Download presentation
Presentation is loading. Please wait.
Published byAmy Caddy Modified over 10 years ago
1
©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Best Practices to Secure the Mobile Enterprise Macy Torrey mtorrey@checkpoint.com
2
2 2©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Early years solutions
3
3 3©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | … and then it became easier … and then it became easier Laptops brought freedom… Laptops brought freedom…
4
4 4©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Mobile Workforce Challenges Access from anywhere… While maintaining security
5
5 5©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Keep communication private The Security Challenges Protected device access (passcode, encryption, etc.) Allow access only to the needed information Allow access only to device owner
6
6 6©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Four Scenarios for Mobile Security Background | Challenges | Needs | Best Practices Check Point Solution Background | Challenges | Needs | Best Practices Check Point Solution BetMore Gaming Equipment Company Personal Mobile and portable devices YourRHired Human Resources Company Personal PCs and Contractors OnTheGo High Tech Company Many managed laptops Roadwarriors LotsToMake Manufacturing Company Managed laptops Little travel
7
7 7©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | OnTheGo High Tech Company OnTheGo Background –Large mobile workforce –Employees issued company owned laptops –Employees work from home, coffee shops and travel frequently –Users need to access corporate resources at any given time –Employees shares fair amount of sensitive data Challenges –Employees let their kids play with computers, a number of unauthorized apps are downloaded –IT must manage security policy on 10,000 laptops –Sensitive data has found its way into competitors hands lately Needs –Access to native applications (like SAP and a homegrown application) –Keep employees productive –Ensure only endpoints that comply with security policy are able to access corporate resources –Protect corporate data
8
8 8©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | OnTheGo High Tech Company OnTheGo Best Practices –Encrypt laptop in case of theft or loss during travel –Ensure any data leaving the laptop is encrypted –Control programs allowing only authorized apps to be run –Protect the laptop from malware –Firewall the road warriors –Protect from drive-by downloads –Use an always-on IPSec VPN solution for access to native applications
9
9 9©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Solution for OnTheGo Protect against drive-by-downloads, phishing sites and zero-day attacks Stop unwanted traffic, prevent malware and block targeted attacks Automatically and transparently secure all information on endpoint hard drives Centrally enforceable encryption of removable media and port control Protects your endpoint from unsecure, malicious and unwanted applications Provide secure, seamless access to corporate networks remotely
10
10 ©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | LotsToMake Hardware Manufacturing CompanyLotsToMake Background –Employees issued company owned laptops –Employees occasionally work from home and travel –Users need to access corporate resources sometimes –Has a firewall today but no remote access –Existing AV and File based Encryption solution Challenges –Travel and working from home occasional, but happens often enough to worry –Small IT group must manage security too Needs –Occasional access to native applications (Oracle) –Keep employees productive, no matter where they are –Protect corporate resources
11
11 ©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | LotsToMake Hardware Manufacturing CompanyLotsToMake Best Practices –Encrypt laptop in case of theft or loss during travel –Ensure any data leaving the laptop is encrypted –Control programs allowing only authorized apps to be run –Protect the laptop from malware –Firewall the road warriors –Protect from drive-by downloads –Use an always-on IPSec VPN solution for access to native applications –Continue using current Endpoint Protection Solution Even though occasionally mobile, security is still key
12
12 ©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Solution for LotsToMake Endpoint Security client: VPN, FDE, Compliance, Anti-Malware Managed VPN access from central Gateway Includes a Desktop Firewall
13
13 ©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | YouRHired Human Resources CompanyYouRHired Background –Employees use desktops at work and personal PCs or Macs at home –Some Contractors are used as sales force –Users occasionally need to access corporate resources from home –Have a Check Point Gateway Challenges –Employees complain that they need access to intranet and internal applications (Inventory Application) –Contractors need access to some web-based applications (SalesForce) –Company is cutting budget on IT spending Needs –Secure access to corporate data from unmanaged employee and contractor computers –Employees need access to network based, home-grown application –Protect corporate resources
14
14 ©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | YouRHired Human Resources CompanyYouRHired Best Practices –Allow Contractors secure access to web-based applications through browser-based secure encrypted connection –Allow Employees secure access to network-based applications with browser plug-in –Check compliance of any endpoint accessing your network or specific applications –Train and encourage secure home use of PCs
15
15 ©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Solution for YouRHired SSL VPN Web Portal Easy and secure access to critical resources Connect through a standard Web browser SSL VPN Web Portal Easy and secure access to critical resources Connect through a standard Web browser Shared files Web Portal for PC and Mac using SSL VPN Web apps Web mail On-demand, dissolvable SSL VPN agent for non- web-application access (SSL Network Extender) Endpoint Security On-demand Secure Workspace
16
16 ©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | BetMore Gaming Manufacturing CompanyBetMore Background –Large mobile workforce –Employees want access from their own personal mobile devices (iPhones, iPads, Android devices, etc.) –Users want to access corporate resources at any given time Challenges –Securing the enterprise being accessed by unmanaged devices –Difficult to manage unmanaged devices –Employees are concerned of losing personal freedom of their device Needs –Keep communication private –Verified access for employees only (2-factor authentication) –Allow access only to authorized applications
17
17 ©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | BetMore Gaming Manufacturing CompanyBetMore Best Practices –Allow corporate access only through encrypted communication –Create policy of Remote-Wipe if users device is lost or stolen –Choose a solution that increases productivity for employees, but easy to support –Easy for end user –Dont end up supporting user-owned devices –Minimize corporate intrusion on the employee owned device
18
18 ©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Solution for BetMore Certificate and username/password Pair device with its owner for a safer connection Two-factor authentication for safe connectivity
19
19 ©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | User and Device Access Control Personalized portal, based on identity Set up device security features Control data access by user and device settings Remote-wipe device upon loss
20
20 ©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Protect Your Internal Servers Shield your mail and web servers All Active Sync & Web traffic is secured by SSL VPN technology
21
21 ©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Simple for the End User Download App Enter your password Gain secure access to your data!
22
22 ©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Simple for the Administrator Enable Mobile Access Blade on your gateway Set access policies for users Generate and send an activation key to the users
23
23 ©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Mobile Client for Android Full VPN client (Layer 3 IPSec) Web application access via SSL VPN Strong authentication – two factor User/Pass and Certificate Device-to-user pairing Automatic certificate enrollment Easy access to application Concurrent users license
24
24 ©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | Remote Access Strategy Remote access solutions for a variety of endpoint scenarios
25
©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Thank You!
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.