The document is an agenda for the Cyber Defense Initiative Conference 2011 being held from March 20-21, 2012 in Bangkok, Thailand. The conference theme is "Is Your Privacy at Risk? Security and Privacy Challenges in the Digital Modernity." The agenda includes discussions on mobile challenges for enterprises, what to look for in mobile device management (MDM) solutions, advanced threats over networks, and advanced network analysis tools. It also provides questions to consider when evaluating MDM solutions and discusses the need for intelligence-driven security and best-of-breed solutions to address evolving cyber threats.
1. www.cdicconfere n ce. c om
Cyber Defense Initiative Conference 2011
20 th – 21 st March 2012, Grand Hall, BITEC, Bangna, Bangkok
“Is Your Privacy at Risk? Security and Privacy Challenges in the Digital Modernity”
รับมือภัยยุคใหม่ดวย
้
MDM และ Deep Network Traffic Analysis
อ.ไชยกร อภิวฒโนกุล
ั
CISSP, CSSLP, GCFA, (IRCA:ISMS)
Chief Executive Officer, S-Generation Co., Ltd.
Committee, Thailand Information Security Association (TISA)
2. Name: Chaiyakorn Apiwathanokul
ไชยกร อภิวัฒโนกุล
Title: Chief Executive Officer
Company: S-GENERATION Company Limited
Asia Forensic Hub Company Limited
Certificates: CISSP, CSSLP, IRCA:ISMS (ISO27001), SANS:GCFA
• CSO ASEAN Award 2010 by Ministry of Information and Communications and Ministry of Public Security, Vietnam
• 2010 Asia-Pacific Information Security Leadership Achievements (ISLA) by (ISC)2, Honoree in the Senior
Information Security Professional category
• Security Sub-commission under Thailand Electronic Transaction Commission (ET Act B.E. 2544)
• Contribute to Thailand Cyber Crime Act B.E.2550
• Workgroup for CA service standard development
• Committee of national standard adoption of ISO27001/ISO27002
• Committee of Thailand Information Security Association (TISA)
• Committee of Cybersecurity workforce development, Division of Skill Development, Ministry of Labour
chaiyakorna@hotmail.com
• Advisor to Department of Special Investigation (DSI)
• Advisor to Ministry of Defense, Cyber Operation Center
1997 1999 2000 2004 2006 2011
4. Agenda
Mobile challenges for enterprises
What to look for in MDM solution
Advanced threats over the network
Advanced tool for advanced analysis
4
5. www.cdicconfere n ce. c om
Cyber Defense Initiative Conference 2011
20 th – 21 st March 2012, Grand Hall, BITEC, Bangna, Bangkok
“Is Your Privacy at Risk? Security and Privacy Challenges in the Digital Modernity”
5
6. Simple Questions
Do you LOCK your mobile device?
Do you have Anti-malware installed?
How many Apps in you device?
Are them all Trustworthy?
Have you ROOTED/Jail-broken your device?
6
7. The 'lost' cell phone project
What would you do if you
found a smartphone?
Symantec researchers intentionally
drop 50 smartphones in 5 cities
Some traps and tracking apps were
installed to observe the behavior of
the phone finders
Contact, banks info, HR files, saved
password
http://digitallife.today.msnbc.msn.com/_news/2012/03/08/10595092-exclusive-the-lost-cell-phone-project-and-the-dark-things-it-says-about-us
8. This map shows where one finder moved the phone; a chart on
the right shows what apps and files were accessed.
9. Findings
43% of finders clicked on an app labeled
"online banking.“
53% clicked on a filed named "HR salaries."
57% opened a file named "saved passwords”
60% checked on social networking tools and
personal e-mail
72% tried on folder labeled "private photos”
10. Findings
89% of finders clicked on something they probably
shouldn't have.
Only 50% of finders offered to return the gadgets
30% of finders in NY return the gadgets
70% of finders in Ottawa return the gadgets
The person who returned the phone also tamper to
personal information
11. Studies show
50% of smartphone users do not have
password-protect their phones
“Convenience” supersedes “Security”
100% of those who lost their phones never
thought they would
After 1 phone lost, behavior changes
12. The Common Fails!
Lost Free WiFi lovers
Stolen Lots of apps
Left unattended (trusted/untrusted)
No passcode Location service
protected Just click
Full time WiFi on and
with “Auto connect”
13. Common Mobile Spyware Features
Call Log Cell ID Locations
Each incoming and outgoing number is logged ID information on all cell towers that the
along with duration and time stamp. device enters into range of is recorded.
SMS (Text Messages) Log E-Mail Log
Every text message is logged even if the phone's All inbound & outbound email activity from the
logs are deleted. Includes full text. primary email account is recorded.
GPS Locations Log Calendar Events
GPS postions are uploaded every thirty minutes Every calendar event is logged. Date, time,
with a link to a map. and locations are recorded.
Contacts URL (Website) Log
Every contact on the phone is logged. New All URL website addresses visited using the
contacts added are also recorded. phone's browser are logged.
Tasks Photo & Video Log
All personal tasks that are created are logged All photos & videos taken by the phone are
and viewable. recorded & are viewable.
Memos
Every memo input into the phone is logged and
viewable.
19. Where is your business data?
76% of smartphone and tablet users access
business information on their mobile devices.
Source: globalthreatcenter.com
Where to draw the line?
Corporate
Data/App
Personal Devices
24. Solution
Administrative Control
– Corporate policy
– Standard/Guideline
– Process/Procedure
Physical Control
–Tools
Logical Control
–Tools ISACA, BMIS (Business Model for Information Security
25. ISO27001 Compliance
Requirement
A.7 Asset management
A.7.2 Information classification
A.9 Physical and environmental security
A.9.2 Equipment security
A.9.2.5 Security of equipment off-premises
A.9.2.6 Secure disposal or re-use of equipment
A.11 Access control
A.11.7 Mobile computing and teleworking
A.11.7.1 Mobile computing and communications
A.11.7.2 Teleworking
26. Tool to use for controlling mobile devices
in enterprise
MDM
Mobile Device Management
26
27. www.cdicconfere n ce. c om
Cyber Defense Initiative Conference 2011
20 th – 21 st March 2012, Grand Hall, BITEC, Bangna, Bangkok
“Is Your Privacy at Risk? Security and Privacy Challenges in the Digital Modernity”
27
34. 10 Questions to ask
1. Does your solution feature end-to-end security across
mobile devices, apps, the network, and data?
2. Beyond setting security policies, does your solution give
me the option to set dynamic, context-aware policies?
3. Beyond application security and access policies, does
your MDM solution let me grant granular access to
mobile apps on an app-by-app basis, and can I
segregate my critical business apps from non-compliant
or potentially malicious apps?
34
35. 10 Questions to ask
4. Can your solution monitor and profile mobile network
traffic and user behavior, and can we integrate it with
our Security Information and Event Management
(SIEM) solution?
5. If we use your MDM solution, can our IT department
support employee devices remotely?
6. Is your solution architected for security, and will my
data reside behind my firewall?
35
36. 10 Questions to ask
7. Can your solution scale to support multiple locations
and all of my employees? Tell me about your largest
deployment (size, hardware required to support), and
how many large production deployments do you have,
and how long have you had them?
8. Is your solution highly available at all tiers: web, app,
data, and, in the case of cloud, at the data center? Do
you back that up with a 100% uptime service level
agreement for cloud?
9. Does your solution feature flexible deployment options?
36
37. 10 Questions to ask
10. Does your solution feature Mobile Data Leakage
Prevention, or prevent leakage of my sensitive business
data via mobile devices?
37
38. www.cdicconfere n ce. c om
Cyber Defense Initiative Conference 2011
20 th – 21 st March 2012, Grand Hall, BITEC, Bangna, Bangkok
“Is Your Privacy at Risk? Security and Privacy Challenges in the Digital Modernity”
39
41. www.cdicconfere n ce. c om
Cyber Defense Initiative Conference 2011
20 th – 21 st March 2012, Grand Hall, BITEC, Bangna, Bangkok
“Is Your Privacy at Risk? Security and Privacy Challenges in the Digital Modernity”
42
45. Key Questions
Key challenge of network security today?
Network awareness?
Building perimeter around data?
Intelligent-driven security?
Network intelligence into business intelligence?
How to analyze encrypted/obfuscated traffic?
46
46. Conclusion
The war continues
The bad guys are still out there
Technology changes, strategy changes
If you are out of the speed, you will lose
47