SlideShare a Scribd company logo

Network Security Threats within BYOD by Prof. Lili Saghafi

Professor Lili Saghafi
Professor Lili Saghafi

The age of BYOD is here, and with it a myriad of threats and challenges so broad that some have called the phenomenon "Bring Your Own Disaster". And it's easy to understand why. With devices that are often borrowed by socially active kids who load their own apps onto Mom's or Dad's iPhone, browse unsafe websites and lend your phone to their friends for "just a minute"

Technology
1 of 32
Network Security Threats within BYOD By: Prof. Lili Saghafi Conference on Communication and Network Security (ICCNS 2014) Milan, Italy, November 19-21, 2014
Overview • The age of BYOD is here, and with it a myriad of threats and challenges so broad that some have called the phenomenon "Bring Your Own Disaster". • And it's easy to understand why. With devices that are often borrowed by socially active kids who load their own apps onto Mom's or Dad's iPhone, browse unsafe websites and lend your phone to their friends for "just a minute"
Mobility • Along with the BYOD challenge of multiple devices is where these devices go. • Mobility is the other half of the BYOD equation, and mobile devices connect to a broad variety of networks—known and unknown, safe and unsafe, secure and insecure. • Also, with employees carrying on average three or more devices, it's not unusual to see more mobile browsers than PC‐based browsers accessing internal websites.
Network Security • Unfortunately, mobility and BYOD are the natural enemies of network security. • With users increasingly accessing business systems from the road or from home, just identifying the ever‐growing network security risks in this environment has become a nonstop job, challenging virtually every IT security organization.
Mitigate Risk Factors • How to control of the BYOD explosion and mitigate risk factors before they impact the enterprise is a quest.
A-Modernize and Centralize Identity and Access Management • Organizations that haven't kept their identity and access management systems up‐to‐date are particularly at risk. • On top of mobility, social media and cloud applications can introduce threat vectors in a variety of ways. • A solid identity and access management system tightly integrated with directory servers should be the first line of defense against malignant access to enterprise services. • Access to applications should be as strictly limited as possible to reduce the risk of unauthorized users gaining access as well as to prevent potential losses of intellectual property, sensitive customer information, or other regulated data.
B-Security, Performance, Visibility • In today's era of software‐defined everything, hardware still matters. • This may be especially true when it comes to next‐generation firewalls (NGFW), which are quickly becoming a staple in the security professional's larder. • Not only must firewalls offer security protection without impacting performance, they need to deliver visibility into each and every application traversing the network. • Regular threat protection updates to keep users a step or two ahead of the bad guys and seamless integration with enterprise authentication services can help stem the threat that BYOD represents.
C-Consider Containerization • You may not be able to stop the BYOD juggernaut, but you can certainly put up some walls. • Compartmentalizing trusted applications and company data can be achieved using secure containers and network access controls can prevent an untrusted device from accessing sensitive parts of the network. • This is especially important in situations where a BYOD device is lost or stolen, or employee is terminated. • Having company applications and information in their own container greatly simplifies the task of sterilizing devices without affecting employees' personal applications or family photos stored on those devices.
D-Know the Threats • The threat landscape is constantly changing. • New vulnerabilities emerge and security events occur daily. • It is also virtually impossible to track the multitude of advanced threats, including advanced persistent threats that may be aimed at your enterprise's servers. • Many of these threats rely on devices such as smartphones to gain access or exfiltrate data. • A comprehensive security intelligence and risk management platform combining advanced threat research with correlation of security events and vulnerabilities can ensure that consistent policies are in force enterprise‐wide. • This would enable reporting and trend analysis enhancing transparency, and automated updates across all the security appliances in the network.
E-Policy Is Not a Four‐Letter Word • You're seeing devices being brought into the enterprise by employees • on every level and in every department, but is it happening in accordance with established policies? • A surprising number of enterprises that allow user devices either do not have a BYOD policy or have one that is already outdated. • Without clearly set policies in place, it's nearly impossible to effectively mitigate the risks that user devices bring along with the convenience that they offer. • Also important is training employees, partners, customers and anyone else whose personal devices are granted access to the network as to what those policies are, and that such policies exist in the first place.
F-You Can't Manage What You Don't See • Logging, monitoring and reporting of user device activity is critical to understanding what, if any, risky behavior is occurring on your network. • Administrators should have full visibility into what users are accessing from any device—whether company or employee‐owned. • Logging and monitoring tools should integrate with network resource usage data such as Network Address Translation (NAT) to get the full picture of BYOD traffic to aid in compliance reporting. • Reporting tools should have the ability to distinguish between business‐oriented access and personal access for recreational, gaming or other non‐company related activity.
G-One Network Is Better than Two Or three or more • Wired, wireless and guest networks are often independent of each other. • The need for each arose at different times to serve different functions, so it's not surprising they ended up as autonomous and often unaware of each other. • Today, however, multiple networks typically entail multiple management platforms with varying guest access applications and are often driven by different directories. • A unified wired, wireless and guest network infrastructure reduces risk by utilizing a single policy in a unified manner and, more importantly, offering a single pane of glass management platform that enables visibility into wired, wireless, BYOD and company‐owned devices as well as the applications they are utilizing.
H-Don't Let Rogue Apps in the Door • Application marketplaces can present one of the bigger challenges to security. • Although authorized marketplaces from Apple, Google, and Amazon are fairly safe, any phone or tablet with a QR code reader can download a potentially dangerous application in a heartbeat. • Some vendors, like Apple, are more stringent than others in policing applications offered in its marketplace, whereas, others notably Google Android, are a bit more lax. • And unfortunately, many applications for virtually every device are little more than candy wrappers for malware. • For several organizations, setting up their own application marketplace represents the easiest way of ensuring that only blessed applications end up on employee devices.
Conclusion • It's clear that BYOD is here to stay. The economics it offers are just too hard to beat and workers would revolt if employers canceled BYOD programs. • However, the security challenges of BYOD can easily be mitigated by applying and enforcing policies, utilizing a mobile device management solution to containerize company apps and data, deploying a unifying network infrastructure and utilizing the latest generation of security platform and applications designed with mobility and user‐owned devices in mind.
Questions
Prof. Lili Saghafi Conference on Communication and Network Security (ICCNS 2014) Milan, Italy, November 19-21, 2014 Proflilisaghafi@Gmail.com

Recommended

Lecture43 network security
Lecture43 network securityLecture43 network security
Lecture43 network security
Umang Gupta
 
Netsec
NetsecNetsec
Netsec
Saleem Khan
 
Lecture about network and host security to NII students
Lecture about network and host security to NII studentsLecture about network and host security to NII students
Lecture about network and host security to NII students
Akiumi Hasegawa
 
PACE-IT: Common Threats (part 1)
PACE-IT: Common Threats (part 1)PACE-IT: Common Threats (part 1)
PACE-IT: Common Threats (part 1)
Pace IT at Edmonds Community College
 
Network Security
Network SecurityNetwork Security
Network Security
Federal Urdu University
 
Network security
Network security Network security
Network security
Vikas Jagtap
 
Network Security & Cryptography
Network Security & CryptographyNetwork Security & Cryptography
Network Security & Cryptography
Dr. Himanshu Gupta
 
Security threats
Security threatsSecurity threats
Security threats
Qamar Farooq
 

Recommended

Lecture43 network security
Lecture43 network securityLecture43 network security
Lecture43 network security
Umang Gupta
 
Netsec
NetsecNetsec
Netsec
Saleem Khan
 
Lecture about network and host security to NII students
Lecture about network and host security to NII studentsLecture about network and host security to NII students
Lecture about network and host security to NII students
Akiumi Hasegawa
 
PACE-IT: Common Threats (part 1)
PACE-IT: Common Threats (part 1)PACE-IT: Common Threats (part 1)
PACE-IT: Common Threats (part 1)
Pace IT at Edmonds Community College
 
Network Security
Network SecurityNetwork Security
Network Security
Federal Urdu University
 
Network security
Network security Network security
Network security
Vikas Jagtap
 
Network Security & Cryptography
Network Security & CryptographyNetwork Security & Cryptography
Network Security & Cryptography
Dr. Himanshu Gupta
 
Security threats
Security threatsSecurity threats
Security threats
Qamar Farooq
 
Network Security 1st Lecture
Network Security 1st LectureNetwork Security 1st Lecture
Network Security 1st Lecture
babak danyal
 
Rashed al kamdah network security threats
Rashed al kamdah network security threatsRashed al kamdah network security threats
Rashed al kamdah network security threats
rashidalkamdah
 
En CCNA Security v11_ch01
En CCNA Security v11_ch01En CCNA Security v11_ch01
En CCNA Security v11_ch01
Ajith Pathirana
 
Cloud Security Top Threats
Cloud Security Top ThreatsCloud Security Top Threats
Cloud Security Top Threats
Tiago de Almeida
 
Network Security
Network SecurityNetwork Security
Network Security
MAJU
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
Fat-Thing Gabriel-Culley
 
Artificial Intelligence and the importance of Data, By : Prof. Lili Saghafi
Artificial Intelligence and the importance of Data, By : Prof. Lili SaghafiArtificial Intelligence and the importance of Data, By : Prof. Lili Saghafi
Artificial Intelligence and the importance of Data, By : Prof. Lili Saghafi
Professor Lili Saghafi
 
Software Engineering
Software EngineeringSoftware Engineering
Software Engineering
Professor Lili Saghafi
 
Ai
AiAi
Ai
Professor Lili Saghafi
 
Introduction to Quantum Computing Lecture 1: Fundamentals
Introduction to Quantum Computing Lecture 1: FundamentalsIntroduction to Quantum Computing Lecture 1: Fundamentals
Introduction to Quantum Computing Lecture 1: Fundamentals
Professor Lili Saghafi
 
Software Engineering_Agile Software Development By: Professor Lili Saghafi
Software Engineering_Agile Software Development By: Professor Lili SaghafiSoftware Engineering_Agile Software Development By: Professor Lili Saghafi
Software Engineering_Agile Software Development By: Professor Lili Saghafi
Professor Lili Saghafi
 
Quantum Computing Quantum Internet 2020_unit 1 By: Prof. Lili Saghafi
Quantum Computing Quantum Internet 2020_unit 1 By: Prof. Lili SaghafiQuantum Computing Quantum Internet 2020_unit 1 By: Prof. Lili Saghafi
Quantum Computing Quantum Internet 2020_unit 1 By: Prof. Lili Saghafi
Professor Lili Saghafi
 
Programming Languages Categories / Programming Paradigm By: Prof. Lili Saghafi
Programming Languages Categories / Programming Paradigm By: Prof. Lili Saghafi Programming Languages Categories / Programming Paradigm By: Prof. Lili Saghafi
Programming Languages Categories / Programming Paradigm By: Prof. Lili Saghafi
Professor Lili Saghafi
 
Introduction to blockchain lesson 2 By: Professor Lili Saghafi
Introduction to blockchain lesson 2 By: Professor Lili SaghafiIntroduction to blockchain lesson 2 By: Professor Lili Saghafi
Introduction to blockchain lesson 2 By: Professor Lili Saghafi
Professor Lili Saghafi
 
Introduction to Blockchain Technology By Professor Lili Saghafi
Introduction to Blockchain Technology By Professor Lili SaghafiIntroduction to Blockchain Technology By Professor Lili Saghafi
Introduction to Blockchain Technology By Professor Lili Saghafi
Professor Lili Saghafi
 
Cyber Security and Post Quantum Cryptography By: Professor Lili Saghafi
Cyber Security and Post Quantum Cryptography By: Professor Lili SaghafiCyber Security and Post Quantum Cryptography By: Professor Lili Saghafi
Cyber Security and Post Quantum Cryptography By: Professor Lili Saghafi
Professor Lili Saghafi
 
Machine learning by using python lesson 3 Confusion Matrix By : Professor Lil...
Machine learning by using python lesson 3 Confusion Matrix By : Professor Lil...Machine learning by using python lesson 3 Confusion Matrix By : Professor Lil...
Machine learning by using python lesson 3 Confusion Matrix By : Professor Lil...
Professor Lili Saghafi
 
Machine learning by using python lesson 2 Neural Networks By Professor Lili S...
Machine learning by using python lesson 2 Neural Networks By Professor Lili S...Machine learning by using python lesson 2 Neural Networks By Professor Lili S...
Machine learning by using python lesson 2 Neural Networks By Professor Lili S...
Professor Lili Saghafi
 
Machine learning by using python Lesson One Part 2 By Professor Lili Saghafi
Machine learning by using python Lesson One Part 2 By Professor Lili SaghafiMachine learning by using python Lesson One Part 2 By Professor Lili Saghafi
Machine learning by using python Lesson One Part 2 By Professor Lili Saghafi
Professor Lili Saghafi
 
Machine learning by using python By: Professor Lili Saghafi
Machine learning by using python By: Professor Lili SaghafiMachine learning by using python By: Professor Lili Saghafi
Machine learning by using python By: Professor Lili Saghafi
Professor Lili Saghafi
 
What is digital humanities ,By: Professor Lili Saghafi
What is digital humanities ,By: Professor Lili SaghafiWhat is digital humanities ,By: Professor Lili Saghafi
What is digital humanities ,By: Professor Lili Saghafi
Professor Lili Saghafi
 
Effective Algorithm for n Fibonacci Number By: Professor Lili Saghafi
Effective Algorithm for n Fibonacci Number By: Professor Lili SaghafiEffective Algorithm for n Fibonacci Number By: Professor Lili Saghafi
Effective Algorithm for n Fibonacci Number By: Professor Lili Saghafi
Professor Lili Saghafi
 

More Related Content

Viewers also liked

En CCNA Security v11_ch01
En CCNA Security v11_ch01En CCNA Security v11_ch01
En CCNA Security v11_ch01
Ajith Pathirana
 

Viewers also liked (6)

Network Security 1st Lecture
Network Security 1st LectureNetwork Security 1st Lecture
Network Security 1st Lecture
 
Rashed al kamdah network security threats
Rashed al kamdah network security threatsRashed al kamdah network security threats
Rashed al kamdah network security threats
 
En CCNA Security v11_ch01
En CCNA Security v11_ch01En CCNA Security v11_ch01
En CCNA Security v11_ch01
 
Cloud Security Top Threats
Cloud Security Top ThreatsCloud Security Top Threats
Cloud Security Top Threats
 
Network Security
Network SecurityNetwork Security
Network Security
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 

More from Professor Lili Saghafi

Quantum Computing Quantum Internet 2020_unit 1 By: Prof. Lili Saghafi
Quantum Computing Quantum Internet 2020_unit 1 By: Prof. Lili SaghafiQuantum Computing Quantum Internet 2020_unit 1 By: Prof. Lili Saghafi
Quantum Computing Quantum Internet 2020_unit 1 By: Prof. Lili Saghafi
Professor Lili Saghafi
 
Machine learning by using python lesson 2 Neural Networks By Professor Lili S...
Machine learning by using python lesson 2 Neural Networks By Professor Lili S...Machine learning by using python lesson 2 Neural Networks By Professor Lili S...
Machine learning by using python lesson 2 Neural Networks By Professor Lili S...
Professor Lili Saghafi
 
Machine learning by using python By: Professor Lili Saghafi
Machine learning by using python By: Professor Lili SaghafiMachine learning by using python By: Professor Lili Saghafi
Machine learning by using python By: Professor Lili Saghafi
Professor Lili Saghafi
 

More from Professor Lili Saghafi (20)

Artificial Intelligence and the importance of Data, By : Prof. Lili Saghafi
Artificial Intelligence and the importance of Data, By : Prof. Lili SaghafiArtificial Intelligence and the importance of Data, By : Prof. Lili Saghafi
Artificial Intelligence and the importance of Data, By : Prof. Lili Saghafi
 
Software Engineering
Software EngineeringSoftware Engineering
Software Engineering
 
Ai
AiAi
Ai
 
Introduction to Quantum Computing Lecture 1: Fundamentals
Introduction to Quantum Computing Lecture 1: FundamentalsIntroduction to Quantum Computing Lecture 1: Fundamentals
Introduction to Quantum Computing Lecture 1: Fundamentals
 
Software Engineering_Agile Software Development By: Professor Lili Saghafi
Software Engineering_Agile Software Development By: Professor Lili SaghafiSoftware Engineering_Agile Software Development By: Professor Lili Saghafi
Software Engineering_Agile Software Development By: Professor Lili Saghafi
 
Quantum Computing Quantum Internet 2020_unit 1 By: Prof. Lili Saghafi
Quantum Computing Quantum Internet 2020_unit 1 By: Prof. Lili SaghafiQuantum Computing Quantum Internet 2020_unit 1 By: Prof. Lili Saghafi
Quantum Computing Quantum Internet 2020_unit 1 By: Prof. Lili Saghafi
 
Programming Languages Categories / Programming Paradigm By: Prof. Lili Saghafi
Programming Languages Categories / Programming Paradigm By: Prof. Lili Saghafi Programming Languages Categories / Programming Paradigm By: Prof. Lili Saghafi
Programming Languages Categories / Programming Paradigm By: Prof. Lili Saghafi
 
Introduction to blockchain lesson 2 By: Professor Lili Saghafi
Introduction to blockchain lesson 2 By: Professor Lili SaghafiIntroduction to blockchain lesson 2 By: Professor Lili Saghafi
Introduction to blockchain lesson 2 By: Professor Lili Saghafi
 
Introduction to Blockchain Technology By Professor Lili Saghafi
Introduction to Blockchain Technology By Professor Lili SaghafiIntroduction to Blockchain Technology By Professor Lili Saghafi
Introduction to Blockchain Technology By Professor Lili Saghafi
 
Cyber Security and Post Quantum Cryptography By: Professor Lili Saghafi
Cyber Security and Post Quantum Cryptography By: Professor Lili SaghafiCyber Security and Post Quantum Cryptography By: Professor Lili Saghafi
Cyber Security and Post Quantum Cryptography By: Professor Lili Saghafi
 
Machine learning by using python lesson 3 Confusion Matrix By : Professor Lil...
Machine learning by using python lesson 3 Confusion Matrix By : Professor Lil...Machine learning by using python lesson 3 Confusion Matrix By : Professor Lil...
Machine learning by using python lesson 3 Confusion Matrix By : Professor Lil...
 
Machine learning by using python lesson 2 Neural Networks By Professor Lili S...
Machine learning by using python lesson 2 Neural Networks By Professor Lili S...Machine learning by using python lesson 2 Neural Networks By Professor Lili S...
Machine learning by using python lesson 2 Neural Networks By Professor Lili S...
 
Machine learning by using python Lesson One Part 2 By Professor Lili Saghafi
Machine learning by using python Lesson One Part 2 By Professor Lili SaghafiMachine learning by using python Lesson One Part 2 By Professor Lili Saghafi
Machine learning by using python Lesson One Part 2 By Professor Lili Saghafi
 
Machine learning by using python By: Professor Lili Saghafi
Machine learning by using python By: Professor Lili SaghafiMachine learning by using python By: Professor Lili Saghafi
Machine learning by using python By: Professor Lili Saghafi
 
What is digital humanities ,By: Professor Lili Saghafi
What is digital humanities ,By: Professor Lili SaghafiWhat is digital humanities ,By: Professor Lili Saghafi
What is digital humanities ,By: Professor Lili Saghafi
 
Effective Algorithm for n Fibonacci Number By: Professor Lili Saghafi
Effective Algorithm for n Fibonacci Number By: Professor Lili SaghafiEffective Algorithm for n Fibonacci Number By: Professor Lili Saghafi
Effective Algorithm for n Fibonacci Number By: Professor Lili Saghafi
 
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili SaghafiComputer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
Computer Security Cyber Security DOS_DDOS Attacks By: Professor Lili Saghafi
 
Data Science unit 2 By: Professor Lili Saghafi
Data Science unit 2 By: Professor Lili SaghafiData Science unit 2 By: Professor Lili Saghafi
Data Science unit 2 By: Professor Lili Saghafi
 
Data science unit 1 By: Professor Lili Saghafi
Data science unit 1 By: Professor Lili Saghafi Data science unit 1 By: Professor Lili Saghafi
Data science unit 1 By: Professor Lili Saghafi
 
Data Scientist By: Professor Lili Saghafi
Data Scientist By: Professor Lili SaghafiData Scientist By: Professor Lili Saghafi
Data Scientist By: Professor Lili Saghafi
 

Recently uploaded

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 

Recently uploaded (20)

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 

Network Security Threats within BYOD by Prof. Lili Saghafi

  • 1. Network Security Threats within BYOD By: Prof. Lili Saghafi Conference on Communication and Network Security (ICCNS 2014) Milan, Italy, November 19-21, 2014
  • 2.
  • 3. Overview • The age of BYOD is here, and with it a myriad of threats and challenges so broad that some have called the phenomenon "Bring Your Own Disaster". • And it's easy to understand why. With devices that are often borrowed by socially active kids who load their own apps onto Mom's or Dad's iPhone, browse unsafe websites and lend your phone to their friends for "just a minute"
  • 4.
  • 5. Mobility • Along with the BYOD challenge of multiple devices is where these devices go. • Mobility is the other half of the BYOD equation, and mobile devices connect to a broad variety of networks—known and unknown, safe and unsafe, secure and insecure. • Also, with employees carrying on average three or more devices, it's not unusual to see more mobile browsers than PC‐based browsers accessing internal websites.
  • 6.
  • 7. Network Security • Unfortunately, mobility and BYOD are the natural enemies of network security. • With users increasingly accessing business systems from the road or from home, just identifying the ever‐growing network security risks in this environment has become a nonstop job, challenging virtually every IT security organization.
  • 8.
  • 9. Mitigate Risk Factors • How to control of the BYOD explosion and mitigate risk factors before they impact the enterprise is a quest.
  • 10.
  • 11. A-Modernize and Centralize Identity and Access Management • Organizations that haven't kept their identity and access management systems up‐to‐date are particularly at risk. • On top of mobility, social media and cloud applications can introduce threat vectors in a variety of ways. • A solid identity and access management system tightly integrated with directory servers should be the first line of defense against malignant access to enterprise services. • Access to applications should be as strictly limited as possible to reduce the risk of unauthorized users gaining access as well as to prevent potential losses of intellectual property, sensitive customer information, or other regulated data.
  • 12.
  • 13. B-Security, Performance, Visibility • In today's era of software‐defined everything, hardware still matters. • This may be especially true when it comes to next‐generation firewalls (NGFW), which are quickly becoming a staple in the security professional's larder. • Not only must firewalls offer security protection without impacting performance, they need to deliver visibility into each and every application traversing the network. • Regular threat protection updates to keep users a step or two ahead of the bad guys and seamless integration with enterprise authentication services can help stem the threat that BYOD represents.
  • 14.
  • 15.
  • 16. C-Consider Containerization • You may not be able to stop the BYOD juggernaut, but you can certainly put up some walls. • Compartmentalizing trusted applications and company data can be achieved using secure containers and network access controls can prevent an untrusted device from accessing sensitive parts of the network. • This is especially important in situations where a BYOD device is lost or stolen, or employee is terminated. • Having company applications and information in their own container greatly simplifies the task of sterilizing devices without affecting employees' personal applications or family photos stored on those devices.
  • 17.
  • 18. D-Know the Threats • The threat landscape is constantly changing. • New vulnerabilities emerge and security events occur daily. • It is also virtually impossible to track the multitude of advanced threats, including advanced persistent threats that may be aimed at your enterprise's servers. • Many of these threats rely on devices such as smartphones to gain access or exfiltrate data. • A comprehensive security intelligence and risk management platform combining advanced threat research with correlation of security events and vulnerabilities can ensure that consistent policies are in force enterprise‐wide. • This would enable reporting and trend analysis enhancing transparency, and automated updates across all the security appliances in the network.
  • 19.
  • 20.
  • 21. E-Policy Is Not a Four‐Letter Word • You're seeing devices being brought into the enterprise by employees • on every level and in every department, but is it happening in accordance with established policies? • A surprising number of enterprises that allow user devices either do not have a BYOD policy or have one that is already outdated. • Without clearly set policies in place, it's nearly impossible to effectively mitigate the risks that user devices bring along with the convenience that they offer. • Also important is training employees, partners, customers and anyone else whose personal devices are granted access to the network as to what those policies are, and that such policies exist in the first place.
  • 22.
  • 23. F-You Can't Manage What You Don't See • Logging, monitoring and reporting of user device activity is critical to understanding what, if any, risky behavior is occurring on your network. • Administrators should have full visibility into what users are accessing from any device—whether company or employee‐owned. • Logging and monitoring tools should integrate with network resource usage data such as Network Address Translation (NAT) to get the full picture of BYOD traffic to aid in compliance reporting. • Reporting tools should have the ability to distinguish between business‐oriented access and personal access for recreational, gaming or other non‐company related activity.
  • 24.
  • 25. G-One Network Is Better than Two Or three or more • Wired, wireless and guest networks are often independent of each other. • The need for each arose at different times to serve different functions, so it's not surprising they ended up as autonomous and often unaware of each other. • Today, however, multiple networks typically entail multiple management platforms with varying guest access applications and are often driven by different directories. • A unified wired, wireless and guest network infrastructure reduces risk by utilizing a single policy in a unified manner and, more importantly, offering a single pane of glass management platform that enables visibility into wired, wireless, BYOD and company‐owned devices as well as the applications they are utilizing.
  • 26.
  • 27. H-Don't Let Rogue Apps in the Door • Application marketplaces can present one of the bigger challenges to security. • Although authorized marketplaces from Apple, Google, and Amazon are fairly safe, any phone or tablet with a QR code reader can download a potentially dangerous application in a heartbeat. • Some vendors, like Apple, are more stringent than others in policing applications offered in its marketplace, whereas, others notably Google Android, are a bit more lax. • And unfortunately, many applications for virtually every device are little more than candy wrappers for malware. • For several organizations, setting up their own application marketplace represents the easiest way of ensuring that only blessed applications end up on employee devices.
  • 28.
  • 29.
  • 30. Conclusion • It's clear that BYOD is here to stay. The economics it offers are just too hard to beat and workers would revolt if employers canceled BYOD programs. • However, the security challenges of BYOD can easily be mitigated by applying and enforcing policies, utilizing a mobile device management solution to containerize company apps and data, deploying a unifying network infrastructure and utilizing the latest generation of security platform and applications designed with mobility and user‐owned devices in mind.
  • 32. Prof. Lili Saghafi Conference on Communication and Network Security (ICCNS 2014) Milan, Italy, November 19-21, 2014 Proflilisaghafi@Gmail.com