Más contenido relacionado La actualidad más candente (20) Similar a Three Secrets to Becoming a Mobile Security Superhero (20) Three Secrets to Becoming a Mobile Security Superhero1. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 1© 2016 Skycure Inc. 1 August 3, 2016
Three Secrets to Becoming a Mobile Security
Superhero
2. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 2© 2016 Skycure Inc. 2
Quick Housekeeping
• There will be time for Q&A at the end
• Ask questions using the GTW chat pane
• The webinar is being recorded
• All attendees will receive a copy of the slides/recording
Join the discussion #MobileThreatDefense
3. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 3© 2016 Skycure Inc. 3
Meet Your Speakers
John Dickson
Director of IT Infrastructure
& Cybersecurity,
Republic National
Distributing Company
Brian Katz
Director of Mobile Strategy,
VMware
Varun Kohli
Vice President,
Skycure
4. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 4© 2016 Skycure Inc. 4
Agenda
• Mobile Security Superhero
- How to prove to your management that mobile threats are real
- How to choose the right mobile security solution – SANS checklist
- What to report to your CEO and board of directors
• Meet a real mobile security superhero: John Dickson from RNDC
• EMM Leader: Brian Katz from VMware AirWatch
• How Skycure can help
• Q & A
5. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 5© 2016 Skycure Inc. 5
Is Mobile Security Important?
Source: BYOD and Mobile Security – 2016 Spotlight Report
Q: What are your main security concerns related to BYOD?
6. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 6© 2016 Skycure Inc. 6
Are Mobile Attacks Real?
Source: BYOD and Mobile Security – 2016 Spotlight Report & Skycure Threat Intelligence Report
Q: Have any of your BYO or corporate-owned devices downloaded malware in the past?
7. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 7© 2016 Skycure Inc. 7
Are Mobile Attacks Real?
Q: Have any of your BYO or corporate-owned devices connected to a malicious WiFi in the past?
Source: BYOD and Mobile Security – 2016 Spotlight Report
8. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 8© 2016 Skycure Inc. 8
Are Organizations Getting Impacted?
Q: Have mobile devices been involved in security breaches in your organization in the past?
Source: BYOD and Mobile Security – 2016 Spotlight Report
9. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 9© 2016 Skycure Inc. 9
Are Organizations Getting Impacted?
What is the real impact?
Source: Department of Health and Human Services
10. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 10© 2016 Skycure Inc. 10
What Are Leading Analysts Saying?
Physical
Network
Vulnerabilities
Malware
“Concerns related to advanced threats cannot be
countered with traditional mobile security tools [such
as EMM], as well as protection from wireless
vulnerabilities and untrusted public networks, are the
main drivers for adoption of these technologies.”
“Work environment is shifting away from employees
using computers on premise towards causing
smartphones and tablets off a corporate network. This
will drive a growing priority around securing mobile
devices.”
11. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 11© 2016 Skycure Inc. 11
Selection Criteria
Mobile Threat Defense/Protection/Prevention
Requirement Priority
Deployment
Process
Support app download from public stores High
Overall ease of deployment High
End User
Experience
Low impact on device battery usage High
Low data usage Medium
App maintains end user’s privacy High
Clear display of detected threats and mitigation
options
High
Provide automatic mitigation options for most
threats
High
Management &
Administration
Provide visibility on detected threats and
vulnerabilities
High
Provide an overall risk estimate per device High
Provide forensic capabilities on identified threats Medium
Provide the option to define an organization-level
compliance policy
High
Reporting High
Other
EMM integration High
SIEM integration High
Provide a third-party API Low
Requirement Priority
Threat
Detection
Network Threats
Secure communication downgrading (SSL stripping) attack
detection
High
Secure traffic decryption (SSL decryption) attack detection High
Content manipulation attack detection Medium
Rogue networks detection High
Ability to perform automatic mitigation on detected network
threats
High
Malware
Detection of malicious apps based on different app
properties
High
Detection of repackaged/fake apps High
Detection of malicious apps based on signatures/known
exploits
Medium
Ability to block malicious app installation High
Detection of iOS malware High
Detection of malicious profiles on iOS devices High
Device Vulnerabilities
Ability to identify jailbroken or rooted devices Medium
Ability to identify device OS vulnerabilities High
Ability to prompt end users to upgrade their device OS
version
Medium
12. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 12© 2016 Skycure Inc. 12
7 Things to Report to Your CEO and Board
1. Details about the high profile public breach from last week/month
2. Reason why the same thing cannot happen to your company
3. What the current mobile risk score is and how you compare to your peers
4. Number of mobile incidents prevented in the last month
5. Which people/devices/department were attacked the most
6. Which dataset was targeted the most
7. The overall ROI of your investment
13. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 13© 2016 Skycure Inc. 13© 2015 Skycure Inc.
The RNDC Story
17. 17
RNDC’S MOBILE THREAT DEFENSE JOURNEY
Mobile is where PC was 20 years ago
Mobile is actually MORE VALUABLE and MORE VULNERABLE than other corporate devices
You don’t just need to manage these devices,
you need to SECURE THEM too
18. THERE WAS SKEPTICISM EARLIER…
18
MANAGEMENT BUY-IN WAS EASY
1 2
• Leveraged SKYCURE’S iOS
MALICIOUS PROFILE EXPLOIT
• Took over CFO’s iPhone in less
than a minute
• Easiest sell ever
• Skycure gave 250 FREE SEATS as
part of the trial
• 30% DEVICES had known
vulnerabilities
• 10 DEVICES had keystroke
loggers
19. 19
MY SELECTION CRITERIA
USER IT
• USER EXPERIENCE
• PRIVACY
• BATTERY LIFE
• CLOUD was a must
• Integrated like glue with
AIRWATCH
• Protection against
MALICIOUS APPS, NETWORKS
AND DRIVE-BY WEBSITES
WHO ELSE DID
WE LOOK AT?
ZIMPERIUM
AND
LOOKOUT
Zimperium had a complicated UX and
required scripting
Lookout did not do anything for network
awareness and protection
21. • MULTIPLE DEVICES had malicious activity
• SKYCURE HELPED WITH IMMEDIATE REMEDIATION
• GETTING MORE MOBILE RELATED QUESTIONS – There is more awareness
• Helps to drive more applications into the AirWatch App Store rather than fighting the
pushback
• This gives us a touch into the salesforce automation program.
THIS WAS MISSING EARLIER.
• “THANK YOU’S” from all associate levels, especially for securing BYO devices and
personal data in addition to business data
21
OVERALL IMPACT OF SKYCURE
5,000+
Users
8,000
Devices
~10,000
Networks
Scanned
850,000
Apps
Analyzed
4,000,000
Tests
Performed
22. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 22© 2016 Skycure Inc. 22© 2015 Skycure Inc.
AirWatch Overview
23. Manage All Endpoints in a Single Solution
23
Any Endpoint Any Use Case
Knowledge
worker
Corporate |
BYO
Task worker
Line of Business
No user
Kiosk | IOT
Modern Management Framework
Out of box
configuration
Policies and
security settings
Over-the-air
management and
updates
Asset
tracking
Full lifecycle
management
24. Protect Company Apps and Data Through Multi-layered Security
24
Intelligent Access Controls | Automated Compliance
Secure
the Endpoint
Trust
the User
Containerize
the App
Safeguard
the Data
Protect
the Network
25. 25
Skycure + AirWatch allows you to predict, detect and proactively mitigate mobile threats
Skycure and AirWatch Integration
Malware
Vulnerability
Network
Mobile
Threats
26. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 26© 2016 Skycure Inc. 26© 2015 Skycure Inc.
Skycure Overview
27. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 27
Skycure – High Level Overview
Leading Product & ResearchCustomers
Venture BackedStrategic Partners
CONSUMER GOODS FINANCIAL SERVICES
MANUFACTURING TRANSPORTATION
FORTUNE 50
PHARMACEUTICAL
COMPANY
250+TV
channelsFORTUNE 100
HEALTHCARE
COMPANY
FORTUNE 500
FINANCIAL SERVICES
COMPANIES
28. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 28© 2016 Skycure Inc. 28
Skycure Solution Overview
Physical
Network
Vulnerabilities
Malware
• 24x7 detection and
protection
• Network, device and
app analysis
• Multi platform
Seamless
experience
Privacy Minimal
footprint
End-User App
29. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 29© 2016 Skycure Inc. 29
Physical
Network
Vulnerabilities
Malware
• Policy enforcement
• Risk-based
management
• Enterprise integrations
Security Visibility IT Satisfaction
Management
• 24x7 detection and
protection
• Network, device and
app analysis
• Multi platform
End-User App
Seamless
experience
Privacy Minimal
footprint
Skycure Solution Overview
30. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 30© 2016 Skycure Inc. 30
Physical
Network
Vulnerabilities
Malware
• Policy enforcement
• Risk-based
management
• Enterprise integrations
Security Visibility IT Satisfaction
Management
• 24x7 detection and
protection
• Network, device and
app analysis
• Multi platform
Seamless
experience
Privacy Minimal
footprint
End-User App
Skycure Solution Overview
Mobile Threat Intelligence Platform
1 Million+ Global Threats Identified
https://maps.skycure.com
Crowd
Wisdom
Millions of
monthly tests -
apps & networks
Skycure
Research
No iOS Zone, Malicious
Profiles, WiFiGate,
LinkedOut
Threat
Aggregator
Dozens of threat feeds
from 3rd parties
Legitimate
Services
Attackers
& Threats
31. Title of Presentation DD/MM/YYYY© 2016 Skycure Inc. 31© 2016 Skycure Inc. 31
Is your organization vulnerable?
50 Free Skycure Licenses
• Step 1 – Download Skycure Public App (Recommendation: 5-20 devices)
• Step 2 – Review Skycure Assessment Report in 4 weeks
What do we usually find?
NUMBER OF DEVICES WITH
MALICIOUS APPS INSTALLED
PERCENTAGE OF DEVICES
EXPOSED TO NETWORK THREATS
PERCENTAGE OF MOBILE DEVICES
RUNNING OS WITH HIGH-SEVERITY
VULNERABILITIES
EVERY ORG
with 200+
devices had
iOS malware
81.57%
7.22%
1-800-650-4821
sales@skycure.com