Jack Wilson Coretek Services [email protected]
The Benefits and Dangers of Modern Mobility, (subtitle : Far beyond the corporate Blackberry)
Enterprise Mobility Management Defined
• Enterprise mobility management (EMM) is the set of people, processes and technology
focused on managing mobile device, applications and data.
Why Enterprise Mobility Management?
Device and platform diversity
Multiple Use Cases/Multiple Needs
Enterprise-ready app availability
Data security concerns
End user privacy concerns
Generational changes
Workforce
Mobility
Flex-Work
BYOD
App Stores
Mobile
WorkstylesSecurity &
Compliance
Business
Continuity
Next Gen
Workplace
s
Customer State
• No Mobility Program
• ActiveSync out of Control
• DropBox Problem – Turn blind eye to file sync and share
• Shelf Ware
• What do I have?
• Mixed Bag
• Entrench Competitor
Mobility challenges
“73% of C-suite executives and
IT pros say that BYOD presents
the greatest security risk to
their enterprise.” Kensington 2014
“While employees want access to mobile
versions of corporate apps, 68% CIOs
say cost, complexity impede true
mobile gains in Enterprise.” CIO.com 2014
“Highest value [mobile] implementations are
among those that radically alter or supplant
existing processes, eliminate superfluous
business processes [and] dramatically
extend or invent new ‘information infused’
products or services.” Gartner 2014
Ensuring security
and compliance
Delivering to mobile users
“at-the-office experience”
Mobilizing legacy apps and
new business processes
Mobile Challenges
• Lost or stolen mobile devices
• Public wireless networks
• Confidential data stored in
public cloud e.g. DropBox
Security Risks Security Challenges
• Protecting company data on
BYO devices without intruding
upon employees’ privacy
• Enforcing consistent security
on different platforms
• Preventing users from adopting
less secure productivity apps
Challenges delivering at-the-office experience
• Consumer productivity apps aren’t as
feature rich as desktop equivalent
• Securing apps can create poor user
experience
Challenges delivering all apps users needs and mobilizing business processes
• Limited mobile expertise
• Multiple platforms
• Few security standards
• Frequent O.S. changes
• Limited budget
16%
22%
35%
42%
Rogue App Rogue Service Rogue Purchase Personal Equipment
Employees just want to be productive
“Which of the following activities, if any, have you done
in the past year in your job?”
Shadow ITBYOD
Forrester Research, Inc’s Business Technographics Workforce Employee Survey, Q4 2012
Mobile security breaches are – and will continue to be – the result
of misconfiguration and misuse (by the user) on an app level,
rather than the outcome of deeply technical attacks on mobile
devices
Dionisio Zumerle
Gartner, Principal Research Analyst, 2014
75% by 2017
App Security should be managed by IT
Source: Gartner Press Release, May 29, 2014: http://www.gartner.com/newsroom/id/2753017
5 of the Biggest Data Breach Settlements and HIPAA Fines
1. NewYork-Presbyterian Hospital and Columbia University (New York City)
•May 2014
•Deactivation of a network server resulted in the protected health information of more than 6,800 individuals being accessible online.
•$4.8 million HIPAA fine
2. Cignet Health (Temple Hills, Md.)
•February 2011
•Cignet violated patients' rights by denying them access to their medical records following requests to obtain them.
•$4.3 million HIPAA fine
3. Stanford Hospital & Clinics (California)
•March 2014
•Data from 20,000 patient records was found posted online.
•$4 million settlement
•4. AvMed (Gainesville, Fla.)
•March 2014
•More than 1 million patient records, including Social Security numbers, were compromised following the theft of two unencrypted laptops.
•$3 million settlement
5. CVS Pharmacy (Woonsocket, R.I.)
•January 2009
•CVS retail pharmacy chains disposed of protected health information in dumpsters.
•$2.25 million HIPAA fine
Enterprise Mobility Management Technology Components
Mobile device Management (MDM)
Mobile App Management (MAM)
Productivity Apps
Ne
two
rk S
ec
uri
ty G
ate
wa
y
Mobile Data/Content Management (MCM)
Deliverables
• The Big Three In Mobility
• Microsoft Intune / EMS• OneDrive / Azure
• Hyper V / Azure Remote App
• Citrix – XenMobile• ShareFile
• XenApp / Xen Desktop
• AirWatch by VMWare
• AirWatch Cloud
• VMWare Horizon View
Deliverables• Services
• Trusted Mobility Advisor
• Analyze Workflows and Use Cases
• Policy and Program Creation
• Implementation Services
• Installation
• Deployment
• Administrator Workshop
• POC Management
• Project Management
• End User Survey
• Training
• Administrator Training
• End User Training Materials
• Permanent Solution Advisor
Device Considerations
• Assess of what types of devices are
connecting
• Exclude devices that lack features you
require for compliance
• Platform / OS
• Ownership - BYOD vs. Business
• Commission / Decommission
User Considerations
• User type and role Employee, Contractor, Manager, Administrator
• Authentication / Access control Internal single auth, External dual auth
• Workplace mobility Home, office, multi site
• Ease of management Workflow, Automated account creation
Data and App Considerations
• App compliance
• Performance and reliability
• Which app on which device?
• Support (In-house apps vs. 3rd party apps)
• Encryption (Data in motion and Data at
rest)
• Data loss prevention
• Reporting and audit trails
General Considerations
22
• Passcode Enforcement
• Jailbreak Detection
• PKI Enforcement
• Pushing Applications
• WiFi and VPN Access control
• Selective or Full wipe
• Geo Location tracking
Project Success
NO ExceptionsJack Wilson
Senior Client Consultant
248.766.4869
Thank you / Questions
23