This presentation discusses protecting data on laptops and controlling costs. It summarizes key challenges like the "mobile blind spot" where laptops are unmanaged for periods of time. It outlines technologies like encryption, VPNs, and device control to address threats. It recommends prioritizing risks and sets like setting a baseline security configuration. Finally, it introduces Fiberlink's mobility as a service approach which provides centralized management of endpoint security tools to improve visibility, compliance and reduce costs.
2. Distinguished Speakers:
Moderator:
Benjamin Tomkins
Editor
bMighty.com
Speaker: Ron Lloyd, Product Marketing Manager,
EMC Enterprise Storage Division
Fiberlink Presenter:
Jon Friedman
Director of Marketing
Fiberlink
3. Protecting Data on Laptops:
What you need to know;
How to control costs
Jon Friedman
Director of Marketing, Fiberlink
April 29, 2009
Copyright 2009
4. Topics
• Why mobile systems are different
• Key technologies
• Setting priorities
– The mobile security “baseline”
• Controlling costs and staffing
– Mobility as a Service
• Q&A
Copyright 2009 4
5. Mobility helps employees…
Be more productive
Get closer to customers
Work more hours
Enjoy flexible lifestyles
…but mobility also brings new challenges…
Copyright 2009 5
7. The “Mobile Blind Spot”
• Employees don‟t log onto the corporate network
for hours, days or weeks
• No patches, no updates, no visibility
• Exposed to hackers and zero-day malware
• No compliance reporting
Updates
Apps
Policies
Mobile
X
Laptop
Web Sites
The Mobile Blind Spot Personal email
SaaS business apps
Copyright 2009 7
10. Employee “data leakage”
• Disgruntled employees • Social security #s
• Inadvertent policy violations • Credit card #s
• Bank/account #s
• Protected health info
60% of
Customer data
corporate data
resides on Software and designs
laptops and PCs
Financial information
- IDC
Business plans
Employee data
Copyright 2009 10
11. Does compliance affect me?
• Yes, if you store credit card numbers or social
security numbers
• Yes, if you store confidential employee
information
• Probably, if your business customers are
regulated
• In the future, if you store any confidential
customer information
– Massachusetts 201 CAR 17.00, effective 1/1/2010
(http://www.fiberlink.com/fiberlink/en-US/utility/Mass201.html)
Copyright 2009 11
12. Key technologies
Endpoint Security Communications
• Personal firewall • VPN
• Anti-virus and anti-spyware
• Patch management
• Zero-day threat protection/intrusion protection
Data Protection
• Data encryption
• Data leak prevention
• Device (USB) control
• Back-up and recovery
Copyright 2009 12
13. More on threats and defenses
Protecting data on mobile devices: A taxonomy
of security threats to mobile computing and
review of applicable defenses
By Jon Friedman and Daniel Hoffman
http://www.iksmonline.com/journals/
abstract.php?ISSN=1389-
1995&vol=7&num=1&aid=747
Or contact jfriedman@fiberlink.com
Copyright 2009 13
14. Visibility and management tools
• What laptops are missing a critical patch?
• How many systems have the standard firewall
in the current release?
• How old are the anti-virus signature files?
• What unsafe applications are installed?
• Has the new security application been installed
properly?
• How many systems have enough capacity to
upgrade?
Copyright 2009 14
15. Setting priorities
• Identify risks
– Legal and regulatory exposure
– Loss of reputation
• Identify who is carrying the data
– Credit card and banking numbers
– Employee data (SS #s, contact information,
health information)
– Confidential business information: Business
plans, product designs, software code, etc.
Copyright 2009 15
16. Setting priorities, cont.
• Tighten up access and auditing
– May require rewriting policies
• Use “thin client” technology and SSL VPNs
where applicable
– Better for “functional” workers and database-
oriented applications,
– Usually not good for knowledge workers and
“personal productivity” applications
Copyright 2009 16
17. Setting priorities, cont.
• Set up a mobile security “baseline” configuration
– Personal firewall
– Anti-virus
– Patch management
– Data encryption?
• Create a “plus” configuration for key employees
– Data encryption (if not in baseline)
– Device (USB) control
– Data leak prevention
– Back-up and recovery
Copyright 2009 17
18. Controlling costs and staffing
• Set priorities
• Consolidate tools!
• Consider „Mobility as a Service”
– You manage the security applications, but the
vendor takes care of the management tools
Copyright 2009 18
19. Fiberlink corporate overview
• Company:
– Founded in 1994; headquartered in Blue Bell,
Pennsylvania
– Presence in North America, Europe, and Asia
• Legacy of Leadership and Innovation:
– Mobility as a Service (MaaS)
– Gartner Leadership Quadrant for 7 years in a row
• Mobility as a Service:
– The MaaS360 Platform
– Visibility, control and connectivity for laptops,
distributed PCs and mobile devices
– A menu of managed security services
Copyright 2009 19
20. Fiberlink customers
Automotive Consulting Consumer Goods Energy
Finance Healthcare Insurance Media
Retail Technology Travel Other
Copyright 2009 20
21. Mobility as a Service (MaaS)
1. Collect and submit data from endpoints
• Inventory data
• Device status Management
• Compliance status Portal
3. Report on inventory,
2. Enforce policies on endpoints status, compliance, cost
• Stop applications 4. Define and distribute
• Restart applications
• Download files policies, document that
• Cut network access policies were enforced
Agent
The Enterprise Network
Web Sites
Personal email
The Mobile Blind Spot SaaS business apps
Copyright 2009 21
22. Improve operational efficiency
• A single management console giving a comprehensive
view of software and security applications on endpoints
– Installed hardware and software
– Operating system patches
– Firewalls and anti-virus packages
• Identify gaps and problems
• Know what needs to be updated
• Document compliance
• Plan for upgrades and migrations
Copyright 2009 22
23. Manage and protect corporate data
• One console to view and control
multiple endpoint security and data
protection applications
• Automatically update OS patches
and anti-virus signature files
• Monitor and remediate security software
• Block non-compliant systems (NAC)
• Speed up deployment of new security
applications
– Data encryption,
– DLP
– Device (USB) control
– Others
Copyright 2009 23
24. Reduce risk by enforcing compliance
Provides a comprehensive
picture of:
– Software installed
– Patches applied
– Devices in compliance
– Devices out of
compliance
– Reasons for falling out of
compliance
– Enforcement and
remediation actions taken
Copyright 2009 24
25. Questions?
Jon Friedman, Director of Marketing
Brian Christini, Product Manager
Copyright 2009
26. Questions and Answers:
Moderator:
Benjamin Tomkins
Editor
bMighty.com
Speaker: Ron Lloyd, Product Marketing Manager,
EMC Enterprise Storage Division
Fiberlink Presenter:
Jon Friedman
Director of Marketing
Fiberlink
27. Thank you for attending…
Speaker: Ron Lloyd, Product Marketing
-Download a PDF copy of this presentation directly from the
Manager, EMC Enterprise Storage
event console.
Division
- Join in the rest of the webcasts within the virtual event today.
-Visit the Exhibit Hall to learn more from Fiberlink.
-Share your feedback in the post-webcast survey.
-Access replays of this webcast until July 29, 2009