Enviar búsqueda
Cargar
2012 04-27%20%20 mobile%20security%20ppt%20presentation[1]
•
3 recomendaciones
•
704 vistas
K
kgbacdd
Seguir
Tecnología
Denunciar
Compartir
Denunciar
Compartir
1 de 31
Descargar ahora
Descargar para leer sin conexión
Recomendados
Enterprise Mobility Solutions: Enterprise operations on the move
Enterprise Mobility Solutions: Enterprise operations on the move
Softweb Solutions
Emerging trends in the Software Industry
Emerging trends in the Software Industry
Michael Fauscette
E2 lennertdewaal
E2 lennertdewaal
Strategy
Mobile Security Report 2009
Mobile Security Report 2009
findram
The CIO Handbook
The CIO Handbook
HCL Technologies
Mobilize With Cs Cs
Mobilize With Cs Cs
findram
2010 global trend report pallino1021
2010 global trend report pallino1021
Deanna Lawrence
Future Tech for Concur User Conference
Future Tech for Concur User Conference
Michael Fauscette
Más contenido relacionado
La actualidad más candente
Citrix/Altimeter Dynamic Customer Jounrey webinar final as presented
Citrix/Altimeter Dynamic Customer Jounrey webinar final as presented
Chris Silva
Q1 Trends 2008 Pdf
Q1 Trends 2008 Pdf
Deanna Lawrence
Managed Mobility Load Off Customer Wp
Managed Mobility Load Off Customer Wp
raghuvamsiuriti
IBM Mobile Strategy
IBM Mobile Strategy
IBM Software India
The Future of Enterprise SW and Social Media
The Future of Enterprise SW and Social Media
guestd63a
The Mobile Evolution‚ Systems vs. Apps - Matthew David
The Mobile Evolution‚ Systems vs. Apps - Matthew David
Mobile March
Enterprise Mobility - An Introduction
Enterprise Mobility - An Introduction
Folio3 Software
IBM Mobile Strategy - Mobile World Congress 2012
IBM Mobile Strategy - Mobile World Congress 2012
Robert Sutor
IBM mobile strategy at Innovate 2012
IBM mobile strategy at Innovate 2012
Dirk Nicol
Growth with IBM Mobile Enterprise
Growth with IBM Mobile Enterprise
IIC_Barcelona
Bi for the_mobile_worker
Bi for the_mobile_worker
QuestexConf
IBM Software Day 2013. A mobile strategy is essential
IBM Software Day 2013. A mobile strategy is essential
IBM (Middle East and Africa)
IBM Worklight Slides
IBM Worklight Slides
Jim Porter
Deploying+Mobile+Uc+For+Cisco
Deploying+Mobile+Uc+For+Cisco
Lamont Taylor
Fremskynd innovation og nå bredere ud med IBM Mobile, Michael Gilfix, IBM US
Fremskynd innovation og nå bredere ud med IBM Mobile, Michael Gilfix, IBM US
IBM Danmark
Mobile social workforce and benefits xpo vs 3
Mobile social workforce and benefits xpo vs 3
G Wheeler,Jr.
Mm platform overview enterprise 2012 (2)
Mm platform overview enterprise 2012 (2)
Isabel_Agudelo80
Video Communications Management Software
Video Communications Management Software
Videoguy
Curated Computing
Curated Computing
Dr. Jimmy Schwarzkopf
La actualidad más candente
(19)
Citrix/Altimeter Dynamic Customer Jounrey webinar final as presented
Citrix/Altimeter Dynamic Customer Jounrey webinar final as presented
Q1 Trends 2008 Pdf
Q1 Trends 2008 Pdf
Managed Mobility Load Off Customer Wp
Managed Mobility Load Off Customer Wp
IBM Mobile Strategy
IBM Mobile Strategy
The Future of Enterprise SW and Social Media
The Future of Enterprise SW and Social Media
The Mobile Evolution‚ Systems vs. Apps - Matthew David
The Mobile Evolution‚ Systems vs. Apps - Matthew David
Enterprise Mobility - An Introduction
Enterprise Mobility - An Introduction
IBM Mobile Strategy - Mobile World Congress 2012
IBM Mobile Strategy - Mobile World Congress 2012
IBM mobile strategy at Innovate 2012
IBM mobile strategy at Innovate 2012
Growth with IBM Mobile Enterprise
Growth with IBM Mobile Enterprise
Bi for the_mobile_worker
Bi for the_mobile_worker
IBM Software Day 2013. A mobile strategy is essential
IBM Software Day 2013. A mobile strategy is essential
IBM Worklight Slides
IBM Worklight Slides
Deploying+Mobile+Uc+For+Cisco
Deploying+Mobile+Uc+For+Cisco
Fremskynd innovation og nå bredere ud med IBM Mobile, Michael Gilfix, IBM US
Fremskynd innovation og nå bredere ud med IBM Mobile, Michael Gilfix, IBM US
Mobile social workforce and benefits xpo vs 3
Mobile social workforce and benefits xpo vs 3
Mm platform overview enterprise 2012 (2)
Mm platform overview enterprise 2012 (2)
Video Communications Management Software
Video Communications Management Software
Curated Computing
Curated Computing
Destacado
Accenture mobility. Research report 2014
Accenture mobility. Research report 2014
Datafield
Accenture Mobility Report
Accenture Mobility Report
Chris Ellis
Etude PwC Digital IQ (2014)
Etude PwC Digital IQ (2014)
PwC France
A Simple Technology Framework: Mobile - Social - Cloud - Big Data
A Simple Technology Framework: Mobile - Social - Cloud - Big Data
Lars Kamp
MIMA13 - Social Mobile Cloud
MIMA13 - Social Mobile Cloud
Ted Shelton
SAP Mobile Platform: Accenture Mobility "The Always On Enterprise"
SAP Mobile Platform: Accenture Mobility "The Always On Enterprise"
Tony Smith
Accenture Mobile Healthcare Report
Accenture Mobile Healthcare Report
3GDR
SMART MOBILITY and the new IoT revolution
SMART MOBILITY and the new IoT revolution
Roberto Siagri
Transforming governments through digital technologies. Five factors that inf...
Transforming governments through digital technologies. Five factors that inf...
Deloitte Canada
Data and Analytics In The Digital Age
Data and Analytics In The Digital Age
Nigel Wright Group
Intelligent Mobility for Smart Cities
Intelligent Mobility for Smart Cities
Hussein Dia
PwC: New IT Platform From Strategy Through Execution
PwC: New IT Platform From Strategy Through Execution
CA Technologies
Accenture Mobility - Trends for the Next Decade
Accenture Mobility - Trends for the Next Decade
Lars Kamp
Deloitte Cloud Accelerators Salesforce Tour Melbourne
Deloitte Cloud Accelerators Salesforce Tour Melbourne
Deloitte Australia
The Bank of the Future: How Deloitte Powers the Omnichannel Digital Experience
The Bank of the Future: How Deloitte Powers the Omnichannel Digital Experience
Salesforce Marketing Cloud
Accenture CIO Mobility Survey
Accenture CIO Mobility Survey
Lars Kamp
Accenture Technology Vision 2015 - Digital Business Era
Accenture Technology Vision 2015 - Digital Business Era
Accenture Technology
Digital Business - Accenture
Digital Business - Accenture
Accenture the Netherlands
Putting digital technology and data to work for Tech CMO's
Putting digital technology and data to work for Tech CMO's
PwC
Accenture Cloud Platform: Control, Manage and Govern the Enterprise Cloud
Accenture Cloud Platform: Control, Manage and Govern the Enterprise Cloud
accenture
Destacado
(20)
Accenture mobility. Research report 2014
Accenture mobility. Research report 2014
Accenture Mobility Report
Accenture Mobility Report
Etude PwC Digital IQ (2014)
Etude PwC Digital IQ (2014)
A Simple Technology Framework: Mobile - Social - Cloud - Big Data
A Simple Technology Framework: Mobile - Social - Cloud - Big Data
MIMA13 - Social Mobile Cloud
MIMA13 - Social Mobile Cloud
SAP Mobile Platform: Accenture Mobility "The Always On Enterprise"
SAP Mobile Platform: Accenture Mobility "The Always On Enterprise"
Accenture Mobile Healthcare Report
Accenture Mobile Healthcare Report
SMART MOBILITY and the new IoT revolution
SMART MOBILITY and the new IoT revolution
Transforming governments through digital technologies. Five factors that inf...
Transforming governments through digital technologies. Five factors that inf...
Data and Analytics In The Digital Age
Data and Analytics In The Digital Age
Intelligent Mobility for Smart Cities
Intelligent Mobility for Smart Cities
PwC: New IT Platform From Strategy Through Execution
PwC: New IT Platform From Strategy Through Execution
Accenture Mobility - Trends for the Next Decade
Accenture Mobility - Trends for the Next Decade
Deloitte Cloud Accelerators Salesforce Tour Melbourne
Deloitte Cloud Accelerators Salesforce Tour Melbourne
The Bank of the Future: How Deloitte Powers the Omnichannel Digital Experience
The Bank of the Future: How Deloitte Powers the Omnichannel Digital Experience
Accenture CIO Mobility Survey
Accenture CIO Mobility Survey
Accenture Technology Vision 2015 - Digital Business Era
Accenture Technology Vision 2015 - Digital Business Era
Digital Business - Accenture
Digital Business - Accenture
Putting digital technology and data to work for Tech CMO's
Putting digital technology and data to work for Tech CMO's
Accenture Cloud Platform: Control, Manage and Govern the Enterprise Cloud
Accenture Cloud Platform: Control, Manage and Govern the Enterprise Cloud
Similar a 2012 04-27%20%20 mobile%20security%20ppt%20presentation[1]
IBM Rational Solution for mobile
IBM Rational Solution for mobile
Eric Cattoir
Build a Mobile Strategy: Beyond BYOD
Build a Mobile Strategy: Beyond BYOD
Graham Chalk
Bi Hits The Road
Bi Hits The Road
Jorge Garcia
Mobile reporting 2010 07 information builder
Mobile reporting 2010 07 information builder
OKTOPUS Consulting
HCL Technologies: The CIO Handbook (Edition 4)
HCL Technologies: The CIO Handbook (Edition 4)
HCL Technologies
Waterloo Ideaca Mobility Presentation: May 2012
Waterloo Ideaca Mobility Presentation: May 2012
Ideaca
PCTY 2012, How Mobile changes the World v. Christian Cagnol
PCTY 2012, How Mobile changes the World v. Christian Cagnol
IBM Danmark
Viability of bring your-own-computer BYOC programs
Viability of bring your-own-computer BYOC programs
Masaf Dawood
Mobile trends and academic opportunities presented at Strathmore and JKUAT Un...
Mobile trends and academic opportunities presented at Strathmore and JKUAT Un...
Jeremy Siewert
Mobile application development
Mobile application development
Asha Hariharan
Pulse 2013 Mobile Build and Connect presentation
Pulse 2013 Mobile Build and Connect presentation
Leigh Williamson
Meap and business platforms
Meap and business platforms
Deepu S Nath
03 put your business in motion become a mobile enterprise icty
03 put your business in motion become a mobile enterprise icty
Warba Insurance Co Kuwait
IBM Mobile Enterprise Overview
IBM Mobile Enterprise Overview
aakhan0830
Enterprise Mobility Report - Unwiring the Enterprise
Enterprise Mobility Report - Unwiring the Enterprise
[x]cube LABS
Rational federal symposium mobile development in government
Rational federal symposium mobile development in government
Roger Snook
Enterprise mobility trends 2013
Enterprise mobility trends 2013
Regalix
Navigating your mobile roadmap rapid value
Navigating your mobile roadmap rapid value
rapidvalue
IBM Mobile Strategy
IBM Mobile Strategy
IBM WebSphereIndia
Webinar Slides: How Mobile is Reshaping Financial Advice
Webinar Slides: How Mobile is Reshaping Financial Advice
Xignite
Similar a 2012 04-27%20%20 mobile%20security%20ppt%20presentation[1]
(20)
IBM Rational Solution for mobile
IBM Rational Solution for mobile
Build a Mobile Strategy: Beyond BYOD
Build a Mobile Strategy: Beyond BYOD
Bi Hits The Road
Bi Hits The Road
Mobile reporting 2010 07 information builder
Mobile reporting 2010 07 information builder
HCL Technologies: The CIO Handbook (Edition 4)
HCL Technologies: The CIO Handbook (Edition 4)
Waterloo Ideaca Mobility Presentation: May 2012
Waterloo Ideaca Mobility Presentation: May 2012
PCTY 2012, How Mobile changes the World v. Christian Cagnol
PCTY 2012, How Mobile changes the World v. Christian Cagnol
Viability of bring your-own-computer BYOC programs
Viability of bring your-own-computer BYOC programs
Mobile trends and academic opportunities presented at Strathmore and JKUAT Un...
Mobile trends and academic opportunities presented at Strathmore and JKUAT Un...
Mobile application development
Mobile application development
Pulse 2013 Mobile Build and Connect presentation
Pulse 2013 Mobile Build and Connect presentation
Meap and business platforms
Meap and business platforms
03 put your business in motion become a mobile enterprise icty
03 put your business in motion become a mobile enterprise icty
IBM Mobile Enterprise Overview
IBM Mobile Enterprise Overview
Enterprise Mobility Report - Unwiring the Enterprise
Enterprise Mobility Report - Unwiring the Enterprise
Rational federal symposium mobile development in government
Rational federal symposium mobile development in government
Enterprise mobility trends 2013
Enterprise mobility trends 2013
Navigating your mobile roadmap rapid value
Navigating your mobile roadmap rapid value
IBM Mobile Strategy
IBM Mobile Strategy
Webinar Slides: How Mobile is Reshaping Financial Advice
Webinar Slides: How Mobile is Reshaping Financial Advice
Último
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
Matt Ray
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
D Cloud Solutions
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
DianaGray10
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Safe Software
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
shyamraj55
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
DianaGray10
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
DianaGray10
Nanopower In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
Pedro Manuel
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Commit University
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
Jamie (Taka) Wang
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
YounusS2
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
IES VE
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
Adtran
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
DianaGray10
201610817 - edge part1
201610817 - edge part1
Jamie (Taka) Wang
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
DianaGray10
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
dgelyza
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
David Newbury
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
Jamie (Taka) Wang
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
Seth Reyes
Último
(20)
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
Nanopower In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
201610817 - edge part1
201610817 - edge part1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
2012 04-27%20%20 mobile%20security%20ppt%20presentation[1]
1.
Developing a Mobile
Security Strategy Webinar for the institutions in the University of Texas System Kieran Norton Principal, Deloitte & Touche LLP April 2012
2.
Webinar Essentials
Session is currently being recorded, and will be available on our website at http://www.utsystem.edu/compliance/SWCAcademy.html. If you wish to ask questions: • Click on the “Raise Hand” button . The webinar administrator will un-mute you at the appropriate time. Note: Remember to turn down your speaker volume to avoid feedback. • Questions may also be typed in the GoToWebinar Question panel. CPE credit is available for this webinar for attendees who attend the live webinar. Please request credit by sending an email to the UT Systemwide Compliance Office at systemwidecomp@utsystem.edu. Please provide your feedback in the post-session survey. 1 Copyright © 2012 Deloitte Development LLC. All rights reserved.
3.
Table of Contents
Problem Statement 2 Background 3-5 Mobile Ecosystem and Risk Landscape 6-12 Strategic Approach 13-16 Bring Your Own Device (BYOD) 17-19 Technology and Vendor Considerations 20-22 Key Takeaways 23-24 Appendix 25-29 2 Copyright © 2012 Deloitte Development LLC. All rights reserved.
4.
Problem statement Summary observations
from the security assessments related to mobile devices: • Lack of appropriate policies/guidance and procedures related to the use of mobile devices; e.g., PDAs, tablets, etc. • Proliferation of mobile devices with access to networks and applications, and no capability to track or inventory. • Increased risk of unauthorized exposure of sensitive information through mobile devices (e.g., patient information, proprietary research data, etc.) resulting in adverse impacts to UTS and the institutions, such as financial penalties, legal implications and damaged public image. 3 Copyright © 2012 Deloitte Development LLC. All rights reserved.
5.
Background
6.
The mobility landscape Mobile
computing has been growing at a staggering rate across all age groups, income groups, industries, geographies and cultures and is widely expected to continue its exponential growth rate over the next five years. Current mobile landscape1 Expected growth1 Mobile cellular subscriptions Approximately 470M smartphones surpassed 5B in 2010 (Gartner) will be sold globally in 2011 (IDC) 83% of US population owns Approximately 980M smartphones cellphones; 35% of these are will be sold globally in 2016 (IMS) smartphones (Pew Research) By 2015, global mobile data traffic More than 410M smartphone devices volume will be approximately 25 have been sold globally so far times 2010 volume (FCC) (Forrester) Tablets will reach one-third of US Nearly 18M tablets were sold in 2010 adults by 2015 (Forrester) (IDC) Tablet unit sales to total around 54.8M in 2011 and top 208M in 2014 (Gartner) Mobility and mobility services are not only gaining ground among consumers but also among enterprises 1Note: Please refer Appendix for statistic references 5 Copyright © 2012 Deloitte Development LLC. All rights reserved.
7.
Adoption of mobility
trends At a high level, entities go through three stages of adoption for mobility. Mobility-Centric Innovation: • Develop completely new apps Business Impact/Number of Mobile Apps Mobilize Existing that leverage mobility benefits Applications: • Result: User-centered UX and • Develop new graphical user new productivity, CRM and interfaces (GUIs) on top of revenue opportunities existing business logic • Result: Acceptable UX and Mobile Veneer: noticeable productivity, CRM & revenue gains • Mobile access to existing apps • No mobile app development • Result: Poor user experience (UX) and negligible productivity, customer satisfaction or revenue gains Stage 1 Stage 2 Stage 3 Though mobility offers wide range of products and services, it has its own set of security vulnerabilities due to the changing threat landscape 6 Copyright © 2012 Deloitte Development LLC. All rights reserved.
8.
Mobile ecosystem and
risk landscape
9.
Mobile security: Threat
overlay on mobility ecosystem 8 Copyright © 2012 Deloitte Development LLC. All rights reserved.
10.
Mobility risk categories Enabling
mobility is a balance of technology, return on investment and risk. These need to be aligned with business needs and strategies. When considering developing mobile solutions, or fine tuning an existing solution, it is necessary to gain an understanding of the risks associated with mobility. These risks fall into four main categories: Mobility risk categories What makes mobile devices valuable 4. Infrastructure & 1. Operational from a business perspective – Device portability, usability and connectivity to the internet and corporate infrastructure – also presents significant risk. New risks have been introduced at the 3. Legal & 2. Technology & device, application and infrastructure Regulatory Data Protection levels requiring changes in corporate security policy and strategy. 9 Copyright © 2012 Deloitte Development LLC. All rights reserved.
11.
4. Infrastructure &
1. Operational Device 1. Operational 3. Legal & 2. Technology & Regulatory Data Protection Mobility poses unique risks and existing security and IT support resources and infrastructure cannot be extended to cover mobile devices and applications without significant investment - in developing new skills, technical capabilities, operational processes and deployment of a ‘mobility infrastructure’. A. Executives, users and customers are driving mobility decisions; operational risk considerations are not driving mobile security strategy B. Security controls can negatively impact usability, causing friction with employees and slowing adoption C. Increasing support demands may in turn outpace resource skill sets and technical capabilities D. Varied mobile OS implementations make it difficult to deploy a singular security solution E. Existing operational processes may not be efficiently designed or “mobile-ready” which can hinder expected productivity In one Deloitte case study, implementation of significant security controls led to 20% of the company’s mobile device users voluntarily opting out of the corporate program ... however it is unlikely users stopped using a mobile device 10 Copyright © 2012 Deloitte Development LLC. All rights reserved.
12.
4. Infrastructure &
1. Operational Device 2. Technology and data protection 3. Legal & 2. Technology & Regulatory Data Protection Mobile devices are valuable from a business perspective due to internet connectivity, access to corporate infrastructure as well as mobile/cloud based applications. These benefits also result in greater potential exposure for the enterprise – with risks introduced at the device, application and infrastructure levels. A. End users may have the ability to modify device security parameters thus weakening the security controls B. Devices and memory cards are not encrypted by default or configured appropriately thus leading to potential data leakage/loss C. With use of cloud based applications, data protection becomes increasingly complex D. Many organizations are not able to enforce mobile OS patching and updating which may result in vulnerable devices E. Users often install unapproved applications or applications containing malware which poses information security risks As an example, 58 malicious apps were uploaded to an app store and then downloaded to around 260,000 devices before the app store pulled the apps 11 Copyright © 2012 Deloitte Development LLC. All rights reserved.
13.
4. Infrastructure &
1. Operational Device 3. Legal and regulatory 3. Legal & 2. Technology & Regulatory Data Protection Security requirements may be complex, particularly if the organization operates in regulated industries. Employment labor laws, HIPAA requirements, privacy requirements, e-discovery requirements, etc., may impact the overall mobile strategy. A. Employees using use corporate devices for personal purposes and vice versa may give rise to significant data privacy issues B. The “bring your own device” trend raises ethical and legal questions around monitoring, device wiping, etc., upon employee termination C. Corporate usage of mobile devices by hourly employees can/will raise concerns around overtime labor law considerations D. Regulatory requirements to address e-discovery, monitoring, data archiving etc., can be complex and difficult to implement E. Data ownership and liability for corporate and employee owned devices used for business purposes is yet to determined In the Massachusetts data protection law (MA 201), responsibilities for protecting information on employee-owned devices used to access company resources may apply equally to the enterprise and the individual 12 Copyright © 2012 Deloitte Development LLC. All rights reserved.
14.
4. Infrastructure &
1. Operational Device 4. Infrastructure and device 3. Legal & 2. Technology & Regulatory Data Protection The diversity of device options and underlying operating system/application platforms introduces a myriad of security risks and challenges. A. Mobile device attacks and varying attack vectors increases the overall risk exposure (extending the enterprise risk profile) B. Multiple choices in the devices, OS platforms, apps, etc., requires companies to employ diverse technologies expanding the attack surface C. Third party apps installed on corporate devices may contain vulnerabilities caused by developer mistakes or re-packaged malware D. Securing of mobile transmissions and channels is complex given a varied protocol landscape & the newer communication channels E. Mobile devices are easily lost or stolen in comparison with other IT assets (e.g., laptops) and remote wipe efforts frequently fail According to a recent survey, 36% of consumers in the US have either lost their mobile phone or had it stolen 13 Copyright © 2012 Deloitte Development LLC. All rights reserved.
15.
Strategic approach
16.
Strategies for tackling
mobile risks Defining a Mobile Security Approach After gaining an understanding of the key risks that affect your business, the next step is determining and defining your approach to a mobile security solution deployment. When determining the right approach, it is important to understand your specific use cases and incorporate your key business drivers and objectives. Device centric Data centric Application centric Mobile device Minimal device data Developer training management (MDM) footprint Example controls Strict device policy Communications System development life enforcement encryption cycle Primary or multi-platform Local data encryption Virtualization IDE Secure Application distribution & containers/partitions Data integrity maintenance 15 Copyright © 2012 Deloitte Development LLC. All rights reserved.
17.
Deployment decisions Key
decision points that drive strategy and the resulting architecture Bring-Your-Own vs. Corporate Provided Manage Security In-House vs. Outsource Security 3rd Party Tools vs. Native Platform Tools Application Management vs. Application Guidance Full Data Access vs. Restricted Data Access 16 Copyright © 2012 Deloitte Development LLC. All rights reserved.
18.
Mobility reference architecture Strategy
Development Applications Development (Design, Implement, Test) Business Analysis Creative/UX/UI Design Enterprise Mobility App concept to (Opportunity ID, Infrastructure development Business Case) Cross-Platform Dev Native Development Mobile Enablement Sybase SUP, Objective C (iOS), Strategy/Roadmap HTML5, Adobe Java Business Mobile Solution Enterprise Systems Integration Strategy Architecture ERP, Web/Ecommerce Reporting/BI/DW End-to-end Network and Legacy Systems Enablement Design Mobile Middleware Mobility Readiness Enterprise Assessment Integration Data Mgmt Integration Security Industry Mobile Analytics Regulatory/Compliance/ Cloud and Social Feedback Security Analysis Security Business Strategy Mobile application Mobile security policy Mobile security strategy Mobile device and security and governance and architecture operations security App Concept to Development Mobility Infrastructure Deployment, Distribution, Management, Operations Mobile Device Operational / Organizational Management Enterprise Integration Strategy Readiness Product Mgmt IT Governance Security, Privacy & Compliance Enterprise App Store Enablement Support Readiness Note: Products listed for the above technology product vendors are their respective property. 17 Copyright © 2012 Deloitte Development LLC. All rights reserved.
19.
Bring Your Own
Device (BYOD)
20.
BYOD considerations Employees increasingly
want to use their favorite mobile device for personal and business use. They want to store personal data and install games on devices they are also using to access enterprise applications and data. If employees purchase their own device and plan, this can reduce telecom costs, however it creates several business challenges and security risks. Key Considerations • Bearing of device costs and associated usage fees • Support considerations associated with highly differentiated OS’s, platforms, hardware/devices, apps, etc. • Employee usage monitoring and device oversight • Legal, regulatory and privacy risk mitigation associated with corporate data made available on mobile devices • IT staffing and skill set requirements to support corporate issued and/or employee owned devices 19 Copyright © 2012 Deloitte Development LLC. All rights reserved.
21.
Bring-Your-Own vs. Corporate
Provided Bring Your Own Device and possibly line costs incurred by employee PROS Meets user desire to choose the device they like most, have a single phone number, etc. Addresses increased demand by employees to connect personal devices to corporate networks Limited device oversight and control Increased challenges with enforcing legal and regulatory requirements CONS Device and data ownership questions Requires support for diverse platforms, OSes, devices; may negatively impact app strategy Varied device service fees, lack of purchasing leverage (when chargeback/subsidies allowed) Corporate Provided Tighter device oversight and control, more heterogeneous device environment (app strategy) Streamlining devices, platforms and OSes simplifies IT support PROS Direct relationship with carrier may be advantageous from a monitoring and security perspective Device costs and service fees negotiated with service providers; increased purchasing power Cost of providing devices and service fees High employee demand for broader diversity in devices can lead to lower satisfaction and CONS adoption May require potential increase in IT support staffing and skill set requirements Privacy considerations with monitoring of employee usage and activity, etc. 20 Copyright © 2012 Deloitte Development LLC. All rights reserved.
22.
Technology and vendor considerations
23.
Mobile device and
app management Technology Key Features Example Vendors Microsoft • Over-the-air sync on mobile • EAS is a native tool included with Exchange devices to existing Exchange Microsoft Exchange Server. If an ActiveSync (EAS) Server infrastructure for email, organization has an existing contacts, calendar data, and more Exchange infrastructure they have • Basic device management access to EAS and its capabilities capabilities including allowing/blocking devices, and enforcing password requirements Mobile Device • Secure enrollment of mobile • Good Technology Management devices to be managed • MobileIron (MDM) • Wireless configuration and • AirWatch updating of device settings • Zenprise • Monitoring and enforcing • Many others compliance with corporate policies Mobile • Secure mobile application • Apperian Application distribution • Appcelerator Management • Monitoring and enforcing • App47 (MAM) compliance with app policies • Nukona • Reporting on approved/rogue • Mocana apps • MobileIron* • AirWatch* • Zenprise* * MAM functionality included with primary MDM offering Note: Products listed for the above technology product vendors are their respective property. Copyright © 2012 Deloitte Development LLC. All rights reserved.
24.
Secure containers and
mobile virtualization Technology Key Features Example Vendors Secure Container • Secure area on device for housing • Good Technology Solutions enterprise data and applications • Sky Technology • Container content is encrypted and separated from rest of device • Allows more granular control of enterprise data (e.g., remote wipe container only) Mobile • Allows multiple mobile operating • VMWare Virtualization systems to run simultaneously on • Open Kernel Labs a single device • Red Bend Software • Personal and corporate content is separated with each running in its own virtual device Note: Products listed for the above technology product vendors are their respective property. Copyright © 2012 Deloitte Development LLC. All rights reserved.
25.
Key takeaways
26.
What are early
adopters doing? Taking an organization and user-centric approach 1. Understand the specific mobility use cases 2. Understand key mobility risks that affect the organization and its constituents 3. Incorporate key business drivers and objectives 4. Implement security controls through both policy and technology 5. Enable, not disable adoption of new innovations (it’s not stopping here…) Define Mobile Technology Architect & Security Acquisition & Design Requirements Deployment Copyright © 2012 Deloitte Development LLC. All rights reserved.
27.
Appendix
28.
Appendix A: References
Current mobile landscape Expected growth Mobile cellular subscriptions surpassed 5B in Approximately 470M smartphones will be sold 2010 (Gartner) globally in 2011 (IDC) http://my.gartner.com/resources/213800/213866/m http://www.idc.com/getdoc.jsp?containerId=prUS obile_and_contextaware_bran_213866.pdf?li=1 22871611 83% of US population owns cellphones; 35% of Approximately 980M smartphones will be sold these are smartphones (Pew Research) globally in 2016 (IMS) http://pewresearch.org/pubs/2054/smartphone- http://news.softpedia.com/news/One-Billion- ownership-demographics-iphone-blackberry- Smartphones-a-Year-by-2016-IMS-Research- android Says-213740.shtml More than 275 million iPhones and BlackBerrys By 2015, global mobile data traffic volume will be and 135 million Android devices have been sold approximately 25 times 2010 volume (FCC) globally (Forrester) http://www.cisco.com/en/US/solutions/collateral/n http://www.forrester.com/rb/Research/global_main s341/ns525/ns537/ns705/ns827/VNI_Hyperconn streaming_of_smartphones/q/id/60762/t/2 ectivity_WP.html Nearly 18 Million Tablets were sold in 2010 (IDC) Tablets will reach one-third of US adults by 2015 http://www.engadget.com/2011/03/10/idc-18- (Gartner) million-tablets-12-million-e-readers-shipped-in- http://www.forrester.com/rb/Research/why_tablet 2010/ _commerce_may_soon_trump_mobile/q/id/5909 6/t/2 Other Tablet unit sales to total around 54.8 million next year and top 208 million in 2014 (Gartner) MA 201 http://my.gartner.com/portal/server.pt?open=512 http://www.mass.gov/ocabr/docs/idtheft/201cmr17 &objID=260&mode=2&PageID=3460702&resId= 00reg.pdf 1451714&ref=QuickSearch&sthkw=milanesi Lost phone survey http://www.symantec.com/about/news/release/arti cle.jsp?prid=20110208_01 27 Copyright © 2012 Deloitte Development LLC. All rights reserved.
29.
How Deloitte can
help
30.
Deloitte mobile security
services Deloitte can assist you in creating a secure delivery framework for your mobility initiatives from inception to ongoing operation. We can help you set the proper risk balance between control, efficiency and user experience. Our security and privacy specific services include: Deloitte’s mobility security services Mobile security strategy & architecture Mobile security risk assessment Mobile infrastructure security Mobile device & operations security Mobile application security testing Secure SDLC for mobile applications Mobile security policy management Mobile security training & awareness Incident investigation & response Mobile device forensics We also leverage the resources of the Deloitte Center for Security & Privacy Solutions that conduct original research and develop substantive points of view to help executives make sense of and profit from emerging opportunities on the edge of business and technology. 29 Copyright © 2012 Deloitte Development LLC. All rights reserved.
31.
This presentation contains
general information only and Deloitte is not, by means of this presentation, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This presentation is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. Deloitte, its affiliates, and related entities shall not be responsible for any loss sustained by any person who relies on this presentation. Copyright © 2012 Deloitte Development LLC. All rights reserved. Member of Deloitte Touche Tohmatsu Limited
Descargar ahora