Protecting Data in a Mobile World Tackling Mobile Security with a Layered Defense

David Lingenfelter | dlingenfelter@fiberlink.com | www.maas360.com

Mobility Challenges Continue to Accelerate

60% of employees use personal devices

for work

iOS dominates in the enterprise, but Android

is catching up

By 2017, Half of employers will require BYOD

By 2017, 90% of organizations will support corporate applications on personal devices

Scale Mobile To Every Part of Your Business

SALES

SALES

FINANCE

MARKETING

SALES

FINANCE

MARKETING

FACILITIES

ENGINEERING

HR

R&D

ENTERPRISE & GLOBAL LOCATIONS

EXECUTIVES

WANT THE LATEST DEVICES & APPS

? PROBLEM SOLVED IN MINUTES OR HOURS

SINGLE DEPARTMENT & LOCATION

MULTIPLE DEPARTMENTS & LOCATIONS

ENTERPRISE & GLOBAL LOCATIONS ENABLED

MULTIPLE DEPARTMENTS & LOCATIONS ENABLED

SINGLE DEPARTMENT & LOCATION ENABLED

Easily start with one team

Deploy across your organization

So Many Use Cases To Enable and Secure

Many different use cases within a single company

Corporate Owned BYOD

Shared Devices Cart Devices

Kiosk Devices Data Leakage

Apps Blacklisting

URL filtering SharePoint/EFSS

Intranet Access

4

These Don’t Help…

5

Mobile Security Trend – Layered Security

6

Layered Security Approaches

7

Don’t forget to “Secure the Network”

Secure The Device

Dynamic security and compliance features continuously monitor devices and take action.

– Specify passcode policies – Enforce encryption settings – Detect and restrict jailbroken and

rooted devices – Remotely locate, lock and wipe

lost or stolen devices – Selectively wipe corporate data

leaving personal data intact

8

Location-based policies

Device Enrollment, Acceptable Use

OTA Configuration

Secure The Container - Mail An office productivity app with email, calendar and contacts

9

– Contains emails and attachments to

prevent data leakage – FIPS 140-2 compliant, AES-256 bit

encryption for data at rest – Restrict forwarding, moving, cut/paste

and screen captures – Conduct on-line and off-line

compliance checks prior accessing email

Secure The Container - Content A secure content container Providing ways to push and pull content with security controls and collaboration tools – Enforce user authentication – Allow users to edit and share attachments – Add, sync, and remove documents – Protect sensitive documents with DLP

controls – Integrates with SharePoint and other file

stores 10

Secure The App Operational and security management to protect against data leaks

11

– Enable user authentication – Prevent access from compromised

devices – Alert administrators of violations – Take automated actions – Restrict cut/copy/paste – Enforce file protection – Limit data backup to iTunes

Enhancing private and public app manageability and security through MaaS360 supplied (SDK or wrapping) code libraries and policies

Secure The Browser A fully-functional web browser to enable secure access to corporate intranet sites and enforce compliance of policies

12

– Allow access to corporate intranet sites and network without VPN (e.g. JIRA)

– Define URL filters and security policies based on categories

– Block known malicious websites – Enforce whitelist exceptions to some sites – Restrict cookies, downloads, copy, paste,

and print features to prevent data leaks – Disable native and 3rd party web

browsers

Remember – A Single Approach Will NOT Work…

13

IBM MaaS360 Delivers an Integrated Approach

14

Secure Content Collaboration

Secure Mobile Containers

Comprehensive Mobile Management

Seamless Enterprise Access

One Platform for All Your Mobile Assets

Embrace The New Normal

15

Mobile is becoming THE IT platform

Go beyond enabling these new devices Mobile utilization of corporate network/resources Separation of corporate & personal apps/data App management & security (and app dev assist) Identity, context and more sophisticated policy

OTA Configuration Security Policies Compliance Engine

IBM MaaS360 Platform Overview

Cloud Extender™ Identity Access Controls Discovery

App Tunnel Proxy Security

Intranet

Apps

SharePoint

Data

Exchange

AD/LDAP

Lotus

BES

Certs

Mobile Enterprise Gateway™

Secure Productivity Suite

Docs

Mail

Web

Apps

Workplace™

Ente

rpris

e

Inte

rnet

EMM Platform

APIs

Doc Sharing & Editing

Mail, Calendar, Contacts

Web & Intranet

App SDK/ Wrapping

APIs

Diverse Enterprise Customer Base Others Manufacturing Consumer Financial Healthcare Public

17

Why Customers Choose MaaS360

Easiest to Deploy and Scale Mobile Device, App, and Content Management & Security platform For organizations that are…

• Embracing multi-OS environments (iOS, Android, Windows Phone) • Allowing Bring-Your-Own-Device (BYOD) programs • Developing and deploying mobile apps (public and private) • Enabling corporate content on mobile devices securely (push and pull) • AND MORE….

18

What’s to Come?

We shall be able to communicate with one another instantly,

irrespective of distance. Not only this, but through television and telephony we shall see and hear one another as perfectly as though we were face to face, despite intervening distances of thousands of miles; and the instruments through which we shall be able to do this will be amazingly simple compared with our present telephone. A

man will be able to carry one in his vest pocket.

- Nikola Tesla

19

“

”

Thank You!

David Lingenfelter Email: dlingenfelter@fiberlink.com

Twitter: @simply_security

20