SlideShare una empresa de Scribd logo

Secure Your Mobile Content!

Descargar como PPTX, PDF
Mike Brannon
Mike Brannon

Embrace BYOD - Help your customers be more productive and use their mobile device of choice. At the same time be VERY SECURE - manage your mobile content!

Tecnología
1 de 21
Best Practices for Securing Mobile Content Mike Brannon, National Gypsum
National Gypsum Company is a fully integrated building products manufacturer Headquartered in Charlotte, NC with mines and quarries, and manufacturing plants across North America
Charlotte Metro ISSA Email us at info@charlotteissa.org Twitter: @cltissa http://www.charlotteissa.org/ ISSA local chapter delivers excellent and low cost Security Training, hosts an annual Summit event and sponsors UNCC scholarships Quarterly gatherings to share practices and network – support from sponsor / partners for meetings Please Join Us!
44
5 Definition… Mobile First organizations embrace mobility as their primary IT platform in order to transform their businesses and increase their competitiveness Content of all types is easily and securely available on any device CONTENT End users choose their devices Security is invisible to end users User experience is the #1 design criteria USER EXPERIENCES New apps are developed and delivered to mobile devices first Core business processes can be performed on any device APPLICATIONS In a Mobile First Company…
66 Traditional enterprise security 6 Firewall & VPN
77 The perimeter is gone Copy/Paste Open-in Forward
88 The more the CIO says no, the less secure the organization becomes. Vivek Kundra, Former U.S. Federal CIO Responsible, not restrictive Mike Brannon, National Gypsum
99 Securing data-at-rest
1010 Open In Copy SaveView SharePoint documents Open In Copy SaveView Email attachments MobileIron Confidential10 Secure your document repositories • Solve “open in” problem • Store documents securely on device • Control cut / copy / paste actions • Selectively wipe documents • Prevent unauthorized distribution • Control end-to-end with policy • Leverage existing content repositories • Prevent use of unauthorized tools – – DropBox for example Open In Copy SaveView Box shared documents
1111 Securing email attachments 11 Email App Secure Content Viewer Email with Attachment REMOVE
1212 Colligo App Viewer Securing SharePoint 12 REMOVE Sharepoint
1313 Closed-loop actions when compromised 13 Remediation Notify Block Quarantine Closed-loop actions • Notify user and admin • Prevent access • Remove saved files • Remove SharePoint config • Protect enterprise persona MobileIron Confidential
1414 National Gypsum Implementation • Risks / Threats Addressed: – Loss of Company Data / Lost Devices / Departing Employees – All Devices and Users Registered / Security Policies Enforced – Ease of Use for Employees AND Improved Security & Efficiency • What We Deployed (And Timeline) – MobileIron device (VSP) and support (Sentry) – All Smartphones – Blackberry (now gone), Apple iOS and Android Devices – Push Secure WiFi Config to Minimize Data Use On Premise – Rush To Adopt iPads – From 0 to 100’s of Devices! – More than email access! Apps for SharePoint and Data! – Manage “Allowed” and “Disallowed” Settings / Apps (DropBox) – Leverage Internal PKI and Push Webclips – Deliver Data
1515 • Where Are We Now? – BES Retired – 70% iOS, 25% Android, 5% Windows Devices – iPad is currently only supported Tablet – Testing others (Surface?) – Plans to allow Windows 8 and MAC OS/X BYOD – Colligo Briefcase for SharePoint Document Access – BOX for External Data Sharing with Partners – Two Apps Deployed on iOS with “One Tap For Data” • Certificates delivered to Device and to User (SCEP/MobileIron) • Invisible Authentication via Juniper Secure Access • IIS Web Server & Application Configuration – “Last Seen User State” • HTML5 / JavaScript to deliver SQL and Mainframe Data National Gypsum Implementation
1616 National Gypsum Implementation
1717 Best practices for mobile content DLP 17 Closed-loop compliance Continuous management OS integrity OS versioning Passcode / encryption Auto-wipe Identity Secure tunnel Attachment protection Secure content hub Role of cloud Credible ecosystem MobileIron Confidential
1818 Security considerations 2013+ … “No” not a sustainable option -> provide credible alternatives Massive content ecosystem -> crowd-source but don’t lock-in Uncertain economics -> establish “help-yourself-desk” Dynamic risk at endpoint -> automate your mobile trust model Content always one-click from cloud -> co-habitate responsibly Blurring between content and app -> explore new forms
1919 Content doesn’t exist in isolation Enterprise Mobile Persona Native experience Data separation Shared policy Selective wipe Secure communications Email Apps Certs Policy Content Federated identity
2020 Journey to the Mobile First Enterprise Device Security BYOD (user choice) Email access (secure ActiveSync) Multi-OS security (BlackBerry replacement) App & Content Enablement 1st gen of mobile apps Mobile docs (SharePoint) Cloud protections Business Transformation New user & business experiences
Thank you Mike Brannon (mebrannon@nationalgypsum.com http://www.charlotteissa.org/ ISSA local chapter delivers excellent and low cost Security Training, hosts an annual Summit event and sponsors UNCC scholarships Please Join Us!

Recomendados

BYOD - Mobility - Protection: security partnering with business
BYOD - Mobility - Protection: security partnering with businessBYOD - Mobility - Protection: security partnering with business
BYOD - Mobility - Protection: security partnering with businessMike Brannon
 
Secure mobile content SharePoint Best Practices Conference 2013
Secure mobile content SharePoint Best Practices Conference 2013Secure mobile content SharePoint Best Practices Conference 2013
Secure mobile content SharePoint Best Practices Conference 2013Mike Brannon
 
Tim Willoughby presentation to cloud workshop 2016
Tim Willoughby presentation to cloud workshop 2016Tim Willoughby presentation to cloud workshop 2016
Tim Willoughby presentation to cloud workshop 2016Tim Willoughby
 
Readying your IT Infrastructure for Cloud
Readying your IT Infrastructure for CloudReadying your IT Infrastructure for Cloud
Readying your IT Infrastructure for CloudRH
 
Mobile Security
Mobile SecurityMobile Security
Mobile SecurityXavier Mertens
 
Identity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of ThingsIdentity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of ThingsPing Identity
 
Con8896 securely enabling mobile access for business transformation - final
Con8896 securely enabling mobile access for business transformation - finalCon8896 securely enabling mobile access for business transformation - final
Con8896 securely enabling mobile access for business transformation - finalOracleIDM
 
GARTNER IT EXPO - Protecting Content in a Mobile & Cloud World
GARTNER IT EXPO - Protecting Content in a Mobile & Cloud WorldGARTNER IT EXPO - Protecting Content in a Mobile & Cloud World
GARTNER IT EXPO - Protecting Content in a Mobile & Cloud WorldSri Chilukuri
 

Recomendados

BYOD - Mobility - Protection: security partnering with business
BYOD - Mobility - Protection: security partnering with businessBYOD - Mobility - Protection: security partnering with business
BYOD - Mobility - Protection: security partnering with businessMike Brannon
 
Secure mobile content SharePoint Best Practices Conference 2013
Secure mobile content SharePoint Best Practices Conference 2013Secure mobile content SharePoint Best Practices Conference 2013
Secure mobile content SharePoint Best Practices Conference 2013Mike Brannon
 
Tim Willoughby presentation to cloud workshop 2016
Tim Willoughby presentation to cloud workshop 2016Tim Willoughby presentation to cloud workshop 2016
Tim Willoughby presentation to cloud workshop 2016Tim Willoughby
 
Readying your IT Infrastructure for Cloud
Readying your IT Infrastructure for CloudReadying your IT Infrastructure for Cloud
Readying your IT Infrastructure for CloudRH
 
Mobile Security
Mobile SecurityMobile Security
Mobile SecurityXavier Mertens
 
Identity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of ThingsIdentity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of ThingsPing Identity
 
Con8896 securely enabling mobile access for business transformation - final
Con8896 securely enabling mobile access for business transformation - finalCon8896 securely enabling mobile access for business transformation - final
Con8896 securely enabling mobile access for business transformation - finalOracleIDM
 
GARTNER IT EXPO - Protecting Content in a Mobile & Cloud World
GARTNER IT EXPO - Protecting Content in a Mobile & Cloud WorldGARTNER IT EXPO - Protecting Content in a Mobile & Cloud World
GARTNER IT EXPO - Protecting Content in a Mobile & Cloud WorldSri Chilukuri
 
Cloud security lessons learned and audit
Cloud security lessons learned and auditCloud security lessons learned and audit
Cloud security lessons learned and auditMarc Vael
 
Catalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingCatalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingPing Identity
 
How secure are chat and webconf tools
How secure are chat and webconf toolsHow secure are chat and webconf tools
How secure are chat and webconf toolsMarc Vael
 
festival ICT 2013: La consumerizzazione dell’IT: come coglierne i vantaggi ec...
festival ICT 2013: La consumerizzazione dell’IT: come coglierne i vantaggi ec...festival ICT 2013: La consumerizzazione dell’IT: come coglierne i vantaggi ec...
festival ICT 2013: La consumerizzazione dell’IT: come coglierne i vantaggi ec...festival ICT 2016
 
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...Ping Identity
 
IBM MaaS360 with Watson
IBM MaaS360 with WatsonIBM MaaS360 with Watson
IBM MaaS360 with WatsonKillian Delaney
 
Managing Identity without Boundaries
Managing Identity without BoundariesManaging Identity without Boundaries
Managing Identity without BoundariesPing Identity
 
Information & Cyber Security Risk
Information & Cyber Security RiskInformation & Cyber Security Risk
Information & Cyber Security RiskMurray Security Services
 
You Can't Spell Enterprise Security without MFA
You Can't Spell Enterprise Security without MFA You Can't Spell Enterprise Security without MFA
You Can't Spell Enterprise Security without MFA Ping Identity
 
Laptop management
Laptop managementLaptop management
Laptop managementKillian Delaney
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 
IRM Briefing
IRM BriefingIRM Briefing
IRM BriefingSri Chilukuri
 
The 2016 Guide to IT Identity Management
The 2016 Guide to IT Identity ManagementThe 2016 Guide to IT Identity Management
The 2016 Guide to IT Identity ManagementJumpCloud
 
Session 4 Enterprise Mobile Security
Session 4 Enterprise Mobile SecuritySession 4 Enterprise Mobile Security
Session 4 Enterprise Mobile SecuritySantosh Satam
 
Protecting your Data in Google Apps
Protecting your Data in Google AppsProtecting your Data in Google Apps
Protecting your Data in Google AppsElastica Inc.
 
3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputation3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputationNikec Solutions
 
BYOD: Bring Your Own Device Implementation and Security Issues
BYOD: Bring Your Own Device Implementation and Security IssuesBYOD: Bring Your Own Device Implementation and Security Issues
BYOD: Bring Your Own Device Implementation and Security IssuesHarsh Kishore Mishra
 
Securing the Extended Enterprise with Mobile Security - Customer Presentation
Securing the Extended Enterprise with Mobile Security - Customer Presentation Securing the Extended Enterprise with Mobile Security - Customer Presentation
Securing the Extended Enterprise with Mobile Security - Customer Presentation Delivery Centric
 
How to Extend Security and Compliance Within Box
How to Extend Security and Compliance Within BoxHow to Extend Security and Compliance Within Box
How to Extend Security and Compliance Within BoxElastica Inc.
 
Webinar: Deep Diving Into the KuppingerCole IDaaS Leadership Compass
Webinar: Deep Diving Into the KuppingerCole IDaaS Leadership Compass Webinar: Deep Diving Into the KuppingerCole IDaaS Leadership Compass
Webinar: Deep Diving Into the KuppingerCole IDaaS Leadership Compass Ping Identity
 
Mobile Device Security - Responsible Not Repressive
Mobile Device Security - Responsible Not RepressiveMobile Device Security - Responsible Not Repressive
Mobile Device Security - Responsible Not RepressiveMike Brannon
 
Smartphone security
Smartphone securitySmartphone security
Smartphone securityMike Brannon
 

Más contenido relacionado

La actualidad más candente

Cloud security lessons learned and audit
Cloud security lessons learned and auditCloud security lessons learned and audit
Cloud security lessons learned and auditMarc Vael
 
Catalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingCatalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingPing Identity
 
How secure are chat and webconf tools
How secure are chat and webconf toolsHow secure are chat and webconf tools
How secure are chat and webconf toolsMarc Vael
 
festival ICT 2013: La consumerizzazione dell’IT: come coglierne i vantaggi ec...
festival ICT 2013: La consumerizzazione dell’IT: come coglierne i vantaggi ec...festival ICT 2013: La consumerizzazione dell’IT: come coglierne i vantaggi ec...
festival ICT 2013: La consumerizzazione dell’IT: come coglierne i vantaggi ec...festival ICT 2016
 
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...Ping Identity
 
Managing Identity without Boundaries
Managing Identity without BoundariesManaging Identity without Boundaries
Managing Identity without BoundariesPing Identity
 
You Can't Spell Enterprise Security without MFA
You Can't Spell Enterprise Security without MFA You Can't Spell Enterprise Security without MFA
You Can't Spell Enterprise Security without MFA Ping Identity
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 
The 2016 Guide to IT Identity Management
The 2016 Guide to IT Identity ManagementThe 2016 Guide to IT Identity Management
The 2016 Guide to IT Identity ManagementJumpCloud
 
Session 4 Enterprise Mobile Security
Session 4 Enterprise Mobile SecuritySession 4 Enterprise Mobile Security
Session 4 Enterprise Mobile SecuritySantosh Satam
 
Protecting your Data in Google Apps
Protecting your Data in Google AppsProtecting your Data in Google Apps
Protecting your Data in Google AppsElastica Inc.
 
3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputation3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputationNikec Solutions
 
BYOD: Bring Your Own Device Implementation and Security Issues
BYOD: Bring Your Own Device Implementation and Security IssuesBYOD: Bring Your Own Device Implementation and Security Issues
BYOD: Bring Your Own Device Implementation and Security IssuesHarsh Kishore Mishra
 
Securing the Extended Enterprise with Mobile Security - Customer Presentation
Securing the Extended Enterprise with Mobile Security - Customer Presentation Securing the Extended Enterprise with Mobile Security - Customer Presentation
Securing the Extended Enterprise with Mobile Security - Customer Presentation Delivery Centric
 
How to Extend Security and Compliance Within Box
How to Extend Security and Compliance Within BoxHow to Extend Security and Compliance Within Box
How to Extend Security and Compliance Within BoxElastica Inc.
 
Webinar: Deep Diving Into the KuppingerCole IDaaS Leadership Compass
Webinar: Deep Diving Into the KuppingerCole IDaaS Leadership Compass Webinar: Deep Diving Into the KuppingerCole IDaaS Leadership Compass
Webinar: Deep Diving Into the KuppingerCole IDaaS Leadership Compass Ping Identity
 

La actualidad más candente (20)

Cloud security lessons learned and audit
Cloud security lessons learned and auditCloud security lessons learned and audit
Cloud security lessons learned and audit
 
Catalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingCatalyst 2015: Patrick Harding
Catalyst 2015: Patrick Harding
 
How secure are chat and webconf tools
How secure are chat and webconf toolsHow secure are chat and webconf tools
How secure are chat and webconf tools
 
festival ICT 2013: La consumerizzazione dell’IT: come coglierne i vantaggi ec...
festival ICT 2013: La consumerizzazione dell’IT: come coglierne i vantaggi ec...festival ICT 2013: La consumerizzazione dell’IT: come coglierne i vantaggi ec...
festival ICT 2013: La consumerizzazione dell’IT: come coglierne i vantaggi ec...
 
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
Gartner IAM London 2017 Session - Security, Standards & User Experience: The ...
 
IBM MaaS360 with Watson
IBM MaaS360 with WatsonIBM MaaS360 with Watson
IBM MaaS360 with Watson
 
Managing Identity without Boundaries
Managing Identity without BoundariesManaging Identity without Boundaries
Managing Identity without Boundaries
 
Information & Cyber Security Risk
Information & Cyber Security RiskInformation & Cyber Security Risk
Information & Cyber Security Risk
 
You Can't Spell Enterprise Security without MFA
You Can't Spell Enterprise Security without MFA You Can't Spell Enterprise Security without MFA
You Can't Spell Enterprise Security without MFA
 
Laptop management
Laptop managementLaptop management
Laptop management
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management Introduction
 
IRM Briefing
IRM BriefingIRM Briefing
IRM Briefing
 
The 2016 Guide to IT Identity Management
The 2016 Guide to IT Identity ManagementThe 2016 Guide to IT Identity Management
The 2016 Guide to IT Identity Management
 
Session 4 Enterprise Mobile Security
Session 4 Enterprise Mobile SecuritySession 4 Enterprise Mobile Security
Session 4 Enterprise Mobile Security
 
Protecting your Data in Google Apps
Protecting your Data in Google AppsProtecting your Data in Google Apps
Protecting your Data in Google Apps
 
3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputation3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputation
 
BYOD: Bring Your Own Device Implementation and Security Issues
BYOD: Bring Your Own Device Implementation and Security IssuesBYOD: Bring Your Own Device Implementation and Security Issues
BYOD: Bring Your Own Device Implementation and Security Issues
 
Securing the Extended Enterprise with Mobile Security - Customer Presentation
Securing the Extended Enterprise with Mobile Security - Customer Presentation Securing the Extended Enterprise with Mobile Security - Customer Presentation
Securing the Extended Enterprise with Mobile Security - Customer Presentation
 
How to Extend Security and Compliance Within Box
How to Extend Security and Compliance Within BoxHow to Extend Security and Compliance Within Box
How to Extend Security and Compliance Within Box
 
Webinar: Deep Diving Into the KuppingerCole IDaaS Leadership Compass
Webinar: Deep Diving Into the KuppingerCole IDaaS Leadership Compass Webinar: Deep Diving Into the KuppingerCole IDaaS Leadership Compass
Webinar: Deep Diving Into the KuppingerCole IDaaS Leadership Compass
 

Destacado

Mobile Device Security - Responsible Not Repressive
Mobile Device Security - Responsible Not RepressiveMobile Device Security - Responsible Not Repressive
Mobile Device Security - Responsible Not RepressiveMike Brannon
 
Smartphone security
Smartphone securitySmartphone security
Smartphone securityMike Brannon
 
NGC records management - SP2010 RM Features
NGC records management - SP2010 RM FeaturesNGC records management - SP2010 RM Features
NGC records management - SP2010 RM FeaturesMike Brannon
 
SharePoint Best Practices Conference 2013
SharePoint Best Practices Conference 2013SharePoint Best Practices Conference 2013
SharePoint Best Practices Conference 2013Mike Brannon
 
Mobile Devices Securely Accessing SharePoint
Mobile Devices Securely Accessing SharePointMobile Devices Securely Accessing SharePoint
Mobile Devices Securely Accessing SharePointMike Brannon
 
Search for Overview for SC Upstate SP users
Search for Overview for SC Upstate SP usersSearch for Overview for SC Upstate SP users
Search for Overview for SC Upstate SP usersMike Brannon
 

Destacado (6)

Mobile Device Security - Responsible Not Repressive
Mobile Device Security - Responsible Not RepressiveMobile Device Security - Responsible Not Repressive
Mobile Device Security - Responsible Not Repressive
 
Smartphone security
Smartphone securitySmartphone security
Smartphone security
 
NGC records management - SP2010 RM Features
NGC records management - SP2010 RM FeaturesNGC records management - SP2010 RM Features
NGC records management - SP2010 RM Features
 
SharePoint Best Practices Conference 2013
SharePoint Best Practices Conference 2013SharePoint Best Practices Conference 2013
SharePoint Best Practices Conference 2013
 
Mobile Devices Securely Accessing SharePoint
Mobile Devices Securely Accessing SharePointMobile Devices Securely Accessing SharePoint
Mobile Devices Securely Accessing SharePoint
 
Search for Overview for SC Upstate SP users
Search for Overview for SC Upstate SP usersSearch for Overview for SC Upstate SP users
Search for Overview for SC Upstate SP users
 

Similar a Secure Your Mobile Content!

Mitigating the Top 5 Cloud Security Threats
Mitigating the Top 5 Cloud Security ThreatsMitigating the Top 5 Cloud Security Threats
Mitigating the Top 5 Cloud Security ThreatsBitglass
 
Kaspars Petersons - BYOD - more like BYOP
Kaspars Petersons - BYOD - more like BYOPKaspars Petersons - BYOD - more like BYOP
Kaspars Petersons - BYOD - more like BYOPDevConFu
 
Appsecurity, win or loose
Appsecurity, win or looseAppsecurity, win or loose
Appsecurity, win or looseBjørn Sloth
 
Develop and Enforce a Bring-Your-Own-Device (BYOD) Policy
Develop and Enforce a Bring-Your-Own-Device (BYOD) PolicyDevelop and Enforce a Bring-Your-Own-Device (BYOD) Policy
Develop and Enforce a Bring-Your-Own-Device (BYOD) PolicyOracleIDM
 
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Security
 
Best practices for mobile enterprise security and the importance of endpoint ...
Best practices for mobile enterprise security and the importance of endpoint ...Best practices for mobile enterprise security and the importance of endpoint ...
Best practices for mobile enterprise security and the importance of endpoint ...Chris Pepin
 
Embracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifyEmbracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifySumana Mehta
 
The Future of Mobile Application Security
The Future of Mobile Application SecurityThe Future of Mobile Application Security
The Future of Mobile Application SecuritySecureAuth
 
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Karim Vaes
 
Power Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 securityPower Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 securityPowerSaturdayParis
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanSPS Paris
 
Smarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst ServicesSmarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst ServicesChris Pepin
 
Aisha visram presentacion bmobilew 2015 rev 2
Aisha visram presentacion bmobilew 2015 rev 2Aisha visram presentacion bmobilew 2015 rev 2
Aisha visram presentacion bmobilew 2015 rev 2Aisha Visram
 
Palo Alto Networks Soc Ent Okt2009
Palo Alto Networks Soc Ent Okt2009Palo Alto Networks Soc Ent Okt2009
Palo Alto Networks Soc Ent Okt2009Zernike College
 
En msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataEn msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataOnline Business
 
Zabezpečení mobilních zařízení ve firemním prostředí
Zabezpečení mobilních zařízení ve firemním prostředíZabezpečení mobilních zařízení ve firemním prostředí
Zabezpečení mobilních zařízení ve firemním prostředíMarketingArrowECS_CZ
 
Microsoft Intune y Gestión de Identidad Corporativa
Microsoft Intune y Gestión de Identidad Corporativa Microsoft Intune y Gestión de Identidad Corporativa
Microsoft Intune y Gestión de Identidad Corporativa Plain Concepts
 
Richard_Hayton_SUPPORTING_ANY_DEVICE_IT-tinget_2014
Richard_Hayton_SUPPORTING_ANY_DEVICE_IT-tinget_2014Richard_Hayton_SUPPORTING_ANY_DEVICE_IT-tinget_2014
Richard_Hayton_SUPPORTING_ANY_DEVICE_IT-tinget_2014Conference_by_EVRY
 

Similar a Secure Your Mobile Content! (20)

Mitigating the Top 5 Cloud Security Threats
Mitigating the Top 5 Cloud Security ThreatsMitigating the Top 5 Cloud Security Threats
Mitigating the Top 5 Cloud Security Threats
 
Kaspars Petersons - BYOD - more like BYOP
Kaspars Petersons - BYOD - more like BYOPKaspars Petersons - BYOD - more like BYOP
Kaspars Petersons - BYOD - more like BYOP
 
Appsecurity, win or loose
Appsecurity, win or looseAppsecurity, win or loose
Appsecurity, win or loose
 
Develop and Enforce a Bring-Your-Own-Device (BYOD) Policy
Develop and Enforce a Bring-Your-Own-Device (BYOD) PolicyDevelop and Enforce a Bring-Your-Own-Device (BYOD) Policy
Develop and Enforce a Bring-Your-Own-Device (BYOD) Policy
 
mobile application security
mobile application securitymobile application security
mobile application security
 
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
IBM Mobile Security: A Comprehensive Approach to Securing and Managing the Mo...
 
Best practices for mobile enterprise security and the importance of endpoint ...
Best practices for mobile enterprise security and the importance of endpoint ...Best practices for mobile enterprise security and the importance of endpoint ...
Best practices for mobile enterprise security and the importance of endpoint ...
 
Embracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifyEmbracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and Centrify
 
The Future of Mobile Application Security
The Future of Mobile Application SecurityThe Future of Mobile Application Security
The Future of Mobile Application Security
 
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
Xylos Clients Day - Public cloud and security go hand in hand, if you approac...
 
Power Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 securityPower Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 security
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam Levithan
 
Smarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst ServicesSmarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst Services
 
Aisha visram presentacion bmobilew 2015 rev 2
Aisha visram presentacion bmobilew 2015 rev 2Aisha visram presentacion bmobilew 2015 rev 2
Aisha visram presentacion bmobilew 2015 rev 2
 
Palo Alto Networks Soc Ent Okt2009
Palo Alto Networks Soc Ent Okt2009Palo Alto Networks Soc Ent Okt2009
Palo Alto Networks Soc Ent Okt2009
 
En msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataEn msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdata
 
Zabezpečení mobilních zařízení ve firemním prostředí
Zabezpečení mobilních zařízení ve firemním prostředíZabezpečení mobilních zařízení ve firemním prostředí
Zabezpečení mobilních zařízení ve firemním prostředí
 
Microsoft Intune y Gestión de Identidad Corporativa
Microsoft Intune y Gestión de Identidad Corporativa Microsoft Intune y Gestión de Identidad Corporativa
Microsoft Intune y Gestión de Identidad Corporativa
 
Gestión de identidad
Gestión de identidadGestión de identidad
Gestión de identidad
 
Richard_Hayton_SUPPORTING_ANY_DEVICE_IT-tinget_2014
Richard_Hayton_SUPPORTING_ANY_DEVICE_IT-tinget_2014Richard_Hayton_SUPPORTING_ANY_DEVICE_IT-tinget_2014
Richard_Hayton_SUPPORTING_ANY_DEVICE_IT-tinget_2014
 

Último

Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 

Último (20)

Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 

Secure Your Mobile Content!

  • 1. Best Practices for Securing Mobile Content Mike Brannon, National Gypsum
  • 2. National Gypsum Company is a fully integrated building products manufacturer Headquartered in Charlotte, NC with mines and quarries, and manufacturing plants across North America
  • 3. Charlotte Metro ISSA Email us at info@charlotteissa.org Twitter: @cltissa http://www.charlotteissa.org/ ISSA local chapter delivers excellent and low cost Security Training, hosts an annual Summit event and sponsors UNCC scholarships Quarterly gatherings to share practices and network – support from sponsor / partners for meetings Please Join Us!
  • 4. 44
  • 5. 5 Definition… Mobile First organizations embrace mobility as their primary IT platform in order to transform their businesses and increase their competitiveness Content of all types is easily and securely available on any device CONTENT End users choose their devices Security is invisible to end users User experience is the #1 design criteria USER EXPERIENCES New apps are developed and delivered to mobile devices first Core business processes can be performed on any device APPLICATIONS In a Mobile First Company…
  • 7. 77 The perimeter is gone Copy/Paste Open-in Forward
  • 8. 88 The more the CIO says no, the less secure the organization becomes. Vivek Kundra, Former U.S. Federal CIO Responsible, not restrictive Mike Brannon, National Gypsum
  • 10. 1010 Open In Copy SaveView SharePoint documents Open In Copy SaveView Email attachments MobileIron Confidential10 Secure your document repositories • Solve “open in” problem • Store documents securely on device • Control cut / copy / paste actions • Selectively wipe documents • Prevent unauthorized distribution • Control end-to-end with policy • Leverage existing content repositories • Prevent use of unauthorized tools – – DropBox for example Open In Copy SaveView Box shared documents
  • 11. 1111 Securing email attachments 11 Email App Secure Content Viewer Email with Attachment REMOVE
  • 12. 1212 Colligo App Viewer Securing SharePoint 12 REMOVE Sharepoint
  • 13. 1313 Closed-loop actions when compromised 13 Remediation Notify Block Quarantine Closed-loop actions • Notify user and admin • Prevent access • Remove saved files • Remove SharePoint config • Protect enterprise persona MobileIron Confidential
  • 14. 1414 National Gypsum Implementation • Risks / Threats Addressed: – Loss of Company Data / Lost Devices / Departing Employees – All Devices and Users Registered / Security Policies Enforced – Ease of Use for Employees AND Improved Security & Efficiency • What We Deployed (And Timeline) – MobileIron device (VSP) and support (Sentry) – All Smartphones – Blackberry (now gone), Apple iOS and Android Devices – Push Secure WiFi Config to Minimize Data Use On Premise – Rush To Adopt iPads – From 0 to 100’s of Devices! – More than email access! Apps for SharePoint and Data! – Manage “Allowed” and “Disallowed” Settings / Apps (DropBox) – Leverage Internal PKI and Push Webclips – Deliver Data
  • 15. 1515 • Where Are We Now? – BES Retired – 70% iOS, 25% Android, 5% Windows Devices – iPad is currently only supported Tablet – Testing others (Surface?) – Plans to allow Windows 8 and MAC OS/X BYOD – Colligo Briefcase for SharePoint Document Access – BOX for External Data Sharing with Partners – Two Apps Deployed on iOS with “One Tap For Data” • Certificates delivered to Device and to User (SCEP/MobileIron) • Invisible Authentication via Juniper Secure Access • IIS Web Server & Application Configuration – “Last Seen User State” • HTML5 / JavaScript to deliver SQL and Mainframe Data National Gypsum Implementation
  • 17. 1717 Best practices for mobile content DLP 17 Closed-loop compliance Continuous management OS integrity OS versioning Passcode / encryption Auto-wipe Identity Secure tunnel Attachment protection Secure content hub Role of cloud Credible ecosystem MobileIron Confidential
  • 18. 1818 Security considerations 2013+ … “No” not a sustainable option -> provide credible alternatives Massive content ecosystem -> crowd-source but don’t lock-in Uncertain economics -> establish “help-yourself-desk” Dynamic risk at endpoint -> automate your mobile trust model Content always one-click from cloud -> co-habitate responsibly Blurring between content and app -> explore new forms
  • 19. 1919 Content doesn’t exist in isolation Enterprise Mobile Persona Native experience Data separation Shared policy Selective wipe Secure communications Email Apps Certs Policy Content Federated identity
  • 20. 2020 Journey to the Mobile First Enterprise Device Security BYOD (user choice) Email access (secure ActiveSync) Multi-OS security (BlackBerry replacement) App & Content Enablement 1st gen of mobile apps Mobile docs (SharePoint) Cloud protections Business Transformation New user & business experiences
  • 21. Thank you Mike Brannon (mebrannon@nationalgypsum.com http://www.charlotteissa.org/ ISSA local chapter delivers excellent and low cost Security Training, hosts an annual Summit event and sponsors UNCC scholarships Please Join Us!

Notas del editor

  1. NBCNews Tweet: “What a difference 8 years makes” – Election of Pope Benedict (2005) at top – Very few mobile devices – And election / first words from balcony of Pope Francis (2013) with LOTS of mobile deviceshttp://www.huffingtonpost.ca/2013/03/14/viral-pope-election-photos-nbc-news_n_2878146.htmlArticle on HuffPo about how this is misleading – first pic is from John-Paul II funeral and is somber because people were in mourning…
  2. A company is Mobile First when 1 – all new applications and business processes are available to Mobile devices FirstCLICK2 – Corporate documents are securely available on any deviceCLICK3 – and most importantly, end users choose the device they want to use and security is enforced by IT without getting in the way of an outstanding user experienceThis last point is paramount. For the first time in the history of IT, we have an opportunity to allow end users to carry out business processes on a device and with a user experience that they love and they WANT to use.
  3. Lost Devices – From the beginning we could assist with trying to find devices, and we could SELECTIVELY wipe our corporate data and configuration from the devicesSome devices will appear to accept ActiveSync host directives – but then NOT actually do it! An Agent on the device, using the MFG API – does enforce our policy!Installation – Obtain the App in the store – then one very simple registration to then connect to the device and user – Interaction with Active Directory, policy engine in MI and our internal PKI – full configuration “appears” after registration!
  4. We went from more than 900 devices managed via our BES to none in 5 years.Those Blackberry devices were replaced by a much more diverse set of devices all chosen by our employees – NOT by the IT Group!We are certain that the new fleet of devices is at least as secure – if not more secure – than the old one! We have BYOD working securely!In addition the setup and management of the new fleet of diverse devices works very efficiently and delivers data people need to do their jobs better!(Old BES only delivered email / calendar – NOT Apps!)
  5. We went from more than 900 devices managed via our BES to none in 5 years.Those Blackberry devices were replaced by a much more diverse set of devices all chosen by our employees – NOT by the IT Group!We are certain that the new fleet of devices is at least as secure – if not more secure – than the old one! We have BYOD working securely!In addition the setup and management of the new fleet of diverse devices works very efficiently and delivers data people need to do their jobs better!(Old BES only delivered email / calendar – NOT Apps!)