SlideShare une entreprise Scribd logo

BYOD - Secure the data, not the device

b coatesworth
b coatesworth

This document discusses the risks and benefits of BYOD (bring your own device) policies for companies. It notes that BYOD can improve productivity and reduce costs but also increases security risks if devices are not properly secured and managed. The document provides recommendations for developing a BYOD security plan including identifying risks, forming a working group, enforcing policies, implementing remote management solutions, and periodically reassessing the program. Overall, the document advocates for a balanced approach that harnesses the benefits of BYOD while mitigating risks through governance, education, and technology solutions.

Technologie
1  sur  16
Télécharger pour lire hors ligne
Secure the data, not the device
Risky business - balancing BYOD risk with mobility Increased productivity Lower cost to the company Flexibility Technology Familiarity Support of many different devices No control over what is on device Increase attack surface Device Disparities
BYOD improves productivity. • BYOD support average nearly three hours of productivity gains per week. BYOD promotes business agility. • BYOD helps employees collaborate more quickly, efficiently and creatively. BYOD responds to employee demand. • Supporting users’ own devices can be a recruitment selling point. Risky business - balancing BYOD risk with mobility
Risky business - balancing BYOD risk with mobility Security enforcement. • BYOD creates more weak links that can be exploited both internally and externally. • Requires significant user education and buy-in. Management and governance. • Without governance arrangements, BYOD can quickly run out of control. • IT to actively collaborate across the organization to identify workable solutions. Direct and indirect costs. • BYOD often reduces device acquisition costs. Can increase direct costs associated with network infrastructure and complexity
Secure foundations – 7 points to building a BYOD security plan 1. Identify the risk elements that BYOD introduces • Measure how the risk can impact your business • Map the risk elements to regulations 2. Form a working group to embrace BYOD and understand the risks, including: • Business stakeholders, IT stakeholders, Information security stakeholders 3. Decide how to enforce policies for devices connecting to your network • Mobile devices (smartphones) Tablets (e.g., iPad) Portable computers (laptops, netbooks, ultrabooks) 4. Build a project plan to include these capabilities: • Remote device management, Application control, • Data and device encryption, Wiping devices when retired • Revoking access to devices when end-user relationship changes from employee to guest
Secure foundations – 7 points to building a BYOD security plan 5. Evaluate solutions • Consider the impact on your existing network • Consider how to enhance existing technologies prior to next step 6. Implement solutions • Begin with a pilot group from each of the stakeholders' departments • Expand pilot to departments based on your organizational criteria • Open BYOD program to all employees 7. Periodically reassess solutions • Include vendors and trusted advisors • Look at roadmaps entering your next assessment period • Consider cost-saving group plans if practical
In 2013 Cybercriminals made use of some exceptionally sophisticated methods to infect mobile devices. Infecting legal web resources helps spread mobile malware via popular websites - water holes. Distribution via alternative app stores. There are numerous app stores containing programs that cannot be found in Google Play. Distribution via botnets. Bots self-proliferate by sending out text messages with a malicious link to addresses in the victim’s address book. Criminals are increasingly using obfuscation, the deliberate act of creating complex code to make it difficult to analyse. Cybercriminals also exploiting the Android Master Key vulnerability and have learned to embed unsigned executable files in Android installation packages. Cyber crime
Threats from mobile devices
Trend of the year: mobile banking Trojans 2013 was marked by a rapid rise in the number of Android banking Trojans Threats from mobile devices
Collects information about the smartphone (IMEI, country, service provider, operating system language) Acquires logins and passwords to online banking accounts, and bank card information Extorts money from users by threatening to block the smartphone Monitors SMS messages and information about voice calls. Threats from mobile devices
Today, the majority of banking Trojan attacks affect users in Russia and the CIS. The cybercriminals’ interest in user bank accounts, the activity of mobile banking Trojans is expected to grow in other countries in 2014. Infections caused by mobile banking programs
Countries where users face the greatest risk of mobile malware infection
Mobile spyware, such as MobileSpy and FlexiSpy, is on the rise. In the BYOD context these spyware applications pose a huge threat because they can be installed surreptitiously on an employee’s phone and used for industrial or corporate espionage. The mobile phone is also a fully functional network device. When connected to the company Wi-Fi, has the ability to probe the network for vulnerabilities and assets. Mobile Spyware, BYOD and Corporate Espionage
Mobile Spyware, BYOD and Corporate Espionage
Mobile Spyware, BYOD and Corporate Espionage
Recap THANK YOU

Recommandé

The challenges of BYOD for campus network by Leonard Raphael
The challenges of BYOD for campus network by Leonard RaphaelThe challenges of BYOD for campus network by Leonard Raphael
The challenges of BYOD for campus network by Leonard RaphaelBeamos Technologies
 
Class activity 4
Class activity 4 Class activity 4
Class activity 4 Jeewanthi Fernando
 
Importance of cyber security in education sector
Importance of cyber security in education sectorImportance of cyber security in education sector
Importance of cyber security in education sectorSeqrite
 
Top 5 Cybersecurity Threats in Retail Industry
Top 5 Cybersecurity Threats in Retail IndustryTop 5 Cybersecurity Threats in Retail Industry
Top 5 Cybersecurity Threats in Retail IndustrySeqrite
 
Mobile security management
Mobile security managementMobile security management
Mobile security managementGreystone Technology
 
5 Cybersecurity threats in Public Sector
5 Cybersecurity threats in Public Sector5 Cybersecurity threats in Public Sector
5 Cybersecurity threats in Public SectorSeqrite
 
Cyber security for women using mobile devices
Cyber security for women using mobile devicesCyber security for women using mobile devices
Cyber security for women using mobile devicesJ A Bhavsar
 
Non-profit Tech Needs in Serbia
Non-profit Tech Needs in SerbiaNon-profit Tech Needs in Serbia
Non-profit Tech Needs in SerbiaCatalyst Balkans
 

Recommandé

The challenges of BYOD for campus network by Leonard Raphael
The challenges of BYOD for campus network by Leonard RaphaelThe challenges of BYOD for campus network by Leonard Raphael
The challenges of BYOD for campus network by Leonard RaphaelBeamos Technologies
 
Class activity 4
Class activity 4 Class activity 4
Class activity 4 Jeewanthi Fernando
 
Importance of cyber security in education sector
Importance of cyber security in education sectorImportance of cyber security in education sector
Importance of cyber security in education sectorSeqrite
 
Top 5 Cybersecurity Threats in Retail Industry
Top 5 Cybersecurity Threats in Retail IndustryTop 5 Cybersecurity Threats in Retail Industry
Top 5 Cybersecurity Threats in Retail IndustrySeqrite
 
Mobile security management
Mobile security managementMobile security management
Mobile security managementGreystone Technology
 
5 Cybersecurity threats in Public Sector
5 Cybersecurity threats in Public Sector5 Cybersecurity threats in Public Sector
5 Cybersecurity threats in Public SectorSeqrite
 
Cyber security for women using mobile devices
Cyber security for women using mobile devicesCyber security for women using mobile devices
Cyber security for women using mobile devicesJ A Bhavsar
 
Non-profit Tech Needs in Serbia
Non-profit Tech Needs in SerbiaNon-profit Tech Needs in Serbia
Non-profit Tech Needs in SerbiaCatalyst Balkans
 
Risks and Security of Internet and System
Risks and Security of Internet and SystemRisks and Security of Internet and System
Risks and Security of Internet and SystemParam Nanavati
 
Top 2016 Mobile Security Threats and your Employees
Top 2016 Mobile Security Threats and your EmployeesTop 2016 Mobile Security Threats and your Employees
Top 2016 Mobile Security Threats and your EmployeesNeil Kemp
 
Mobile Security: The 5 Questions Modern Organizations Are Asking
Mobile Security: The 5 Questions Modern Organizations Are AskingMobile Security: The 5 Questions Modern Organizations Are Asking
Mobile Security: The 5 Questions Modern Organizations Are AskingLookout
 
Web application firewall solution market
Web application firewall solution marketWeb application firewall solution market
Web application firewall solution marketSameerShaikh225
 
Mobile security
Mobile securityMobile security
Mobile securityTapan Khilar
 
The Internet of things paradox
The Internet of things paradoxThe Internet of things paradox
The Internet of things paradoxGolden Locksmith
 
Ensuring Mobile Device Security
Ensuring Mobile Device SecurityEnsuring Mobile Device Security
Ensuring Mobile Device SecurityQuick Heal Technologies Ltd.
 
Data security for healthcare industry
Data security for healthcare industryData security for healthcare industry
Data security for healthcare industrySeqrite
 
4514ijmnct01
4514ijmnct014514ijmnct01
4514ijmnct01ijmnct
 
[Infographic] Data Loss Prevention
[Infographic] Data Loss Prevention[Infographic] Data Loss Prevention
[Infographic] Data Loss PreventionSeqrite
 
Humming Heads Presentation
Humming Heads PresentationHumming Heads Presentation
Humming Heads PresentationDansha
 
Cyberthreats: causes, consequences, prevention
Cyberthreats: causes, consequences, preventionCyberthreats: causes, consequences, prevention
Cyberthreats: causes, consequences, preventionmoldovaictsummit2016
 
chapter 8- Management Information Systems Managing the Digital Firm
chapter 8- Management Information Systems Managing the Digital Firmchapter 8- Management Information Systems Managing the Digital Firm
chapter 8- Management Information Systems Managing the Digital FirmMohamad Fathi
 
Bring Your Own Device (BYOD)
Bring Your Own Device (BYOD)Bring Your Own Device (BYOD)
Bring Your Own Device (BYOD)Murray Security Services
 
Cyber Security Terms
Cyber Security TermsCyber Security Terms
Cyber Security TermsSuryaprakash Nehra
 
Mobile security in Cyber Security
Mobile security in Cyber SecurityMobile security in Cyber Security
Mobile security in Cyber SecurityGeo Marian
 
Securing the Enterprise with Application Aware Acceptable Use Policy
Securing the Enterprise with Application Aware Acceptable Use PolicySecuring the Enterprise with Application Aware Acceptable Use Policy
Securing the Enterprise with Application Aware Acceptable Use PolicyAllot Communications
 
IRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET Journal
 
Cyber crime-A burning issue of today's world
Cyber crime-A burning issue of today's worldCyber crime-A burning issue of today's world
Cyber crime-A burning issue of today's worldSOURAV CHANDRA
 
Ms810 assignment viruses and malware affecting moblie devices
Ms810 assignment viruses and malware affecting moblie devicesMs810 assignment viruses and malware affecting moblie devices
Ms810 assignment viruses and malware affecting moblie devicesrebelreg
 
Security attacks taxonomy on
Security attacks taxonomy onSecurity attacks taxonomy on
Security attacks taxonomy onijmnct
 
Bring Your Own Device 2014 TeamMate User Conference Palm Desert California
Bring Your Own Device 2014 TeamMate User Conference Palm Desert CaliforniaBring Your Own Device 2014 TeamMate User Conference Palm Desert California
Bring Your Own Device 2014 TeamMate User Conference Palm Desert CaliforniaJim Kaplan CIA CFE
 

Contenu connexe

Tendances

Risks and Security of Internet and System
Risks and Security of Internet and SystemRisks and Security of Internet and System
Risks and Security of Internet and SystemParam Nanavati
 
Top 2016 Mobile Security Threats and your Employees
Top 2016 Mobile Security Threats and your EmployeesTop 2016 Mobile Security Threats and your Employees
Top 2016 Mobile Security Threats and your EmployeesNeil Kemp
 
Mobile Security: The 5 Questions Modern Organizations Are Asking
Mobile Security: The 5 Questions Modern Organizations Are AskingMobile Security: The 5 Questions Modern Organizations Are Asking
Mobile Security: The 5 Questions Modern Organizations Are AskingLookout
 
Web application firewall solution market
Web application firewall solution marketWeb application firewall solution market
Web application firewall solution marketSameerShaikh225
 
The Internet of things paradox
The Internet of things paradoxThe Internet of things paradox
The Internet of things paradoxGolden Locksmith
 
Data security for healthcare industry
Data security for healthcare industryData security for healthcare industry
Data security for healthcare industrySeqrite
 
4514ijmnct01
4514ijmnct014514ijmnct01
4514ijmnct01ijmnct
 
[Infographic] Data Loss Prevention
[Infographic] Data Loss Prevention[Infographic] Data Loss Prevention
[Infographic] Data Loss PreventionSeqrite
 
Humming Heads Presentation
Humming Heads PresentationHumming Heads Presentation
Humming Heads PresentationDansha
 
Cyberthreats: causes, consequences, prevention
Cyberthreats: causes, consequences, preventionCyberthreats: causes, consequences, prevention
Cyberthreats: causes, consequences, preventionmoldovaictsummit2016
 
chapter 8- Management Information Systems Managing the Digital Firm
chapter 8- Management Information Systems Managing the Digital Firmchapter 8- Management Information Systems Managing the Digital Firm
chapter 8- Management Information Systems Managing the Digital FirmMohamad Fathi
 
Mobile security in Cyber Security
Mobile security in Cyber SecurityMobile security in Cyber Security
Mobile security in Cyber SecurityGeo Marian
 
Securing the Enterprise with Application Aware Acceptable Use Policy
Securing the Enterprise with Application Aware Acceptable Use PolicySecuring the Enterprise with Application Aware Acceptable Use Policy
Securing the Enterprise with Application Aware Acceptable Use PolicyAllot Communications
 
IRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET Journal
 
Cyber crime-A burning issue of today's world
Cyber crime-A burning issue of today's worldCyber crime-A burning issue of today's world
Cyber crime-A burning issue of today's worldSOURAV CHANDRA
 

Tendances (19)

Risks and Security of Internet and System
Risks and Security of Internet and SystemRisks and Security of Internet and System
Risks and Security of Internet and System
 
Top 2016 Mobile Security Threats and your Employees
Top 2016 Mobile Security Threats and your EmployeesTop 2016 Mobile Security Threats and your Employees
Top 2016 Mobile Security Threats and your Employees
 
Mobile Security: The 5 Questions Modern Organizations Are Asking
Mobile Security: The 5 Questions Modern Organizations Are AskingMobile Security: The 5 Questions Modern Organizations Are Asking
Mobile Security: The 5 Questions Modern Organizations Are Asking
 
Web application firewall solution market
Web application firewall solution marketWeb application firewall solution market
Web application firewall solution market
 
Mobile security
Mobile securityMobile security
Mobile security
 
The Internet of things paradox
The Internet of things paradoxThe Internet of things paradox
The Internet of things paradox
 
Ensuring Mobile Device Security
Ensuring Mobile Device SecurityEnsuring Mobile Device Security
Ensuring Mobile Device Security
 
Data security for healthcare industry
Data security for healthcare industryData security for healthcare industry
Data security for healthcare industry
 
4514ijmnct01
4514ijmnct014514ijmnct01
4514ijmnct01
 
[Infographic] Data Loss Prevention
[Infographic] Data Loss Prevention[Infographic] Data Loss Prevention
[Infographic] Data Loss Prevention
 
Humming Heads Presentation
Humming Heads PresentationHumming Heads Presentation
Humming Heads Presentation
 
Cyberthreats: causes, consequences, prevention
Cyberthreats: causes, consequences, preventionCyberthreats: causes, consequences, prevention
Cyberthreats: causes, consequences, prevention
 
chapter 8- Management Information Systems Managing the Digital Firm
chapter 8- Management Information Systems Managing the Digital Firmchapter 8- Management Information Systems Managing the Digital Firm
chapter 8- Management Information Systems Managing the Digital Firm
 
Bring Your Own Device (BYOD)
Bring Your Own Device (BYOD)Bring Your Own Device (BYOD)
Bring Your Own Device (BYOD)
 
Cyber Security Terms
Cyber Security TermsCyber Security Terms
Cyber Security Terms
 
Mobile security in Cyber Security
Mobile security in Cyber SecurityMobile security in Cyber Security
Mobile security in Cyber Security
 
Securing the Enterprise with Application Aware Acceptable Use Policy
Securing the Enterprise with Application Aware Acceptable Use PolicySecuring the Enterprise with Application Aware Acceptable Use Policy
Securing the Enterprise with Application Aware Acceptable Use Policy
 
IRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the Decade
 
Cyber crime-A burning issue of today's world
Cyber crime-A burning issue of today's worldCyber crime-A burning issue of today's world
Cyber crime-A burning issue of today's world
 

Similaire à BYOD - Secure the data, not the device

Ms810 assignment viruses and malware affecting moblie devices
Ms810 assignment viruses and malware affecting moblie devicesMs810 assignment viruses and malware affecting moblie devices
Ms810 assignment viruses and malware affecting moblie devicesrebelreg
 
Security attacks taxonomy on
Security attacks taxonomy onSecurity attacks taxonomy on
Security attacks taxonomy onijmnct
 
Bring Your Own Device 2014 TeamMate User Conference Palm Desert California
Bring Your Own Device 2014 TeamMate User Conference Palm Desert CaliforniaBring Your Own Device 2014 TeamMate User Conference Palm Desert California
Bring Your Own Device 2014 TeamMate User Conference Palm Desert CaliforniaJim Kaplan CIA CFE
 
Article on Mobile Security
Article on Mobile SecurityArticle on Mobile Security
Article on Mobile SecurityTharaka Mahadewa
 
WEEK5 Mobile Device Security 31032022.pdf
WEEK5 Mobile Device Security 31032022.pdfWEEK5 Mobile Device Security 31032022.pdf
WEEK5 Mobile Device Security 31032022.pdfSetiya Nugroho
 
Malware Improvements in Android OS
Malware Improvements in Android OSMalware Improvements in Android OS
Malware Improvements in Android OSPranav Saini
 
IRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and ThreatsIRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and ThreatsIRJET Journal
 
Evolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaEvolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaAnjoum .
 
CASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdf
CASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdfCASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdf
CASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdfkostikjaylonshaewe47
 
Transforming Risky Mobile Apps into Self Defending Apps
Transforming Risky Mobile Apps into Self Defending AppsTransforming Risky Mobile Apps into Self Defending Apps
Transforming Risky Mobile Apps into Self Defending AppsBlueboxer2014
 
Bring Your Own Device (BYOD)
Bring Your Own Device (BYOD)Bring Your Own Device (BYOD)
Bring Your Own Device (BYOD)k33a
 
BYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, WestBYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, WestJay McLaughlin
 
Mobile Security Threats In Organisations: 4 Challenges To Navigate And Solve
Mobile Security Threats In Organisations: 4 Challenges To Navigate And SolveMobile Security Threats In Organisations: 4 Challenges To Navigate And Solve
Mobile Security Threats In Organisations: 4 Challenges To Navigate And SolveZeroblack
 
SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015Francisco Anes
 
(2019) Hack All the Way Through From Fridge to Mainframe (v0.2)
(2019) Hack All the Way Through From Fridge to Mainframe (v0.2)(2019) Hack All the Way Through From Fridge to Mainframe (v0.2)
(2019) Hack All the Way Through From Fridge to Mainframe (v0.2)Rui Miguel Feio
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2SHOLOVE INTERNATIONAL LLC
 
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSIMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSPreetiDevidas
 
Assign 1_8812814ctm.pptx
Assign 1_8812814ctm.pptxAssign 1_8812814ctm.pptx
Assign 1_8812814ctm.pptxpdevang
 

Similaire à BYOD - Secure the data, not the device (20)

Ms810 assignment viruses and malware affecting moblie devices
Ms810 assignment viruses and malware affecting moblie devicesMs810 assignment viruses and malware affecting moblie devices
Ms810 assignment viruses and malware affecting moblie devices
 
Security attacks taxonomy on
Security attacks taxonomy onSecurity attacks taxonomy on
Security attacks taxonomy on
 
Bring Your Own Device 2014 TeamMate User Conference Palm Desert California
Bring Your Own Device 2014 TeamMate User Conference Palm Desert CaliforniaBring Your Own Device 2014 TeamMate User Conference Palm Desert California
Bring Your Own Device 2014 TeamMate User Conference Palm Desert California
 
Article on Mobile Security
Article on Mobile SecurityArticle on Mobile Security
Article on Mobile Security
 
WEEK5 Mobile Device Security 31032022.pdf
WEEK5 Mobile Device Security 31032022.pdfWEEK5 Mobile Device Security 31032022.pdf
WEEK5 Mobile Device Security 31032022.pdf
 
Malware Improvements in Android OS
Malware Improvements in Android OSMalware Improvements in Android OS
Malware Improvements in Android OS
 
IRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and ThreatsIRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and Threats
 
Mobile security article
Mobile security articleMobile security article
Mobile security article
 
Evolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaEvolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wandera
 
CASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdf
CASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdfCASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdf
CASE STUDY There is a new phenomenon in the cybersecurity domain ca.pdf
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Transforming Risky Mobile Apps into Self Defending Apps
Transforming Risky Mobile Apps into Self Defending AppsTransforming Risky Mobile Apps into Self Defending Apps
Transforming Risky Mobile Apps into Self Defending Apps
 
Bring Your Own Device (BYOD)
Bring Your Own Device (BYOD)Bring Your Own Device (BYOD)
Bring Your Own Device (BYOD)
 
BYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, WestBYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, West
 
Mobile Security Threats In Organisations: 4 Challenges To Navigate And Solve
Mobile Security Threats In Organisations: 4 Challenges To Navigate And SolveMobile Security Threats In Organisations: 4 Challenges To Navigate And Solve
Mobile Security Threats In Organisations: 4 Challenges To Navigate And Solve
 
SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015
 
(2019) Hack All the Way Through From Fridge to Mainframe (v0.2)
(2019) Hack All the Way Through From Fridge to Mainframe (v0.2)(2019) Hack All the Way Through From Fridge to Mainframe (v0.2)
(2019) Hack All the Way Through From Fridge to Mainframe (v0.2)
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2
 
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSIMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
 
Assign 1_8812814ctm.pptx
Assign 1_8812814ctm.pptxAssign 1_8812814ctm.pptx
Assign 1_8812814ctm.pptx
 

Dernier

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024SynarionITSolutions
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 

Dernier (20)

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 

BYOD - Secure the data, not the device

  • 1. Secure the data, not the device
  • 2. Risky business - balancing BYOD risk with mobility Increased productivity Lower cost to the company Flexibility Technology Familiarity Support of many different devices No control over what is on device Increase attack surface Device Disparities
  • 3. BYOD improves productivity. • BYOD support average nearly three hours of productivity gains per week. BYOD promotes business agility. • BYOD helps employees collaborate more quickly, efficiently and creatively. BYOD responds to employee demand. • Supporting users’ own devices can be a recruitment selling point. Risky business - balancing BYOD risk with mobility
  • 4. Risky business - balancing BYOD risk with mobility Security enforcement. • BYOD creates more weak links that can be exploited both internally and externally. • Requires significant user education and buy-in. Management and governance. • Without governance arrangements, BYOD can quickly run out of control. • IT to actively collaborate across the organization to identify workable solutions. Direct and indirect costs. • BYOD often reduces device acquisition costs. Can increase direct costs associated with network infrastructure and complexity
  • 5. Secure foundations – 7 points to building a BYOD security plan 1. Identify the risk elements that BYOD introduces • Measure how the risk can impact your business • Map the risk elements to regulations 2. Form a working group to embrace BYOD and understand the risks, including: • Business stakeholders, IT stakeholders, Information security stakeholders 3. Decide how to enforce policies for devices connecting to your network • Mobile devices (smartphones) Tablets (e.g., iPad) Portable computers (laptops, netbooks, ultrabooks) 4. Build a project plan to include these capabilities: • Remote device management, Application control, • Data and device encryption, Wiping devices when retired • Revoking access to devices when end-user relationship changes from employee to guest
  • 6. Secure foundations – 7 points to building a BYOD security plan 5. Evaluate solutions • Consider the impact on your existing network • Consider how to enhance existing technologies prior to next step 6. Implement solutions • Begin with a pilot group from each of the stakeholders' departments • Expand pilot to departments based on your organizational criteria • Open BYOD program to all employees 7. Periodically reassess solutions • Include vendors and trusted advisors • Look at roadmaps entering your next assessment period • Consider cost-saving group plans if practical
  • 7. In 2013 Cybercriminals made use of some exceptionally sophisticated methods to infect mobile devices. Infecting legal web resources helps spread mobile malware via popular websites - water holes. Distribution via alternative app stores. There are numerous app stores containing programs that cannot be found in Google Play. Distribution via botnets. Bots self-proliferate by sending out text messages with a malicious link to addresses in the victim’s address book. Criminals are increasingly using obfuscation, the deliberate act of creating complex code to make it difficult to analyse. Cybercriminals also exploiting the Android Master Key vulnerability and have learned to embed unsigned executable files in Android installation packages. Cyber crime
  • 9. Trend of the year: mobile banking Trojans 2013 was marked by a rapid rise in the number of Android banking Trojans Threats from mobile devices
  • 10. Collects information about the smartphone (IMEI, country, service provider, operating system language) Acquires logins and passwords to online banking accounts, and bank card information Extorts money from users by threatening to block the smartphone Monitors SMS messages and information about voice calls. Threats from mobile devices
  • 11. Today, the majority of banking Trojan attacks affect users in Russia and the CIS. The cybercriminals’ interest in user bank accounts, the activity of mobile banking Trojans is expected to grow in other countries in 2014. Infections caused by mobile banking programs
  • 12. Countries where users face the greatest risk of mobile malware infection
  • 13. Mobile spyware, such as MobileSpy and FlexiSpy, is on the rise. In the BYOD context these spyware applications pose a huge threat because they can be installed surreptitiously on an employee’s phone and used for industrial or corporate espionage. The mobile phone is also a fully functional network device. When connected to the company Wi-Fi, has the ability to probe the network for vulnerabilities and assets. Mobile Spyware, BYOD and Corporate Espionage
  • 14. Mobile Spyware, BYOD and Corporate Espionage
  • 15. Mobile Spyware, BYOD and Corporate Espionage