1 / 38

Mobile & Security?

Mobile & Security?. Brice Mees Security Services Operations Manager. Agenda. Mobile Trends Where to start? Risks and Threats Risk mitigation Conclusion. Agenda. Mobile Trends Where to start? Risks and Threats Risk mitigation Conclusion. The mobile era. The Mobile-First Era.

koen
Download Presentation

Mobile & Security?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Mobile & Security? Brice Mees Security Services Operations Manager

  2. Agenda • Mobile Trends • Where to start? • Risks and Threats • Risk mitigation • Conclusion

  3. Agenda • Mobile Trends • Where to start? • Risks and Threats • Risk mitigation • Conclusion

  4. The mobile era The Mobile-First Era The Post-PC Era The PC/Web Era

  5. "Apps Storm" VS "Security"

  6. Looks suspicious? Ready to accept unmanaged devices on your network?

  7. BYOD Trend • Devices become cheaper and more powerful • The Generation “Y” • Company owned devices are sometimes old-fashioned • Will you allow personal devices on your network ? • What are the risks ?

  8. Agenda • Mobile Trends • Where to start? • Risks and Threats • Risk mitigation • Conclusion

  9. UnderstandEnterpriseObjectives “Ifyoudon’tknowwhereyou are going, anyroadwillgetyouthere” – LewisCaroll

  10. Start fromyourrequirements

  11. Create a Mobile Security Policy

  12. Agenda • Mobile Trends • Where to start? • Risks and Threats • Risk mitigation • Conclusion

  13. PhysicalRisks

  14. Increased variety and complexity

  15. There is an app for that... • To steal your data • To steal your money (premium SMS services) • To spyonyou • To evade regular controls

  16. Accept or Decline?

  17. Apps are programs • Apps act like normal programs: • They may have bugs • They may be badly designed • They may be altered (backdoors) Input Output Processing

  18. Apps are programs • Apps must be developed using best practices with more focus on mobile devices specs like small keyboard not ideal to input passwords • OWASP has a top-10 mobile risks(1) that must be reviewed (1) https://www.owasp.org/index.php/OWASP_Mobile_Security_Project#tab=Top_Ten_Mobile_Risks

  19. Malicious Marketplace– Social Engineering

  20. Privacy risks

  21. Risksrelated to data

  22. Threats related to device

  23. Agenda • Mobile Trends • Where to start? • Risks and Threats • Risk Mitigation • Conclusion

  24. Risk Mitigation Governance Management Legal and HR Mana-gement Technical Management Device Management Application Management User & Data Management

  25. General Policy and Organisation • Defineappropriateusage (physical, data, application) • Create “Awareness” • Monitor, detect, report • Collaboratewith HR/ Legal

  26. MDM? “Mobile Device Management (MDM) software secures, monitors, manages and supports mobile devices deployed across mobile operators, service providers and enterprises.”

  27. Mobile Device Management • Do youneed MDM? • Microsoft Exchange includes ActiveSync for free • Security Vendors propose some tools to handle and manage Mobile devices

  28. Mobile Device Management • Enforcepolicycompliance • Inventory Management • Software/ Application Management • Authentication • Encrypted data • Encryptedcommunication

  29. Mobile Device Management • Remotewipe • Physicalprotection • Password enforcement • Audit and Reporting • Cost control (Geolocalization) • Access Control

  30. Mobile Device Management Enterprise Appstore

  31. Mobile Device Management • Data segmentation • Containerization • Privacy protection • Backup management • Data Loss Prevention

  32. MDS? “Mobile Device Security(MDS) concentrates on the security of personal and business information stored on smartphones.”

  33. Mobile Device Security • Focus on identity, data and availability protection using: • URL Filtering • Web Application Filtering • Malware detection: Check Traffic, Apps& SMS • Antivirus

  34. Unity Makes Strength • Combine multiple technologies to efficiently protect mobile devices • Use solutions which are “open” (API, logs) • Think about “Lego” blocks • Telenet might help you to build your solution

  35. Unity Makes Strength

  36. Solutionsdelivered by Telenet

  37. Conclusion • Combination of MDM & MDS is ideal solution to cover most of mobile security related aspects • Invite us to discuss your requirements and define together the best solution for your business

  38. Let’s have a drink!

More Related