Presentation is loading. Please wait.

Presentation is loading. Please wait.

INFORMATION TECHNOLOGY FOR MINNESOTA GOVERNMENT Christopher P. Buse Assistant Commissioner and CISO State of Minnesota Mobile Device Management Assessing.

Published byFredrick Jemmott Modified over 9 years ago

Similar presentations

Presentation on theme: "INFORMATION TECHNOLOGY FOR MINNESOTA GOVERNMENT Christopher P. Buse Assistant Commissioner and CISO State of Minnesota Mobile Device Management Assessing."— Presentation transcript:

1 INFORMATION TECHNOLOGY FOR MINNESOTA GOVERNMENT Christopher P. Buse Assistant Commissioner and CISO State of Minnesota Mobile Device Management Assessing the Benefits and Risks

2 About Me  Developed IT audit function  First CISO  Now Assistant Commissioner and CISO, overseeing “leadership” services

3 Agenda Value Proposition Risks Minnesota’s Strategy Q&A

4 Value Proposition Understanding the Drive to Go Mobile

5 Key Business Drivers  Productivity: Need to access data anytime from anywhere  Dissatisfaction with “work only” devices  Fueled by consumerization of mobile devices  Portability: Business process and applications going mobile  Health professionals  Transportation workers  Location-based applications Mobile devices and applications allow workers to be more satisfied, productive, and effective

6 Lingering Questions  Can I support the litany vendor products?  How do I address the legal issues?  BYOD : government data  BYOD: remote wipe  Work hour provisions  How does mobility impact our security posture?  What will it cost?

7 Infrastructure Executive Council, Information Technology Practice © 2011 The Corporate Executive Board Company. All Rights Reserved. 7 Enterprise technology roadmaps reflect substantial, cross- industry investment in mobile applications and support for employees’ mobile devices. By end-2011, a majority IT organizations had introduced some mobile applications and support for mobile device video. By mid-2012, a majority of IT organizations anticipate that they will support a “bring your own” program for employees’ mobile devices. Investments in desktop and application virtualization may enable additional access and support for mobile platforms. The Mobile Enterprise is Coming A majority of IT organizations had introduced video for mobile devices and mobile enterprise applications by end-2011, in some cases enabled through virtualization By mid-2012, a majority of IT organizations anticipate supporting a “bring your own” program for mobile devices End-User Computing Roadmap, 2011-2014 For more in-depth information on the enterprise value, deployment risk and adoption timelines associated with emerging technologies, please check out the Infrastructure Executive Council’s Emerging Technology Roadmap.

8

9 Percentage of Employees Engaging in Risky Behaviors More Often than "Rarely"

10 Mobile Security Risks Pulling Back the Curtain

11 A Good News Story  Out of the box, mobile devices are more secure than PCs  Architected with security in mind  Not been the next security nightmare  But…..  The increased risk of loss must be addressed  The security model can be broken

12 Malware?  Not a significant issue  Dynamic code won’t run  Code can only come from application stores  Code is digitally signed  Applications run in a sandbox  Things to worry about  Rogue applications in the app stores  Apps installed from outside the app stores (Android specific issue)  “Jailbroken” phones

13 Lost or Stolen Devices  Biggest risk: Devices very susceptible to loss or theft  Without proper controls  Direct access to critical government business systems  Ability to harvest data housed on the device  Things to worry about  End users push for ease of use over controls  Example: No pins or screen timeouts

14 Remote Data Storage  Synchronizing data between devices and applications is an issue  No shared file system  Answer: Dropbox, Box, etc.  Things to worry about  Services have a history of security problems  Incomplete understanding of their security model  Click through contractual terms that are vendor centric

15 Caveats  Very few active exploits today in the mobile space  Why?  The mobile security model is solid  PCs and Macs are easy to hack  Predictions  PC and Mac security will continue to get better  Hackers will focus more attention on mobile devices  Cracks in the mobile security model will appear

16 Minnesota’s Strategy Staying in Front of the Curve

17 A Secure Foundation  Enterprise Security Portable Computing Device Standard (adopted June 2011)  Controls for both state and personally owned mobile devices  Key provisions  Authorize all devices  Pin and timeout requirements  Device encryption  Remote wipe  No jailbroken devices

18 Implementation of Security Controls  Requirements in standard enforced through technical controls  Goal: Devices that cannot comply cannot connect  Technical limitations  Controls applied at the “person” level  Exceptions for one device automatically create a low bar for others

19 Why MDM?  Project now underway  Offers additional security and management features  Key features  More granular security policies  Advanced tracking and management of devices  State app store  Data storage repository

20 Final Thoughts  Proliferation of mobile devices will continue  Risks can be appropriately managed  Laying out a comprehensive service strategy is vital Strategy Risks Value

21 Questions Chris.buse@state.mn.us @BuseTweet

Download ppt "INFORMATION TECHNOLOGY FOR MINNESOTA GOVERNMENT Christopher P. Buse Assistant Commissioner and CISO State of Minnesota Mobile Device Management Assessing."

Similar presentations

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 © 2010 Cisco and/or its affiliates. All rights reserved. 1 BYOD: Security, Policy.

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 © 2010 Cisco and/or its affiliates. All rights reserved. 1 BYOD: Security, Policy.
Www.numaracloud.com Mobile Device Management: Do You Know Whos Accessing Your Network? Umesh Shah, Dir. Channel Marketing.

Mobile Device Management: Do You Know Whos Accessing Your Network? Umesh Shah, Dir. Channel Marketing.
Bring Your Own Device (BYOD) Security By Josh Bennett & Travis Miller.

Bring Your Own Device (BYOD) Security By Josh Bennett & Travis Miller.
Securely connecting users and applications from anywhere to anywhere in todays global economy. www.arraynetworks.com 1-866-MY-ARRAY DesktopDirect Bring.

Securely connecting users and applications from anywhere to anywhere in todays global economy MY-ARRAY DesktopDirect Bring.
1 1 March 20, 2014 A SIMPLE APPROACH TO BYOD. WHAT THEY DONT WANT IS: Company monitoring of their personal activities or restriction of the apps they.

1 1 March 20, 2014 A SIMPLE APPROACH TO BYOD. WHAT THEY DONT WANT IS: Company monitoring of their personal activities or restriction of the apps they.
MOBILE DEVICES & THEIR IMPACT IN THE ENTERPRISE Michael Balik Assistant Director of Technology Perkiomen Valley School District.

MOBILE DEVICES & THEIR IMPACT IN THE ENTERPRISE Michael Balik Assistant Director of Technology Perkiomen Valley School District.
Which server is right for you? Get in Contact with us 021- 671 2170

Which server is right for you? Get in Contact with us
Building the case for Windows 8.1 Flexible Workstyle deployment Windows 8.1 Business Value Workshop Microsoft Consulting Services can help you build the.

Building the case for Windows 8.1 Flexible Workstyle deployment Windows 8.1 Business Value Workshop Microsoft Consulting Services can help you build the.
The IT Manager’s Nightmare... “Good morning, the board decided last night that we need to have iPads in order to do our work properly. Can you please.

The IT Manager’s Nightmare... “Good morning, the board decided last night that we need to have iPads in order to do our work properly. Can you please.
1 © Copyright 2013 EMC Corporation. All rights reserved. Online File Synchronization and Sharing for the Enterprise.

1 © Copyright 2013 EMC Corporation. All rights reserved. Online File Synchronization and Sharing for the Enterprise.
Enterprise Security A Framework For Tomorrow Christopher P. Buse, CPA, CISA, CISSP Chief Information Security Officer State of Minnesota.

Enterprise Security A Framework For Tomorrow Christopher P. Buse, CPA, CISA, CISSP Chief Information Security Officer State of Minnesota.
Improving Connections for the Mobile Worker Theron Dodson Ascendent Systems August 9.

Improving Connections for the Mobile Worker Theron Dodson Ascendent Systems August 9.
Top Questions Executives and Board Members Should be Asking About IT and Cloud Risks.

Top Questions Executives and Board Members Should be Asking About IT and Cloud Risks.
BYOD: RISKS, MATURITY, AND SOLUTIONS ADAM ELY

BYOD: RISKS, MATURITY, AND SOLUTIONS ADAM ELY
SAM for Mobile Device Management Presenter Name. of employees spend at least some portion of their time working outside their office. Mobility is the.

SAM for Mobile Device Management Presenter Name. of employees spend at least some portion of their time working outside their office. Mobility is the.
Introducing TakeCharge SyncedTool The most secure, agile hosted file-sharing platform for business.

Introducing TakeCharge SyncedTool The most secure, agile hosted file-sharing platform for business.
Managing BYOD Legal IT’s Next Great Challenge. Agenda  The BYOD Trend – benefits and risks  Best practices for managing mobile device usage  Overview.

Managing BYOD Legal IT’s Next Great Challenge. Agenda  The BYOD Trend – benefits and risks  Best practices for managing mobile device usage  Overview.
Office 365: Efficient Cloud Solutions Wednesday March 12, 9AM Chaz Vossburg / Gabe Laushbaugh.

Office 365: Efficient Cloud Solutions Wednesday March 12, 9AM Chaz Vossburg / Gabe Laushbaugh.
Solution Briefing Flexible Workstyle. Solution Briefing work-life blur more mobile tech savvy multiple devices digital generation fast paced Consumerization.

Solution Briefing Flexible Workstyle. Solution Briefing work-life blur more mobile tech savvy multiple devices digital generation fast paced Consumerization.
1 ZIXCORP The Criticality of Email Security Dena Bauckman Director Product Management April 2015.

1 ZIXCORP The Criticality of Security Dena Bauckman Director Product Management April 2015.

Similar presentations

Ads by Google