PAGE 1 |

The enemy in your pocket

Securing smartphones in the enterprise

Vicente Diaz, Senior Security Analyst, GReAT

Gartner Symposium/ITxpo 2012, Barcelona

PAGE 2 |

BYOD will come regardless you have a policy or not

Human behavior has shifted, BYOD is a response to that

My CEO heard we can save money through BYOD

PAGE 3 |

1. The problem

1 2PAGE 4 |

BYOD reanalyzed

Where?

What devices?

1 2PAGE 5 |

What´s the problem?Problem 1: Infection

1 2PAGE 6 |

Can this happen?

1 2PAGE 7 |

What are we really afraid of?

1 2PAGE 8 |

Bad PR is worse than bad IT

1 2PAGE 9 |

What´s new then?

1 2PAGE 10 |

Are they vulnerable?

Highlights from 2012:

NFC Vulnerability by Charlie Miller

iPhone 4S and Samsung Galaxy S3 owned

1 2PAGE 11 |

Do you like chocolates?

1 2PAGE 12 |

Who else wants to spy on you?

1 2PAGE 13 |

FinSpy

1 2PAGE 14 |

ProtectionSure, I have swipe gesture password

1 2PAGE 15 |

1 2PAGE 16 |

BYOD ≠ Data Leak

1 2PAGE 17 |

2. Perspective

1 2PAGE 18 |

Perspective

1 2PAGE 19 |

Perspective

1 2PAGE 20 |

Perspective

1 2PAGE 21 |

Abusing Consumerization - Mobile devicesAre they dangerous?

It depends on what you do with it!

FacebookTwitterGmail

Corporate e-mailReading corporate documentsWriting confidential e-mails?

1 2PAGE 22 |

Where is the data?

1 2PAGE 23 |

Demo

1 2PAGE 24 |

Using the cloud

1 2PAGE 25 |

Some tools

1 2PAGE 26 |

3. What now?

1 2PAGE 27 |

Kim Stevenson

1 2PAGE 28 |

Reality for most companies is different

1 2PAGE 29 |

Reality for most companies is different

1 2PAGE 30 |

Conclusions

BYOD: Myth vs Reality

Policies are necessary, but they are not enough

Is the problem in the device or in educating users?

Who is responsible for the security of the device?

We all love chocolates!

PAGE 31 |

Thank You

Vicente Diaz, Senior Security Researcher, Global Research and Analysis Team

@trompi

vicente.diaz@kaspersky.com

Questions?