SlideShare una empresa de Scribd logo

Securing mobile devices in the business environment

IBM Software India
IBM Software India
Tecnología
1 de 12
Descargar para leer sin conexión
IBM Global Technology Services Thought Leadership White Paper October 2011 Securing mobile devices in the business environment By I-Lung Kao, Global Strategist, IBM Security Services
2 Securing mobile devices in the business environment As the world becomes more interconnected, integrated and intelligent, mobile devices are playing an ever-increasing role in changing the way people live, work and communicate. But it is not just happening in personal life: Smartphones and tablets are also being rapidly adopted by enterprises as new work tools, joining existing laptops and desktops. The use of mobile devices for business has experienced an explosive growth in the past few years and will only accelerate in the near future. And while the BlackBerry® has been the de facto mobile device for business for many years, the availability of other smartphones and tablets with broader consumer appeal, such as iPhone® and Android™ devices, is fundamentally changing the game. Employees are now bringing their own mobile devices to the workplace and asking companies to support them. These new devices offer improved hardware performance, a more robust platform feature set and increased communication bandwidth, expanding their capabilities beyond voice and email. As a result, however, this increased access to enterprise systems can also bring an increased security risk to the organization. This paper explores how companies can more safely introduce employee- or corporate-owned mobile devices into the work- place, identify the risks inherent in their broader access to corpo- rate data, and derive enhanced business value. Mobility brings both advantages and risks to the enterprise As employees bring mobile devices into the workplace, many organizations are motivated to encourage their use for business purposes, because they tend to drive: ● Increased employee productivity—Mobile devices can give employees access to corporate resources and enable continu- ous collaboration with colleagues or business partners. ● Improved client services—Sales or support employees who regularly interface with customers may respond more effi- ciently, directly increasing customer satisfaction. ● Reduced IT cost—By allowing employees to use, and often pay for, their own mobile devices and wireless services, compa- nies potentially save IT spending on device purchases as well as management and communication services. There are some cautions, however. Companies need to fully rec- ognize that when employees connect mobile devices to the enterprise and merge both business and personal data, those mobile devices must be treated just like any other IT equipment, with appropriate security controls. If security is not addressed at the outset, these mobile devices may become a point of security weakness that threatens to disclose business information or become a new channel to introduce security threats to the com- pany’s IT infrastructure and business resources. Many IT depart- ments are finding significant challenges in securing mobile devices, for a variety of reasons: ● A range of mobile device platforms, such as BlackBerry, Symbian®, IOS®, Android and Windows Mobile, needs to be supported, and each platform brings with it a unique security model. Other than the BlackBerry platform, most started as consumer platforms and lack enterprise-strength security controls. ● Business and personal data now coexist on the same device. Finding a balance between strict security control and privacy of personal data, particularly when the device is no longer a corporate-issued asset, can be challenging. ● Unauthorized or non-business oriented applications have the potential to spread malware that affects the integrity of the device and the business data residing upon it. ● Mobile devices are prone to loss and theft, due to their small- size and high-portability. Whenever a device is lost, corporate data is at risk both on the mobile device and within the corpo- rate network.
3IBM Global Technology Services ● Many mobile devices are always on and connected, so vulnera- bility to malicious attacks increases through different commu- nication channels. ● Mobile technology is advancing quickly and becoming increas- ingly complex. Many companies do not have enough resources or skills in house to fully embrace mobile technology in the workplace. Security threats to mobile devices The security of mobile devices has become a top concern for many IT executives. Hackers are discovering the benefits of compromising both business and personal data contained within mobile devices. Because many mobile platforms are not natively designed to provide comprehensive security, hackers have a strong incentive to develop new techniques or create mobile- centric malware specifically for these devices. In a recent IBM X-Force® security research report, mobile operating sys- tem vulnerabilities have increased significantly (see Figure 1) and exploits of vulnerabilities are also on the rise (see Figure 2).1 Figure 1: Total mobile operating system vulnerabilities. 200 180 160 140 120 100 2006 2007 2008 2009 2010 2011 80 60 40 20 0 Total mobile operating system vulnerabilitiees 2006-2011 (Projected) Mobile OS vulnerabilites 40 35 30 25 2006 2007 2008 2009 2010 2011 20 15 10 5 0 Mobile operating system exploits 2006-2011 (Projected) Mobile OS exploits Figure 2: Mobile operating system exploits. The latest smartphones are designed to provide broad Internet and network connectivity through varying channels, such as 3G or 4G, Wi-Fi, Bluetooth or a wired connection to a PC. Security threats may occur in different places along these varying paths where data can be transmitted (see Figure 3). When a device downloads a new mobile application from any online application store, the software may contain malware that can steal or dam- age data on the device and, in some cases, even disable the mobile device itself. Most mobile devices now have Internet connections, so common web-based threats that have attacked laptops or desktops may also apply to mobile devices. A device connected through Wi-Fi or Bluetooth is at greater risk because the Wi-Fi source or the other Bluetooth-enabled device may have been compromised and can play a role in a “man-in-the-middle” attack (when a hacker configures a laptop, server or mobile device to listen in on or modify legitimate communications) or other attack type.
4 Securing mobile devices in the business environment Figure 3: Flow of data transmission. Because of the variety of communication mechanisms available and increasing use of business applications on mobile devices, the security threats to mobile devices have evolved to all the threats applicable to desktops or laptops, plus new threats that are truly unique to mobile devices. Therefore, mobile devices need to be protected with an even broader set of security tech- niques than those employed for traditional desktop or laptop operating environments. No matter what the threats are, the targets that hackers try to access and exploit typically consist of one or several of the following: ● Credentials to access business or personal accounts ● Confidential business or personal information ● Phone or data communication services ● The mobile device itself Mobile device Telco service provider Wi-Fi device Internet Mobile device Corporate VPN Gateway App store Web site Corporate intranet (Bluetooth enabled) Mobile device A threat can occur
5IBM Global Technology Services The most frequently seen mobile device security threats are: ● Loss and theft ● Malware ● Spam ● Phishing ● Bluetooth and Wi-Fi Loss and theft Small size and high portability make loss and theft top security concerns when a mobile device is used in the workplace. According to a mobile threat study by Juniper Networks, 1 in 20 mobile devices was stolen or lost in 2010.2 When devices are lost or stolen, all of the data stored on or accessible from the mobile device may be compromised if access to the device or the data is not effectively controlled. While not foolproof, some techniques can help reduce the risk of data compromise, such as using a complex password to access the device or critical data, remotely locating the device on a map using global positioning services (GPS), remotely locking the device to render it useless, or remotely wiping data on the device. Some mobile platforms natively provide these tech- niques, and in the event they do not, basic platform capabilities can often be augmented by functionality available in third party mobile device management or mobile security solutions. Malware Mobile device malware—viruses, worms, Trojans, spyware—has been on the rise over the past few years because most mobile platforms do not yet have native mechanisms to detect malware. Virtually no mobile platform available today is immune to malware. Although more established mobile platforms such as Symbian and Windows Mobile have been a proving ground for malware developers in the past few years, the Google Android platform is leading in new malware development, primarily due to its popularity and open software distribution model. The mobile threat research report from Juniper Networks also states that malware on Android grew 400 percent from June 2010 to January 2011.3 Malware can cause a loss of personal or confidential data, additional service charges (for example, some malware can send premium Short Message Service (SMS) text messages or make phone calls in the background) and, even worse, make the device unusable. Although quickly removed, numerous malicious appli- cations recently found their way onto the Android marketplace. Some of these were legitimate applications that had been repack- aged with a Trojan designed to gain root access or additional privileges to users’ devices. Unsuspecting users may have had malicious code or additional malware installed in that single download from the applications store. Malware can then spread quickly through a wired or wireless connection to another device or a company’s intranet. Companies can significantly reduce the malware risk by adopting a similar approach to be used for both mobile devices as well as the desktop and laptop environment. In addition to advising employees to only download and install trusted applications and take appropriate actions when suspicious applications are identi- fied, a company should run antimalware software on each employee’s device to detect malware in real-time and scan the entire device periodically.
6 Securing mobile devices in the business environment Spam With the growth of text messaging, spam—unsolicited commu- nication sent to a mobile device from a known or unknown phone number—is also on the rise. Spam is not only a big con- cern for mobile service providers because it wastes a significant amount of bandwidth, but it is also a growing security issue for mobile device users. According to the recent Global System for Mobile Communications Association (GSMA) pilot of the GSMA Spam Reporting Service (SRS), the majority of spam attacks are for financial gain, with 70 percent of reports of spam being for fraudulent financial services rather than the traditional advertising scenarios found in email spam.4 We feel that the most effective method to thwart spam is to define a blacklist to block spam messages either by using the functions of an antispam solution or by turning on the antispam feature on the device if it is available. Phishing “Phishing” is an email or an SMS text message (dubbed, “SMiShing”) sent to trick a user into accessing a fake website, sending a text message or making a phone call to reveal personal information (such as a Social Security number in the United States) or credentials that would allow the hacker access to finan- cial or business accounts. Phishing through mobile browsers is more likely to succeed because the small screen size of mobile devices does not allow for some protection features used on the PC, like web address bars or green warning lights. The most effective antiphishing approach helps a user recognize a fraudulent website when it is presented. Some financial institu- tions have deployed “site authentication” to confirm to users that they are communicating with a genuine website before they enter account credentials from either a web browser or a mobile application. Two-factor authentication is also useful to thwart phishing: First, a user enters a static password, then a second authentication factor, such as a one-time password or a device fingerprint, is dynamically generated to further authenti- cate the user. So even if a user’s static password is stolen by a hacker using a phishing technique, the hacker cannot login to the genuine site without the user’s second authentication factor. Bluetooth and Wi-Fi Bluetooth and Wi-Fi effectively increase the connectivity of mobile devices within a certain range, but they can be easily exploited to infect a mobile device with malware or compromise transmitted data. A mobile device may be lured to accept a Bluetooth connection request from a malicious device. In a “man-in-the-middle” attack, when mobile devices connect, the hacker can intercept and compromise all data sent to or from the connected devices. Setting the device’s Bluetooth to an undiscoverable mode and turning off the device’s automatic Wi-Fi connection capability, especially in public areas, can help reduce risks. To completely block incoming connection requests from unknown devices, a local firewall should be installed and run on the mobile device— another traditional security practice that can be extended to the mobile environment. Establishing a mobile security strategy Creating a stringent strategy that defines guidelines and policies helps lay the foundation for a more security-rich mobile envi- ronment. This strategy should focus on several key areas: Data and resources accessible from mobile devices, platform support, management methodology and best practices.
7IBM Global Technology Services Initially, your organization should identify which business data it will allow to be stored and processed on which mobile devices. This helps determine what needs to be protected and to what degree. Many enterprises only permit employee email, contact and calendar information. Others allow access, through a browser or native mobile application, to other business-critical applications such as enterprise resource systems (ERP) or cus- tomer relationship management (CRM). Different degrees of access from mobile devices require varying levels of security con- trols. However, it should be noted when business data flows from a more strictly controlled location (for example, a database or a file server) to a less protected device, the risk of losing the data becomes greater. You may also need to determine which mobile device platforms will be allowed in the business environment and, thus, need to be supported in the mobile security strategy and plan. Different mobile platforms have different native security mechanisms that need to be outlined and understood, although applying a set of security controls to all supported platforms in a consistent man- ner is desirable. Another important decision is the responsibility for mobile secu- rity management work, whether using the current IT security team to handle mobile devices, or outsourcing to a managed security service provider. Multiple security technologies may need to be employed to provide comprehensive security controls for mobile devices. As such, depending on how these security solutions are delivered (on-premise or from the cloud), a company may choose to use a hybrid model for device security management. No matter what the mobile environment, a number of mobile security policies and best-practice procedures need to be put in place and should also be identified in the company’s mobile secu- rity strategic plan. Fortunately, many best practices that have been exercised for desktops and laptops can be duplicated for mobile devices, such as: ● Specification of roles and responsibilities in managing and securing the devices ● Registration and inventory of mobile devices ● Efficient installation and configuration of security applications on devices ● Automatic update of security patches, polices and settings ● Reporting of security policy enforcement status ● Employee education on securing mobile devices Applying security controls based on a framework Taking a broad look across the IT and business environment, IBM has developed a well-defined framework that specifies security domains and levels for applying various security technologies.
8 Securing mobile devices in the business environment When applied to mobile devices, the framework suggests the following security controls, with actual requirements varying by deployment: ● Identity and access ● Data protection ● Application security ● Fundamental integrity control ● Governance and compliance Identity and access ● Enforce strong passwords to access the device ● Use site authentication or two-factor user authentication to help increase the trustworthiness between a user and a website ● If virtual private network (VPN) access to corporate intranet is allowed, include capability to control what IP addresses can be accessed and when re-authentication is required for accessing critical resources Data protection ● Encrypt business data stored on the device and during transmission ● Include capability to wipe data locally and remotely ● Set timeout to lock the device when it is not used ● Periodically back up data on the device so data restore is possi- ble after the lost device has been recovered ● Include capability to locate or lockout the device remotely Figure 4: IBM Security Framework. IBM Security Framework Common Policy, Event Handling and Reporting PEOPLE AND IDENTITY DATA AND INFORMATION APPLICATION AND PROCESS NETWORK, SERVER AND END POINT PHYSICAL INFRASTRUCTURE SECURITY GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE Professional services Managed services Hardware and software
9IBM Global Technology Services Application security ● Download business applications from controlled locations ● Run certified business applications only ● Monitor installed applications and remove those identified to be untrustworthy or malicious Fundamental integrity control ● Run antimalware software to detect malware on storage and in memory ● Run a personal firewall to filter inbound and outbound traffic ● Integrate with the company’s VPN gateway so a device’s secu- rity posture becomes a dependency for intranet access Governance and compliance ● Incorporate mobile security into the company’s overall risk management program ● Maintain logs of interactions between mobile devices and the company’s VPN gateway and data transmission to and from servers within the intranet ● Include mobile devices in the company’s periodic security audit Choosing the right solution When choosing a mobile security solution, several factors need to be taken into consideration: ● Solution architecture—The solution should be built on a sound client-server architecture in which the server centrally controls and manages security policies and settings for various security features. The client should be installed on the mobile device and regularly communicate with the server to enforce policies, execute commands and report status. ● Platform support—The solution should support a variety of mobile device platforms with a consistent, easy-to-manage administration console that is platform-agonistic to help reduce security policies across different devices. ● Feature expandability—Mobile device technology advances very rapidly and new mobile threats are evolving all the time. The solution must be flexible enough to accommodate future technology changes and incorporate more advanced capabili- ties to counter new threats. ● Usability—Features that are easy to use and require little user intervention can help drive acceptance by end users and increase the effectiveness of security control. ● Reporting and analysis—The solution needs to contain reporting and analysis capabilities, with information that helps the company to support policy and regulation compliance, rec- ognize the mobile threat landscape and evaluate the solution’s effectiveness in countering threats. ● Deployment and management—No matter how capable a security solution is, its value is greatly diminished if it cannot be efficiently deployed or easily managed. The company needs to carefully assess the overall efforts required for initial roll- out and ongoing management of a solution. Another important decision in the solution choice is who will be responsible for the overall mobile security implementation effort and subsequent ongoing management. Although it is possible to have the current IT team responsible for desktop and laptop management and security also handle mobile devices, resource or skills constraints could prove challenging, particularly in a global, heterogeneous environment.
10 Securing mobile devices in the business environment Outsourcing is another option. Leveraging the industry- wide mobile security expertise of a managed service provider can not only free up in-house IT resources, but also inject policies and procedures that can, down the road, build up internal skills without putting the enterprise at risk. In addition, an outside provider may have the ability to provide a range of delivery options, from on-premise to in the cloud, or even a hybrid solution that may better fit the enterprise’s changing needs. IBM hosted mobile device security solution provides security from the cloud To help organizations embrace both company- and employee- owned mobile devices in a security-rich environment, IBM Security Services offers a robust mobile device security management solution. The solution, built on a client-server architecture, helps efficiently deliver mobile security services from the IBM Cloud to mobile devices on a variety of platforms. These services can help companies address the major mobile security issues discussed in this paper with a single solution. By both leveraging existing mobile devices owned by branches and employees in different groups or geographies, and avoiding the purchase of additional hardware or software, companies can reduce capital and operational costs. IBM Security Services provides a wide set of managed services, including: ● Requirement assessment and policy design ● Training and providing knowledge assets ● Guidance for production roll-out ● Monitoring, alerting and reporting ● Policy maintenance and calibration ● Threat intelligence sharing The solution combines industry-leading mobile security technologies with IBM’s deeper security knowledge and highly skilled technical professionals around the world to help reduce risks and better manage regulatory compliance. With IBM Security Services, companies can benefit from improved operational, financial and strategic efficiencies across the enter- prise, and, most importantly, can enhance their overall security postures to increase their business competitiveness. For more information To learn more about IBM Managed Security Services (Cloud Computing)—hosted mobile device security management, con- tact your IBM marketing representative, IBM Business Partner, or visit the following website: ibm.com/services
Notes
Please Recycle © Copyright IBM Corporation 2011 IBM Global Services Route 100 Somers, NY 10589 U.S.A. Produced in the United States of America October 2011 All Rights Reserved IBM, the IBM logo, and ibm.com are trademarks of International Business Machines Corporation in the United States, other countries or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark symbol (® or ™), these symbols indicate U.S. registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the web at “Copyright and trademark information” at ibm.com/legal/copytrade.shtml Microsoft and Windows are trademarks of Microsoft Corporation in the United States, other countries, or both. Other company, product or service names may be trademarks or service marks of others. 1 IBM X-Force 2011 Mid-year Trend and Risk Report, September 2011 2 Juniper Networks Malicious Mobile Threats Report 2010/2011, May 2011 3 Juniper Networks Malicious Mobile Threats Report 2010/2011, May 2011 4 GSMA Outlines Findings from Spam Reporting Service Pilot press release, February 10, 2011 SEW03027-USEN-00

Recomendados

Mobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to SolveMobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to SolveIcomm Technologies
 
Securing mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentSecuring mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentK Singh
 
IRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and ThreatsIRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and ThreatsIRJET Journal
 
Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile securityKavita Rastogi
 
IRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET Journal
 
State ofmobilesecurity
State ofmobilesecurityState ofmobilesecurity
State ofmobilesecurityGary Sandoval
 
188
188188
188vivatechijri
 
Mobile Security for Smartphones and Tablets
Mobile Security for Smartphones and TabletsMobile Security for Smartphones and Tablets
Mobile Security for Smartphones and TabletsVince Verbeke
 

Recomendados

Mobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to SolveMobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to SolveIcomm Technologies
 
Securing mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentSecuring mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentK Singh
 
IRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and ThreatsIRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and ThreatsIRJET Journal
 
Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile securityKavita Rastogi
 
IRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET Journal
 
State ofmobilesecurity
State ofmobilesecurityState ofmobilesecurity
State ofmobilesecurityGary Sandoval
 
188
188188
188vivatechijri
 
Mobile Security for Smartphones and Tablets
Mobile Security for Smartphones and TabletsMobile Security for Smartphones and Tablets
Mobile Security for Smartphones and TabletsVince Verbeke
 
Top 2016 Mobile Security Threats and your Employees
Top 2016 Mobile Security Threats and your EmployeesTop 2016 Mobile Security Threats and your Employees
Top 2016 Mobile Security Threats and your EmployeesNeil Kemp
 
Article on Mobile Security
Article on Mobile SecurityArticle on Mobile Security
Article on Mobile SecurityTharaka Mahadewa
 
BlackBerry Enterprise of Things presentation - Gartner IT Expo
BlackBerry Enterprise of Things presentation - Gartner IT ExpoBlackBerry Enterprise of Things presentation - Gartner IT Expo
BlackBerry Enterprise of Things presentation - Gartner IT ExpoBlackBerry
 
Analyst Report: The Digital Universe in 2020 - China
Analyst Report: The Digital Universe in 2020 - ChinaAnalyst Report: The Digital Universe in 2020 - China
Analyst Report: The Digital Universe in 2020 - ChinaEMC
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityBooz Allen Hamilton
 
Implementing security on android application
Implementing security on android applicationImplementing security on android application
Implementing security on android applicationIAEME Publication
 
The Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseThe Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseReadWrite
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2SHOLOVE INTERNATIONAL LLC
 
Why Passwords are not strong enough
Why Passwords are not strong enoughWhy Passwords are not strong enough
Why Passwords are not strong enoughEMC
 
Class activity 4
Class activity 4 Class activity 4
Class activity 4 Jeewanthi Fernando
 
how_to_balance_security_and_productivity_with_famoc_and_samsung_knox
how_to_balance_security_and_productivity_with_famoc_and_samsung_knoxhow_to_balance_security_and_productivity_with_famoc_and_samsung_knox
how_to_balance_security_and_productivity_with_famoc_and_samsung_knoxMarta Kusinska
 
Byod in the middle east
Byod in the middle eastByod in the middle east
Byod in the middle eastteam-abr
 
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Security
 
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...Maurice Dawson
 
RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014EMC
 
Internet of Things - Desire for Convenience Brings Multiple New Attack Vectors
Internet of Things - Desire for Convenience Brings Multiple New Attack VectorsInternet of Things - Desire for Convenience Brings Multiple New Attack Vectors
Internet of Things - Desire for Convenience Brings Multiple New Attack VectorsCraig Walker, CISSP
 
IT Security Trends in 2012
IT Security Trends in 2012IT Security Trends in 2012
IT Security Trends in 2012Icomm Technologies
 
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSES
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSESE-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSES
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSESIJNSA Journal
 
Symantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec
 
Safeguarding the Internet of Things
Safeguarding the Internet of ThingsSafeguarding the Internet of Things
Safeguarding the Internet of ThingsCognizant
 
Securing Mobile Devices
Securing Mobile DevicesSecuring Mobile Devices
Securing Mobile DevicesKamaljeet Singh Matharu (Kam)
 
Securing Mobile Devices in the Workplace - Six Tips For Midsize Businesses
Securing Mobile Devices in the Workplace - Six Tips For Midsize BusinessesSecuring Mobile Devices in the Workplace - Six Tips For Midsize Businesses
Securing Mobile Devices in the Workplace - Six Tips For Midsize BusinessesMidmarketIBM
 

Más contenido relacionado

La actualidad más candente

Top 2016 Mobile Security Threats and your Employees
Top 2016 Mobile Security Threats and your EmployeesTop 2016 Mobile Security Threats and your Employees
Top 2016 Mobile Security Threats and your EmployeesNeil Kemp
 
Article on Mobile Security
Article on Mobile SecurityArticle on Mobile Security
Article on Mobile SecurityTharaka Mahadewa
 
BlackBerry Enterprise of Things presentation - Gartner IT Expo
BlackBerry Enterprise of Things presentation - Gartner IT ExpoBlackBerry Enterprise of Things presentation - Gartner IT Expo
BlackBerry Enterprise of Things presentation - Gartner IT ExpoBlackBerry
 
Analyst Report: The Digital Universe in 2020 - China
Analyst Report: The Digital Universe in 2020 - ChinaAnalyst Report: The Digital Universe in 2020 - China
Analyst Report: The Digital Universe in 2020 - ChinaEMC
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityBooz Allen Hamilton
 
Implementing security on android application
Implementing security on android applicationImplementing security on android application
Implementing security on android applicationIAEME Publication
 
The Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseThe Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseReadWrite
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2SHOLOVE INTERNATIONAL LLC
 
Why Passwords are not strong enough
Why Passwords are not strong enoughWhy Passwords are not strong enough
Why Passwords are not strong enoughEMC
 
how_to_balance_security_and_productivity_with_famoc_and_samsung_knox
how_to_balance_security_and_productivity_with_famoc_and_samsung_knoxhow_to_balance_security_and_productivity_with_famoc_and_samsung_knox
how_to_balance_security_and_productivity_with_famoc_and_samsung_knoxMarta Kusinska
 
Byod in the middle east
Byod in the middle eastByod in the middle east
Byod in the middle eastteam-abr
 
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Security
 
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...Maurice Dawson
 
RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014EMC
 
Internet of Things - Desire for Convenience Brings Multiple New Attack Vectors
Internet of Things - Desire for Convenience Brings Multiple New Attack VectorsInternet of Things - Desire for Convenience Brings Multiple New Attack Vectors
Internet of Things - Desire for Convenience Brings Multiple New Attack VectorsCraig Walker, CISSP
 
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSES
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSESE-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSES
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSESIJNSA Journal
 
Symantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec
 
Safeguarding the Internet of Things
Safeguarding the Internet of ThingsSafeguarding the Internet of Things
Safeguarding the Internet of ThingsCognizant
 

La actualidad más candente (20)

Top 2016 Mobile Security Threats and your Employees
Top 2016 Mobile Security Threats and your EmployeesTop 2016 Mobile Security Threats and your Employees
Top 2016 Mobile Security Threats and your Employees
 
Article on Mobile Security
Article on Mobile SecurityArticle on Mobile Security
Article on Mobile Security
 
BlackBerry Enterprise of Things presentation - Gartner IT Expo
BlackBerry Enterprise of Things presentation - Gartner IT ExpoBlackBerry Enterprise of Things presentation - Gartner IT Expo
BlackBerry Enterprise of Things presentation - Gartner IT Expo
 
Analyst Report: The Digital Universe in 2020 - China
Analyst Report: The Digital Universe in 2020 - ChinaAnalyst Report: The Digital Universe in 2020 - China
Analyst Report: The Digital Universe in 2020 - China
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of Mobility
 
Implementing security on android application
Implementing security on android applicationImplementing security on android application
Implementing security on android application
 
The Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseThe Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's Enterprise
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2
 
Why Passwords are not strong enough
Why Passwords are not strong enoughWhy Passwords are not strong enough
Why Passwords are not strong enough
 
Class activity 4
Class activity 4 Class activity 4
Class activity 4
 
how_to_balance_security_and_productivity_with_famoc_and_samsung_knox
how_to_balance_security_and_productivity_with_famoc_and_samsung_knoxhow_to_balance_security_and_productivity_with_famoc_and_samsung_knox
how_to_balance_security_and_productivity_with_famoc_and_samsung_knox
 
Byod in the middle east
Byod in the middle eastByod in the middle east
Byod in the middle east
 
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
 
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
MOBILE DEVICES: THE CASE FOR CYBER SECURITY HARDENED SYSTEMS AND METHODS TO ...
 
RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014
 
Internet of Things - Desire for Convenience Brings Multiple New Attack Vectors
Internet of Things - Desire for Convenience Brings Multiple New Attack VectorsInternet of Things - Desire for Convenience Brings Multiple New Attack Vectors
Internet of Things - Desire for Convenience Brings Multiple New Attack Vectors
 
IT Security Trends in 2012
IT Security Trends in 2012IT Security Trends in 2012
IT Security Trends in 2012
 
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSES
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSESE-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSES
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSES
 
Symantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government Sector
 
Safeguarding the Internet of Things
Safeguarding the Internet of ThingsSafeguarding the Internet of Things
Safeguarding the Internet of Things
 

Destacado

Securing Mobile Devices in the Workplace - Six Tips For Midsize Businesses
Securing Mobile Devices in the Workplace - Six Tips For Midsize BusinessesSecuring Mobile Devices in the Workplace - Six Tips For Midsize Businesses
Securing Mobile Devices in the Workplace - Six Tips For Midsize BusinessesMidmarketIBM
 
Mobile devices ppt
Mobile devices pptMobile devices ppt
Mobile devices pptim_mi
 

Destacado (6)

Securing Mobile Devices
Securing Mobile DevicesSecuring Mobile Devices
Securing Mobile Devices
 
Securing Mobile Devices in the Workplace - Six Tips For Midsize Businesses
Securing Mobile Devices in the Workplace - Six Tips For Midsize BusinessesSecuring Mobile Devices in the Workplace - Six Tips For Midsize Businesses
Securing Mobile Devices in the Workplace - Six Tips For Midsize Businesses
 
Managing and securing mobile devices
Managing and securing mobile devicesManaging and securing mobile devices
Managing and securing mobile devices
 
Smart devices
Smart devicesSmart devices
Smart devices
 
Smart devices
Smart devicesSmart devices
Smart devices
 
Mobile devices ppt
Mobile devices pptMobile devices ppt
Mobile devices ppt
 

Similar a Securing mobile devices in the business environment

CASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdf
CASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdfCASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdf
CASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdfkostikjaylonshaewe47
 
271 Information Governance for Mobile Devices .docx
271 Information Governance for Mobile Devices .docx271 Information Governance for Mobile Devices .docx
271 Information Governance for Mobile Devices .docxlorainedeserre
 
Chapter 3_Cyber Security-ccdf.pptx
Chapter 3_Cyber Security-ccdf.pptxChapter 3_Cyber Security-ccdf.pptx
Chapter 3_Cyber Security-ccdf.pptx1SI19IS064TEJASS
 
4514ijmnct01
4514ijmnct014514ijmnct01
4514ijmnct01ijmnct
 
Security attacks taxonomy on
Security attacks taxonomy onSecurity attacks taxonomy on
Security attacks taxonomy onijmnct
 
IDC: Top Five Considerations for Cloud-Based Security
IDC: Top Five Considerations for Cloud-Based SecurityIDC: Top Five Considerations for Cloud-Based Security
IDC: Top Five Considerations for Cloud-Based Securityarms8586
 
Third Annual Mobile Threats Report
Third Annual Mobile Threats ReportThird Annual Mobile Threats Report
Third Annual Mobile Threats ReportJuniper Networks
 
AST-0002415_MobileSecurity-CIO
AST-0002415_MobileSecurity-CIOAST-0002415_MobileSecurity-CIO
AST-0002415_MobileSecurity-CIOJim Romeo
 
AST-0002415_MobileSecurity-CIO
AST-0002415_MobileSecurity-CIOAST-0002415_MobileSecurity-CIO
AST-0002415_MobileSecurity-CIOJim Romeo
 
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?acijjournal
 
Evolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaEvolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaAnjoum .
 
3 data leak possibilities that are easy to overlook
3 data leak possibilities that are easy to overlook3 data leak possibilities that are easy to overlook
3 data leak possibilities that are easy to overlookPeter Hewer
 
Mobile malware and enterprise security v 1.2_0
Mobile malware and enterprise security v 1.2_0Mobile malware and enterprise security v 1.2_0
Mobile malware and enterprise security v 1.2_0Javier Gonzalez
 
I Brought My Own Device. Now What?
I Brought My Own Device. Now What?I Brought My Own Device. Now What?
I Brought My Own Device. Now What? Array Networks
 

Similar a Securing mobile devices in the business environment (20)

Securing mobile devices 1
Securing mobile devices 1Securing mobile devices 1
Securing mobile devices 1
 
CASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdf
CASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdfCASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdf
CASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdf
 
CS_UNIT 2(P3).pptx
CS_UNIT 2(P3).pptxCS_UNIT 2(P3).pptx
CS_UNIT 2(P3).pptx
 
271 Information Governance for Mobile Devices .docx
271 Information Governance for Mobile Devices .docx271 Information Governance for Mobile Devices .docx
271 Information Governance for Mobile Devices .docx
 
Chapter 3_Cyber Security-ccdf.pptx
Chapter 3_Cyber Security-ccdf.pptxChapter 3_Cyber Security-ccdf.pptx
Chapter 3_Cyber Security-ccdf.pptx
 
4514ijmnct01
4514ijmnct014514ijmnct01
4514ijmnct01
 
Security attacks taxonomy on
Security attacks taxonomy onSecurity attacks taxonomy on
Security attacks taxonomy on
 
IDC: Top Five Considerations for Cloud-Based Security
IDC: Top Five Considerations for Cloud-Based SecurityIDC: Top Five Considerations for Cloud-Based Security
IDC: Top Five Considerations for Cloud-Based Security
 
Third Annual Mobile Threats Report
Third Annual Mobile Threats ReportThird Annual Mobile Threats Report
Third Annual Mobile Threats Report
 
Cn35499502
Cn35499502Cn35499502
Cn35499502
 
Protecting Mobile
Protecting MobileProtecting Mobile
Protecting Mobile
 
AST-0002415_MobileSecurity-CIO
AST-0002415_MobileSecurity-CIOAST-0002415_MobileSecurity-CIO
AST-0002415_MobileSecurity-CIO
 
AST-0002415_MobileSecurity-CIO
AST-0002415_MobileSecurity-CIOAST-0002415_MobileSecurity-CIO
AST-0002415_MobileSecurity-CIO
 
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
 
Evolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaEvolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wandera
 
3 data leak possibilities that are easy to overlook
3 data leak possibilities that are easy to overlook3 data leak possibilities that are easy to overlook
3 data leak possibilities that are easy to overlook
 
Mobile malware and enterprise security v 1.2_0
Mobile malware and enterprise security v 1.2_0Mobile malware and enterprise security v 1.2_0
Mobile malware and enterprise security v 1.2_0
 
880 st011
880 st011880 st011
880 st011
 
Mobile security article
Mobile security articleMobile security article
Mobile security article
 
I Brought My Own Device. Now What?
I Brought My Own Device. Now What?I Brought My Own Device. Now What?
I Brought My Own Device. Now What?
 

Más de IBM Software India

Analytics and Cricket World Cup 2015
Analytics and Cricket World Cup 2015Analytics and Cricket World Cup 2015
Analytics and Cricket World Cup 2015IBM Software India
 
The Rise of Private Modular Cloud
The Rise of Private Modular CloudThe Rise of Private Modular Cloud
The Rise of Private Modular CloudIBM Software India
 
Achieving Scalability and Speed with Softlayer
Achieving Scalability and Speed with SoftlayerAchieving Scalability and Speed with Softlayer
Achieving Scalability and Speed with SoftlayerIBM Software India
 
Build your own Cloud & Infrastructure
Build your own Cloud & InfrastructureBuild your own Cloud & Infrastructure
Build your own Cloud & InfrastructureIBM Software India
 
Web version-ab cs-book-bangalore
Web version-ab cs-book-bangaloreWeb version-ab cs-book-bangalore
Web version-ab cs-book-bangaloreIBM Software India
 
Maa s360 10command_ebook-bangalore[1]
Maa s360 10command_ebook-bangalore[1]Maa s360 10command_ebook-bangalore[1]
Maa s360 10command_ebook-bangalore[1]IBM Software India
 
Maa s360 10command_ebook-bangalore
Maa s360 10command_ebook-bangaloreMaa s360 10command_ebook-bangalore
Maa s360 10command_ebook-bangaloreIBM Software India
 
Web version-ab cs-book-bangalore
Web version-ab cs-book-bangaloreWeb version-ab cs-book-bangalore
Web version-ab cs-book-bangaloreIBM Software India
 
White paper native, web or hybrid mobile app development
White paper native, web or hybrid mobile app developmentWhite paper native, web or hybrid mobile app development
White paper native, web or hybrid mobile app developmentIBM Software India
 
Buyer’s checklist for mobile application platforms
Buyer’s checklist for mobile application platformsBuyer’s checklist for mobile application platforms
Buyer’s checklist for mobile application platformsIBM Software India
 
Social business for innovation
Social business for innovationSocial business for innovation
Social business for innovationIBM Software India
 
The Forrester Wave - Big Data Hadoop
The Forrester Wave - Big Data HadoopThe Forrester Wave - Big Data Hadoop
The Forrester Wave - Big Data HadoopIBM Software India
 
Forrester Wave - Big data streaming analytics platforms
Forrester Wave - Big data streaming analytics platformsForrester Wave - Big data streaming analytics platforms
Forrester Wave - Big data streaming analytics platformsIBM Software India
 
Analytics - The speed advantage
Analytics - The speed advantageAnalytics - The speed advantage
Analytics - The speed advantageIBM Software India
 

Más de IBM Software India (20)

Analytics and Cricket World Cup 2015
Analytics and Cricket World Cup 2015Analytics and Cricket World Cup 2015
Analytics and Cricket World Cup 2015
 
Why analytics?
Why analytics?Why analytics?
Why analytics?
 
The Rise of Private Modular Cloud
The Rise of Private Modular CloudThe Rise of Private Modular Cloud
The Rise of Private Modular Cloud
 
Achieving Scalability and Speed with Softlayer
Achieving Scalability and Speed with SoftlayerAchieving Scalability and Speed with Softlayer
Achieving Scalability and Speed with Softlayer
 
Build your own Cloud & Infrastructure
Build your own Cloud & InfrastructureBuild your own Cloud & Infrastructure
Build your own Cloud & Infrastructure
 
Web version-ab cs-book-bangalore
Web version-ab cs-book-bangaloreWeb version-ab cs-book-bangalore
Web version-ab cs-book-bangalore
 
Maa s360 10command_ebook-bangalore[1]
Maa s360 10command_ebook-bangalore[1]Maa s360 10command_ebook-bangalore[1]
Maa s360 10command_ebook-bangalore[1]
 
Maa s360 10command_ebook-bangalore
Maa s360 10command_ebook-bangaloreMaa s360 10command_ebook-bangalore
Maa s360 10command_ebook-bangalore
 
Web version-ab cs-book-bangalore
Web version-ab cs-book-bangaloreWeb version-ab cs-book-bangalore
Web version-ab cs-book-bangalore
 
White paper native, web or hybrid mobile app development
White paper native, web or hybrid mobile app developmentWhite paper native, web or hybrid mobile app development
White paper native, web or hybrid mobile app development
 
Buyer’s checklist for mobile application platforms
Buyer’s checklist for mobile application platformsBuyer’s checklist for mobile application platforms
Buyer’s checklist for mobile application platforms
 
SoftLayer Overview
SoftLayer OverviewSoftLayer Overview
SoftLayer Overview
 
Standing apart in the cloud
Standing apart in the cloudStanding apart in the cloud
Standing apart in the cloud
 
Social business for innovation
Social business for innovationSocial business for innovation
Social business for innovation
 
Liking to leading
Liking to leadingLiking to leading
Liking to leading
 
Focus on work. Not on inbox
Focus on work. Not on inboxFocus on work. Not on inbox
Focus on work. Not on inbox
 
The Forrester Wave - Big Data Hadoop
The Forrester Wave - Big Data HadoopThe Forrester Wave - Big Data Hadoop
The Forrester Wave - Big Data Hadoop
 
Forrester Wave - Big data streaming analytics platforms
Forrester Wave - Big data streaming analytics platformsForrester Wave - Big data streaming analytics platforms
Forrester Wave - Big data streaming analytics platforms
 
Analytics - The speed advantage
Analytics - The speed advantageAnalytics - The speed advantage
Analytics - The speed advantage
 
The Future Data Center
The Future Data CenterThe Future Data Center
The Future Data Center
 

Último

Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????blackmambaettijean
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 

Último (20)

Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 

Securing mobile devices in the business environment

  • 1. IBM Global Technology Services Thought Leadership White Paper October 2011 Securing mobile devices in the business environment By I-Lung Kao, Global Strategist, IBM Security Services
  • 2. 2 Securing mobile devices in the business environment As the world becomes more interconnected, integrated and intelligent, mobile devices are playing an ever-increasing role in changing the way people live, work and communicate. But it is not just happening in personal life: Smartphones and tablets are also being rapidly adopted by enterprises as new work tools, joining existing laptops and desktops. The use of mobile devices for business has experienced an explosive growth in the past few years and will only accelerate in the near future. And while the BlackBerry® has been the de facto mobile device for business for many years, the availability of other smartphones and tablets with broader consumer appeal, such as iPhone® and Android™ devices, is fundamentally changing the game. Employees are now bringing their own mobile devices to the workplace and asking companies to support them. These new devices offer improved hardware performance, a more robust platform feature set and increased communication bandwidth, expanding their capabilities beyond voice and email. As a result, however, this increased access to enterprise systems can also bring an increased security risk to the organization. This paper explores how companies can more safely introduce employee- or corporate-owned mobile devices into the work- place, identify the risks inherent in their broader access to corpo- rate data, and derive enhanced business value. Mobility brings both advantages and risks to the enterprise As employees bring mobile devices into the workplace, many organizations are motivated to encourage their use for business purposes, because they tend to drive: ● Increased employee productivity—Mobile devices can give employees access to corporate resources and enable continu- ous collaboration with colleagues or business partners. ● Improved client services—Sales or support employees who regularly interface with customers may respond more effi- ciently, directly increasing customer satisfaction. ● Reduced IT cost—By allowing employees to use, and often pay for, their own mobile devices and wireless services, compa- nies potentially save IT spending on device purchases as well as management and communication services. There are some cautions, however. Companies need to fully rec- ognize that when employees connect mobile devices to the enterprise and merge both business and personal data, those mobile devices must be treated just like any other IT equipment, with appropriate security controls. If security is not addressed at the outset, these mobile devices may become a point of security weakness that threatens to disclose business information or become a new channel to introduce security threats to the com- pany’s IT infrastructure and business resources. Many IT depart- ments are finding significant challenges in securing mobile devices, for a variety of reasons: ● A range of mobile device platforms, such as BlackBerry, Symbian®, IOS®, Android and Windows Mobile, needs to be supported, and each platform brings with it a unique security model. Other than the BlackBerry platform, most started as consumer platforms and lack enterprise-strength security controls. ● Business and personal data now coexist on the same device. Finding a balance between strict security control and privacy of personal data, particularly when the device is no longer a corporate-issued asset, can be challenging. ● Unauthorized or non-business oriented applications have the potential to spread malware that affects the integrity of the device and the business data residing upon it. ● Mobile devices are prone to loss and theft, due to their small- size and high-portability. Whenever a device is lost, corporate data is at risk both on the mobile device and within the corpo- rate network.
  • 3. 3IBM Global Technology Services ● Many mobile devices are always on and connected, so vulnera- bility to malicious attacks increases through different commu- nication channels. ● Mobile technology is advancing quickly and becoming increas- ingly complex. Many companies do not have enough resources or skills in house to fully embrace mobile technology in the workplace. Security threats to mobile devices The security of mobile devices has become a top concern for many IT executives. Hackers are discovering the benefits of compromising both business and personal data contained within mobile devices. Because many mobile platforms are not natively designed to provide comprehensive security, hackers have a strong incentive to develop new techniques or create mobile- centric malware specifically for these devices. In a recent IBM X-Force® security research report, mobile operating sys- tem vulnerabilities have increased significantly (see Figure 1) and exploits of vulnerabilities are also on the rise (see Figure 2).1 Figure 1: Total mobile operating system vulnerabilities. 200 180 160 140 120 100 2006 2007 2008 2009 2010 2011 80 60 40 20 0 Total mobile operating system vulnerabilitiees 2006-2011 (Projected) Mobile OS vulnerabilites 40 35 30 25 2006 2007 2008 2009 2010 2011 20 15 10 5 0 Mobile operating system exploits 2006-2011 (Projected) Mobile OS exploits Figure 2: Mobile operating system exploits. The latest smartphones are designed to provide broad Internet and network connectivity through varying channels, such as 3G or 4G, Wi-Fi, Bluetooth or a wired connection to a PC. Security threats may occur in different places along these varying paths where data can be transmitted (see Figure 3). When a device downloads a new mobile application from any online application store, the software may contain malware that can steal or dam- age data on the device and, in some cases, even disable the mobile device itself. Most mobile devices now have Internet connections, so common web-based threats that have attacked laptops or desktops may also apply to mobile devices. A device connected through Wi-Fi or Bluetooth is at greater risk because the Wi-Fi source or the other Bluetooth-enabled device may have been compromised and can play a role in a “man-in-the-middle” attack (when a hacker configures a laptop, server or mobile device to listen in on or modify legitimate communications) or other attack type.
  • 4. 4 Securing mobile devices in the business environment Figure 3: Flow of data transmission. Because of the variety of communication mechanisms available and increasing use of business applications on mobile devices, the security threats to mobile devices have evolved to all the threats applicable to desktops or laptops, plus new threats that are truly unique to mobile devices. Therefore, mobile devices need to be protected with an even broader set of security tech- niques than those employed for traditional desktop or laptop operating environments. No matter what the threats are, the targets that hackers try to access and exploit typically consist of one or several of the following: ● Credentials to access business or personal accounts ● Confidential business or personal information ● Phone or data communication services ● The mobile device itself Mobile device Telco service provider Wi-Fi device Internet Mobile device Corporate VPN Gateway App store Web site Corporate intranet (Bluetooth enabled) Mobile device A threat can occur
  • 5. 5IBM Global Technology Services The most frequently seen mobile device security threats are: ● Loss and theft ● Malware ● Spam ● Phishing ● Bluetooth and Wi-Fi Loss and theft Small size and high portability make loss and theft top security concerns when a mobile device is used in the workplace. According to a mobile threat study by Juniper Networks, 1 in 20 mobile devices was stolen or lost in 2010.2 When devices are lost or stolen, all of the data stored on or accessible from the mobile device may be compromised if access to the device or the data is not effectively controlled. While not foolproof, some techniques can help reduce the risk of data compromise, such as using a complex password to access the device or critical data, remotely locating the device on a map using global positioning services (GPS), remotely locking the device to render it useless, or remotely wiping data on the device. Some mobile platforms natively provide these tech- niques, and in the event they do not, basic platform capabilities can often be augmented by functionality available in third party mobile device management or mobile security solutions. Malware Mobile device malware—viruses, worms, Trojans, spyware—has been on the rise over the past few years because most mobile platforms do not yet have native mechanisms to detect malware. Virtually no mobile platform available today is immune to malware. Although more established mobile platforms such as Symbian and Windows Mobile have been a proving ground for malware developers in the past few years, the Google Android platform is leading in new malware development, primarily due to its popularity and open software distribution model. The mobile threat research report from Juniper Networks also states that malware on Android grew 400 percent from June 2010 to January 2011.3 Malware can cause a loss of personal or confidential data, additional service charges (for example, some malware can send premium Short Message Service (SMS) text messages or make phone calls in the background) and, even worse, make the device unusable. Although quickly removed, numerous malicious appli- cations recently found their way onto the Android marketplace. Some of these were legitimate applications that had been repack- aged with a Trojan designed to gain root access or additional privileges to users’ devices. Unsuspecting users may have had malicious code or additional malware installed in that single download from the applications store. Malware can then spread quickly through a wired or wireless connection to another device or a company’s intranet. Companies can significantly reduce the malware risk by adopting a similar approach to be used for both mobile devices as well as the desktop and laptop environment. In addition to advising employees to only download and install trusted applications and take appropriate actions when suspicious applications are identi- fied, a company should run antimalware software on each employee’s device to detect malware in real-time and scan the entire device periodically.
  • 6. 6 Securing mobile devices in the business environment Spam With the growth of text messaging, spam—unsolicited commu- nication sent to a mobile device from a known or unknown phone number—is also on the rise. Spam is not only a big con- cern for mobile service providers because it wastes a significant amount of bandwidth, but it is also a growing security issue for mobile device users. According to the recent Global System for Mobile Communications Association (GSMA) pilot of the GSMA Spam Reporting Service (SRS), the majority of spam attacks are for financial gain, with 70 percent of reports of spam being for fraudulent financial services rather than the traditional advertising scenarios found in email spam.4 We feel that the most effective method to thwart spam is to define a blacklist to block spam messages either by using the functions of an antispam solution or by turning on the antispam feature on the device if it is available. Phishing “Phishing” is an email or an SMS text message (dubbed, “SMiShing”) sent to trick a user into accessing a fake website, sending a text message or making a phone call to reveal personal information (such as a Social Security number in the United States) or credentials that would allow the hacker access to finan- cial or business accounts. Phishing through mobile browsers is more likely to succeed because the small screen size of mobile devices does not allow for some protection features used on the PC, like web address bars or green warning lights. The most effective antiphishing approach helps a user recognize a fraudulent website when it is presented. Some financial institu- tions have deployed “site authentication” to confirm to users that they are communicating with a genuine website before they enter account credentials from either a web browser or a mobile application. Two-factor authentication is also useful to thwart phishing: First, a user enters a static password, then a second authentication factor, such as a one-time password or a device fingerprint, is dynamically generated to further authenti- cate the user. So even if a user’s static password is stolen by a hacker using a phishing technique, the hacker cannot login to the genuine site without the user’s second authentication factor. Bluetooth and Wi-Fi Bluetooth and Wi-Fi effectively increase the connectivity of mobile devices within a certain range, but they can be easily exploited to infect a mobile device with malware or compromise transmitted data. A mobile device may be lured to accept a Bluetooth connection request from a malicious device. In a “man-in-the-middle” attack, when mobile devices connect, the hacker can intercept and compromise all data sent to or from the connected devices. Setting the device’s Bluetooth to an undiscoverable mode and turning off the device’s automatic Wi-Fi connection capability, especially in public areas, can help reduce risks. To completely block incoming connection requests from unknown devices, a local firewall should be installed and run on the mobile device— another traditional security practice that can be extended to the mobile environment. Establishing a mobile security strategy Creating a stringent strategy that defines guidelines and policies helps lay the foundation for a more security-rich mobile envi- ronment. This strategy should focus on several key areas: Data and resources accessible from mobile devices, platform support, management methodology and best practices.
  • 7. 7IBM Global Technology Services Initially, your organization should identify which business data it will allow to be stored and processed on which mobile devices. This helps determine what needs to be protected and to what degree. Many enterprises only permit employee email, contact and calendar information. Others allow access, through a browser or native mobile application, to other business-critical applications such as enterprise resource systems (ERP) or cus- tomer relationship management (CRM). Different degrees of access from mobile devices require varying levels of security con- trols. However, it should be noted when business data flows from a more strictly controlled location (for example, a database or a file server) to a less protected device, the risk of losing the data becomes greater. You may also need to determine which mobile device platforms will be allowed in the business environment and, thus, need to be supported in the mobile security strategy and plan. Different mobile platforms have different native security mechanisms that need to be outlined and understood, although applying a set of security controls to all supported platforms in a consistent man- ner is desirable. Another important decision is the responsibility for mobile secu- rity management work, whether using the current IT security team to handle mobile devices, or outsourcing to a managed security service provider. Multiple security technologies may need to be employed to provide comprehensive security controls for mobile devices. As such, depending on how these security solutions are delivered (on-premise or from the cloud), a company may choose to use a hybrid model for device security management. No matter what the mobile environment, a number of mobile security policies and best-practice procedures need to be put in place and should also be identified in the company’s mobile secu- rity strategic plan. Fortunately, many best practices that have been exercised for desktops and laptops can be duplicated for mobile devices, such as: ● Specification of roles and responsibilities in managing and securing the devices ● Registration and inventory of mobile devices ● Efficient installation and configuration of security applications on devices ● Automatic update of security patches, polices and settings ● Reporting of security policy enforcement status ● Employee education on securing mobile devices Applying security controls based on a framework Taking a broad look across the IT and business environment, IBM has developed a well-defined framework that specifies security domains and levels for applying various security technologies.
  • 8. 8 Securing mobile devices in the business environment When applied to mobile devices, the framework suggests the following security controls, with actual requirements varying by deployment: ● Identity and access ● Data protection ● Application security ● Fundamental integrity control ● Governance and compliance Identity and access ● Enforce strong passwords to access the device ● Use site authentication or two-factor user authentication to help increase the trustworthiness between a user and a website ● If virtual private network (VPN) access to corporate intranet is allowed, include capability to control what IP addresses can be accessed and when re-authentication is required for accessing critical resources Data protection ● Encrypt business data stored on the device and during transmission ● Include capability to wipe data locally and remotely ● Set timeout to lock the device when it is not used ● Periodically back up data on the device so data restore is possi- ble after the lost device has been recovered ● Include capability to locate or lockout the device remotely Figure 4: IBM Security Framework. IBM Security Framework Common Policy, Event Handling and Reporting PEOPLE AND IDENTITY DATA AND INFORMATION APPLICATION AND PROCESS NETWORK, SERVER AND END POINT PHYSICAL INFRASTRUCTURE SECURITY GOVERNANCE, RISK MANAGEMENT AND COMPLIANCE Professional services Managed services Hardware and software
  • 9. 9IBM Global Technology Services Application security ● Download business applications from controlled locations ● Run certified business applications only ● Monitor installed applications and remove those identified to be untrustworthy or malicious Fundamental integrity control ● Run antimalware software to detect malware on storage and in memory ● Run a personal firewall to filter inbound and outbound traffic ● Integrate with the company’s VPN gateway so a device’s secu- rity posture becomes a dependency for intranet access Governance and compliance ● Incorporate mobile security into the company’s overall risk management program ● Maintain logs of interactions between mobile devices and the company’s VPN gateway and data transmission to and from servers within the intranet ● Include mobile devices in the company’s periodic security audit Choosing the right solution When choosing a mobile security solution, several factors need to be taken into consideration: ● Solution architecture—The solution should be built on a sound client-server architecture in which the server centrally controls and manages security policies and settings for various security features. The client should be installed on the mobile device and regularly communicate with the server to enforce policies, execute commands and report status. ● Platform support—The solution should support a variety of mobile device platforms with a consistent, easy-to-manage administration console that is platform-agonistic to help reduce security policies across different devices. ● Feature expandability—Mobile device technology advances very rapidly and new mobile threats are evolving all the time. The solution must be flexible enough to accommodate future technology changes and incorporate more advanced capabili- ties to counter new threats. ● Usability—Features that are easy to use and require little user intervention can help drive acceptance by end users and increase the effectiveness of security control. ● Reporting and analysis—The solution needs to contain reporting and analysis capabilities, with information that helps the company to support policy and regulation compliance, rec- ognize the mobile threat landscape and evaluate the solution’s effectiveness in countering threats. ● Deployment and management—No matter how capable a security solution is, its value is greatly diminished if it cannot be efficiently deployed or easily managed. The company needs to carefully assess the overall efforts required for initial roll- out and ongoing management of a solution. Another important decision in the solution choice is who will be responsible for the overall mobile security implementation effort and subsequent ongoing management. Although it is possible to have the current IT team responsible for desktop and laptop management and security also handle mobile devices, resource or skills constraints could prove challenging, particularly in a global, heterogeneous environment.
  • 10. 10 Securing mobile devices in the business environment Outsourcing is another option. Leveraging the industry- wide mobile security expertise of a managed service provider can not only free up in-house IT resources, but also inject policies and procedures that can, down the road, build up internal skills without putting the enterprise at risk. In addition, an outside provider may have the ability to provide a range of delivery options, from on-premise to in the cloud, or even a hybrid solution that may better fit the enterprise’s changing needs. IBM hosted mobile device security solution provides security from the cloud To help organizations embrace both company- and employee- owned mobile devices in a security-rich environment, IBM Security Services offers a robust mobile device security management solution. The solution, built on a client-server architecture, helps efficiently deliver mobile security services from the IBM Cloud to mobile devices on a variety of platforms. These services can help companies address the major mobile security issues discussed in this paper with a single solution. By both leveraging existing mobile devices owned by branches and employees in different groups or geographies, and avoiding the purchase of additional hardware or software, companies can reduce capital and operational costs. IBM Security Services provides a wide set of managed services, including: ● Requirement assessment and policy design ● Training and providing knowledge assets ● Guidance for production roll-out ● Monitoring, alerting and reporting ● Policy maintenance and calibration ● Threat intelligence sharing The solution combines industry-leading mobile security technologies with IBM’s deeper security knowledge and highly skilled technical professionals around the world to help reduce risks and better manage regulatory compliance. With IBM Security Services, companies can benefit from improved operational, financial and strategic efficiencies across the enter- prise, and, most importantly, can enhance their overall security postures to increase their business competitiveness. For more information To learn more about IBM Managed Security Services (Cloud Computing)—hosted mobile device security management, con- tact your IBM marketing representative, IBM Business Partner, or visit the following website: ibm.com/services
  • 11. Notes
  • 12. Please Recycle © Copyright IBM Corporation 2011 IBM Global Services Route 100 Somers, NY 10589 U.S.A. Produced in the United States of America October 2011 All Rights Reserved IBM, the IBM logo, and ibm.com are trademarks of International Business Machines Corporation in the United States, other countries or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark symbol (® or ™), these symbols indicate U.S. registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the web at “Copyright and trademark information” at ibm.com/legal/copytrade.shtml Microsoft and Windows are trademarks of Microsoft Corporation in the United States, other countries, or both. Other company, product or service names may be trademarks or service marks of others. 1 IBM X-Force 2011 Mid-year Trend and Risk Report, September 2011 2 Juniper Networks Malicious Mobile Threats Report 2010/2011, May 2011 3 Juniper Networks Malicious Mobile Threats Report 2010/2011, May 2011 4 GSMA Outlines Findings from Spam Reporting Service Pilot press release, February 10, 2011 SEW03027-USEN-00