  Where to start?  Risks and Threats  Risk mitigation  Conclusion

The mobile era The PC/Web Era The Post-PC Era The Mobile-First Era

"Apps Storm" VS "Security"

Looks suspicious? Ready to accept unmanaged devices on your network?

BYOD Trend  Devices become cheaper and more powerful  The Generation “Y”  Company owned devices are sometimes old- fashioned  Will you allow personal devices on your network ?  What are the risks ?

Agenda  Mobile Trends  Where to start?  Risks and Threats  Risk mitigation  Conclusion

Understand Enterprise Objectives “If you don’t know where you are going, any road will get you there” – Lewis Caroll

Start from your requirements Your Business Your Management Information Technology

Create a Mobile Security Policy

Agenda  Mobile Trends  Where to start?  Risks and Threats  Risk mitigation  Conclusion

BYOD: Risks related to costs  Brand disrepute by uncontrolled use of services/devices  Increased variety and complexity  Device loss  Enabling infrastructure Source: ENISA

Physical Risks

Increased variety and complexity

There is an app for that...  To steal your data  To steal your money (premium SMS services)  To spy on you  To evade regular controls

Accept or Decline?

Apps are programs  Apps act like normal programs:  They may have bugs  They may be badly designed  They may be altered (backdoors) Output Input Processing

Apps are programs  Apps must be developed using best practices with more focus on mobile devices specs like small keyboard not ideal to input passwords  OWASP has a top-10 mobile risks (1) that must be reviewed (1)

Malicious Marketplace – Social Engineering

BYOD: Risks related to Legal and Regulatory  Governance & compliance controls of employee-owned devices  Difficult enforcement of controls due to constantly changing context  e-discovery limitation due to ownership & personal data Source: ENISA

Privacy risks

BYOD: Risks related to data  Device sharing can lead to unauthorized release of corporate info  Enterprise network access by unknown users & unmanaged devices  Application rich devices difficult to control  Devices as targets of attacks Source: ENISA

Risks related to data

OWASP Top 10 Mobile Risks 1. Weak Server Side Controls 2. Insecure Data Storage 3. Insufficient Transport Layer Protection 4. Unintended Data Leakage 5. Poor Authorization and Authentication 6. Broken Cryptography 7. Client Side Injection 8. Security Decisions Via Untrusted Inputs 9. Improper Session Handling 10. Lack of Binary Protections

Threats related to device

Agenda  Mobile Trends  Where to start?  Risks and Threats  Risk Mitigation  Conclusion

Risk Mitigation Governance Management Legal and HR Mana- gement Technical Management Device Management Application Management User & Data Management

General Policy and Organisation  Define appropriate usage (physical, data, application)  Create “Awareness”  Monitor, detect, report  Collaborate with HR/ Legal

MDM? “Mobile Device Management (MDM) software secures, monitors, manages and supports mobile devices deployed across mobile operators, service providers and enterprises.”

Mobile Device Management  Do you need MDM?  Microsoft Exchange includes ActiveSync for free  Security Vendors propose some tools to handle and manage Mobile devices

Mobile Device Management  Enforce policy compliance  Inventory Management  Software/ Application Management  Authentication  Encrypted data  Encrypted communication

Mobile Device Management  Remote wipe  Physical protection  Password enforcement  Audit and Reporting  Cost control (Geolocalization)  Access Control

Mobile Device Management Enterprise Appstore

Mobile Device Management  Data segmentation  Containerization  Privacy protection  Backup management  Data Loss Prevention

MDS? “Mobile Device Security(MDS) concentrates on the security of personal and business information stored on smartphones.”

Mobile Device Security  Focus on identity, data and availability protection using: URL Filtering Web Application Filtering Malware detection: Check Traffic, Apps & SMS Antivirus

Unity Makes Strength  Combine multiple technologies to efficiently protect mobile devices  Use solutions which are “open” (API, logs)  Think about “Lego” blocks  Telenet might help you to build your solution

Unity Makes Strength

Solutions delivered by Telenet

Conclusion  Combination of MDM & MDS is ideal solution to cover most of mobile security related aspects  Invite us to discuss your requirements and define together the best solution for your business

Let’s have a drink!