Marble’s mobile security management platform prevents sophisticated attacks on enterprise networks. By combining primary research from its labs with a real-time, big data engine, Marble learns and adapts to emerging threats before widespread attacks can be launched.
2. About Marble
“Most Important
Security Startups Of 2013”
• Mobile security risk management as a service
• Android, iOS, Windows & Mac
• Spun-off from IronKey in 2012
• 70+ enterprise customers
2
3. BYOD Presents Real Security Challenges
66%
63%
OF IT SAY BYOD POSES
‘MASSIVE’ RISK*
SAY THEIR MOBILE SECURITY
WON’T PASS AN AUDIT**
*Dell/Vanson Bourne global survey of 1,485 IT leaders
**Gartner, CIO Attitudes Toward Consummerization of Mobile Devices and Applications,” Gartner, May 2011
3
4. The Mobile Perimeter Is Under Attack
• Data loss
• Malware, trojans, zero-day attacks
• Compromised Wi-Fi hotspots
• Poisoned DNS
• Malicious, privacy-leaking apps
• Spear phishing
• Advanced persistent threats
4
5. Mobile Malware, Trojans, Zero-Day Attacks
700%
*McAfee Threats Report: Second Quarter 2012
INCREASE IN MOBILE
MALWARE 2011 TO 2012*
5
6. Network Attacks
• Wi-Fi hotspots are easily
hijacked at hotels, cafés, airports
• Criminals follow employees’
sessions into the enterprise
6
7. Advanced Persistent Threats
• APTs typically involve
compromises of users’
devices or credentials
• 45% of enterprises see
increase in spear phishing
attacks targeting employees
• Criminals know mobile
is a vector
• Uncontrolled environment
with new risks
7
8. The Solution: Mobile Perimeter Defense
• Defends against
ever-changing cyberthreats
• Detects and defends against
APTs on mobile devices
• Dynamically assesses risk
of users, devices, networks
• Controls access to cloud
and enterprise services
• Easily-managed,
simple to use
• Compatible with MDM
8
9. Marble Security Platform
MOBILE SECURITY MANAGEMENT (MSM)
Dynamic risk score & remediation
Secure messaging
App-scanning & reputation
Jailbreak jammer detection
Secure DNS &anti-phishing
Secure browser
Secure per-app VPN
Anti-Malware
Site black listing & white listing
Geo fencing & location policies
MOBILE APP MANAGEMENT (MAM)
App black list & white list
App push & removal
App catalog
MOBILE DEVICE MANAGEMENT (MDM)
Jailbroken & rooted detection
Corp email set-up & sync
Wi-Fi, camera, Bluetooth control
Encryption
Remote lock, wipe, selective wipe
Password set, strength, attempts
9
10. Marble Security Architecture
MARBLE ACCESS CLIENT
• Scans for and removes malware, malicious apps
• Profiles systems, detects rooted and jail broken devices
• Connects securely via VPN to the Marble Network
• Implements Marble Control Policy
• Secure Browsing
• Secure Messaging
Marble
VPN
DNS Blacklist
Providers
SSL/IPSEC VPN Tunnel
Secure
Browser
HTTP/
HTTPS
Secure
Messaging
App
Security
Marble
VPN
Node
DNS
Black
List
HTTP/
HTTPS
Public/Private
Network
MARBLE NETWORK
Marble Control
Policy
MARBLE CONTROL
• Secured, encrypted connections
• Thwarts attacks on Wi-Fi, cellular or wired networks
• Secure DNS service with real-time blacklists
• Protects against accessing phishing and malware sites
• Protects the privacy of communications and credentials
• Dynamic risk analysis of user, device, apps and network
• Correlates real-time, security feeds
• Managed security deployment over the Internet
• Sets and manages security policies with built-in MDM features
• Rich reporting and analytics for users, devices, apps and data downloads
10
11. Marble Access Client Architecture
App
Scanning
Device Risk
Assessment
Network Access
Control
Secure Containerization Layer
Authentication
and device
fingerprinting
Data Encryption
and Certificate
Management
Key Management
and Remote Wipe
Policy Enforcement
and Device
Management
11
12. MPD: Risk and Policy Architecture
Cloud Infrastructure Activity & Logs
Enterprise SIEM
Device Risk
Posture
Network
Risks
Behavioral
Risks
App
Risks
OS, Firmware
Geo-Location
Login/Idleness
Malware
Secure Storage
Network Segment
URL Access Behavior
User Data
Blacklists
Malware
Wi-Fi,
Blue Tooth, NFC
Mobile App Usage/
Install
Application
Vulnerabilities
VPN
Privacy Leaks
Blacklisted Apps
Compromised DNS
Risk Control Assessment
Remediation
Risk Scoring
Detection Engines
Risk Correlation Engine
12
15. Mobile Perimeter Defense Components
Marble Access Client App
• Download from Apple App Store or Google Play
• Or, push through your MDM
• Free lightweight Mobile Device Management, or use your own
Marble Network
• Risk-based access control
• Easy integration with public and private clouds
Marble Control
• Cloud service for managing mobile security
• No on-premise installation required
15