Upload
others
View
13
Download
0
Embed Size (px)
Citation preview
Security of Mobile
Platforms, BYOD and
MDM for the Solution
of their Administration
November 22nd 2012, Marek Deml
Security of Mobile
Platforms
3 © 2012 Deloitte Česká republika
Situation Worldwide
Source: IDC Worldwide Mobile Phone Tracker, August 8, 2012
68,10%
16,90%
4,80%
3,50% 6,90%
Google Android
Apple iOS
RIM Black Berry
Microsoft Windows Phone /Windows Mobile
Others
4 © 2012 Deloitte Česká republika
Android
5 © 2012 Deloitte Česká republika
72%
6 © 2012 Deloitte Česká republika
Source: developer.android.com, October 2012
0,10% 0,40% 3,40%
12,90%
55,80%
1,90%
23,70%
1,80%
1.5 Cupcake
1.6 Donut
2.1 Eclair
2.2 Froyo
2.3 Gingerbread
3.1 Honeycomb
4.0 Ice Cream Sandwich
4.1 Jelly Bean
7 © 2012 Deloitte Česká republika
Security
• Authentication
• Application
• Encryption
• Enterprise functions
• “Root” of the device
8 © 2012 Deloitte Česká republika
iOS
9 © 2012 Deloitte Česká republika
20%
10 © 2012 Deloitte Česká republika
Source: chtika.com, October 2012
9%
4%
25%
61%
1%
iOS 4
iOS 5.0
iOS 5.1
iOS 6
Other iOS
11 © 2012 Deloitte Česká republika
Security
• Authentication
• Application
• Encryption
• Enterprise functions
• “Jailbreak” of the
device
12 © 2012 Deloitte Česká republika
BlackBerry
13 © 2012 Deloitte Česká republika
Security
• Authentication
• Application
• Encryption
• Enterprise functions
14 © 2012 Deloitte Česká republika
Windows Phone
15 © 2012 Deloitte Česká republika
Security
• Authentication
• Application
• Encryption
• Enterprise functions
16 © 2012 Deloitte Česká republika
Ranking of platforms
BlackBerry
iOS
Android
Windows Phone
iOS
BlackBerry
Android
Windows Phone
Security Security + “cool” factor
17 © 2012 Deloitte Česká republika
•Look
ahead
18 © 2012 Deloitte Česká republika
81% of university
students believe that
they will have the
opportunity to choose
the devices for work.
Permanently-connected Students… Source: Cisco 2011 Annual
Security Report & Cisco Connected
World Technology Report
… are not thrilled by working
for someone who bans them
from access to social networks
at work.
… do not want to work only in
the office, as they believe that
they are more productive when
they work outside the office.
… prefer having an internet connection to a
car.
... are not very interested in
protecting their passwords.
…check Facebook at least once
a day.
… let other people use their
notebook, mobile phone or iPad.
…want to bring their own devices
to the office.
19 © 2012 Deloitte Česká republika
Trends in Mobile Equipment
• Employees work at different places and require mobile support
• Requirement for the support of personal devices (Bring Your Own Device
- BYOD)
• Pressure on the development of mobile applications and acceptance of
“socially connected” applications
• Use of applications without knowledge of the risks that they bring
• Unsecured applications
• Increase in productivity and decrease in costs
• All Nippon Airways – 6000 iPads, 400 million yen (EUR 3.89 million) of
savings per year
• The Senate of the Dutch Parliament has replaced printed parliamentary
documents with iPads
The management and security of mobile equipment is a significant challenge.
20 © 2012 Deloitte Česká republika
BYOD (Bring Your Own Device)
• Zaměstnanci chtějí stále častěji používat svá oblíbená mobilní zařízení
Firms should bring
the anticipations of
users, IT capabilities
and security policy
into line. A failure to
act may increase the
security risk, as
uncontrolled mobile
devices will continue
to connect to the
firm’s network.
BYOD does not mean that the user does what he wants!
Average number of results: 7,600,000 (0.17 s)
21 © 2012 Deloitte Česká republika
BYOD
Reasons for BYOD
• User perspective
• To have one device rather than two
• Fully own the decision-making process in
selecting personal devices/ have the most-
recent version of the device
• The local store offers a better selection than
the IT department
• Company perspective
• Increased productivity of employees, they
perceive BYOD as a benefit
• Potential of decreasing costs of hardware,
monthly services, provision and ongoing
support
• IT department perspective
• Potential of lower burden for IT employees:
they do not provide support for HW
equipment does not apply for VIP users
Problems of BYOD
• Security
• Confidentiality, integrity and availability of
corporate data
• Responsibility for personal data (deletion,
central storage)
• Defining and enforcing of the security level
• Fragmented applications
• Impact of an environment with
heterogeneous equipment on the
development of applications and
requirements for support
• Support
• Certification, provision and management of
devices
• Costs
• Potential loss of corporate bulk discounts due
to personal purchases
• Additional cost for management of
heterogeneous BYOD devices, eg MDM
22 © 2012 Deloitte Česká republika
BYOD Pitfalls and their Solutions
• BYOD involves the following pitfalls:
• Compliance with the legislation, compliance with the Labour Code, data privacy and
protection
• Data privacy and protection, Data ownership and restoration
• Monitoring of employees
• Intellectual property protection
• However, the most significant problem is the security level!
• Guideline for BYOD is a condition
• Increases the knowledge of security and privacy protection
• Ensures the enforceability of rules through (employment) contracts
• Ensures legal risks and responsibilities
How do you achieve that?
23 © 2012 Deloitte Česká republika
Technical Setting of BYOD
• Encryption
• Security of access to data
• Security of the process of data mining from the system
• Rules for the data deletion
• Access without the prior permission and approval can be classified as
‘hacking’
• Reflection of privacy in work procedures
• Introduction of monitoring (system, compliance with the rules, etc)
24 © 2012 Deloitte Česká republika
• Simple connection to the corporate network, setting of the mobile office
• Security of access to the corporate network
• Enforcement of a password, its strength, etc
• Protection against viruses and other harmful codes
• Remote deletion in the event of a loss, only deletion of corporate data in
BYOD
• Monitoring of data synchronisation on the server
• Distribution, update of SW and applications
Who owns the strategy and administration and management
model of mobile equipment?
MDM - Mobile Device Management
25 © 2012 Deloitte Česká republika
MDM Mobile Device Management
• Mobile device management provides support
for the entire lifecycle of mobile devices,
mobile applications and the related data
warehouses, and assists in:
• Due securing of applications, patches, security agents,
etc;
• Ensuring that the data are automatically backed up and
always protected (in static situations and in transfer);
• Ensuring that devices are correctly configured and
protected against threats; and
• Ensuring that IT may remotely fix problems, delete data
and remove the device from operations
• This requires systems, defined processes and
qualified sources in several areas
Source: Gartner Magic Quadrant for MDM solution
May 2012
Úplnost vize
Schopnost re
aliz
ace
Subjekty reagující na výzvy Vedoucí subjekty
Hráči v oblasti mezery na trhu Vizionáři
26 © 2012 Deloitte Česká republika
MDM Mobile Device Management
• Comparison of the critical properties of MDM solutions and the total result
Source: Gartner Critical Capabilities
for Mobile Device Management
July 2011
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK
private company limited by guarantee, and its network of member firms, each
of which is a legally separate and independent entity. Please see
www.deloitte.com/cz/about for a detailed description of the legal structure of
Deloitte Touche Tohmatsu Limited and its member firms.
© 2012 Deloitte Czech Republic