Contenu connexe
Similaire à Zenprise ctia 10-11-2011_v02
Similaire à Zenprise ctia 10-11-2011_v02 (20)
Zenprise ctia 10-11-2011_v02
- 1. Zenprise
Protect the Enterprise In Your Pocket
Shafaq Abdullah
Principal/Architect, Software
Twitter:@shafaq110 : shafaq.abdullah@zenprise.com
© 2011 Zenprise, Inc. All rights reserved. 0
- 2. Mobile Is A Top Priority Across The Board
69% higher than $6,600
their prediction
earlier this year $3,400
$1,800
$300 $700
$200
2010 2011 2012 2013 2014 2015
Forrester
59% 3x 17,000
Forrester Aberdeen Research2Guidance
1
| © 2011 Zenprise, Inc. All rights reserved.
© 2011 Zenprise, Inc. All rights reserved. 1
- 3. The Problem: The Mobile Blind Spot
© 2011 Zenprise, Inc. All rights reserved. 2
- 4. Three Enterprise Mobility Use Cases
CEO at Starbucks Employee at Office VP Lands in China
Viewing Corporate Data Loading Photos to Accessing M&A
on Personal iPad via Facebook on Corporate Documents from Dropbox
Unrestricted WiFi Android on Personal iPhone
On Any Device
Are your data Which apps Is the connection
protected? are safe? secure?
© 2011 Zenprise, Inc. All rights reserved. 3
- 5. Zenprise Offerings
Complete
Management Solution
ZENPRISE Industry’s Only Solution for All Devices
MOBILEMANAGER™ With Security At All iPhone, iPad, Android,
Software Solution Layers Windows Mobile,
Blackberry, Symbian….
ZENCLOUD™ Public, Private, Hybrid
Cloud-based Offering 100% SLA
© 2011 Zenprise, Inc. All rights reserved. 4
- 6. Zenprise Differentiated Value:
Protection At All Layers
CEO Employee Board of Directors
DEVICES APPLICATIONS NETWORK DATA
+ + +
Any Connection Repository
Any and All Ever Increasing to Enterprise Integration
DATA (IP, non-public financial,
BI, customer data, employee data)
Real-Time Security At All Layers
© 2011 Zenprise, Inc. All rights reserved. 5
- 7. Differentiated Value At The Device Layer
Dynamic Defense
Dynamic Defense
• Dynamic, context-aware policies for device resource or
app usage based on time of day or location
• Granular device and data governance and control
reduces risk and enables compliance
© 2011 Zenprise, Inc. All rights reserved. 6
- 8. Differentiated Value At The App Layer
Mobile
App Tunnels
Mobile App Tunnels
• Secure, dedicated, VPN-like connection from user to app
• Granular access vs. all-or-nothing with VPN
• Segregate critical business apps
• Better performance, reliability, and cost through data
compression and continuity even with poor connectivity
© 2011 Zenprise, Inc. All rights reserved. 7
- 9. Differentiated Value At The Network Layer
Mobile Security
Intelligence
Mobile Network Intelligence
• Visibility into mobile network traffic and behavior by
device, user, system, or application
• Identifies unauthorized access, insider threats, leakage
of sensitive corporate data, and compliance violations
• SIEM integration
© 2011 Zenprise, Inc. All rights reserved. 8
- 10. Differentiated Value At The Data Layer
• The industry’s first mobile
DLP solution that
addresses sensitive data
• Secure file synch in
document container
• Provides context- and
content-aware mobile DLP
• Leverages SharePoint –
the primary enterprise
collaboration tool
© 2011 Zenprise, Inc. All rights reserved. 9
- 11. Secure Data Container on Android
• (app + ciphering) + sqlite = encrypted data container
• app + (sqlite (with ciphering)) = encrypted data container
© 2011 Zenprise, Inc. All rights reserved. 10
- 12. Enterprise Virtual Machine on Mobile Devices
Office Phone, Personal Phone paradox!
Isolating Personal Content from Enterprise one
© 2011 Zenprise, Inc. All rights reserved. 11
- 13. Enterprise-Grade Architecture
• Proven in production Number of Devices Managed
deployments with 10s of
1,000s of users and devices Fortune 500 Tech 25K
• Managing 65,000 devices on Fortune 500 Manufacturing 30K
a single Zenprise server
Government Agency 30K
• Six years of technology
development in scalability and Global Carrier 28K
service management
Fortune 500 Conglomerate 65K
• High availability at web, app,
and data tiers
• 100% uptime SLA with cloud
Proven to Meet Needs of Any Size Organization
© 2011 Zenprise, Inc. All rights reserved. 12
- 14. Recognized As The Leader By Gartner
Zenprise
© 2011 Zenprise, Inc. All rights reserved. 13
- 15. How It Works: Full Lifecycle Management
Configure
Decom-
Provision
mission
Monitor
Support
and report
© 2011 Zenprise, Inc. All rights reserved. 14
- 16. How It Works: Configure, Set Policies,
Define Apps
© 2011 Zenprise, Inc. All rights reserved. 15
- 17. How It Works: Users Self-Enroll In Minutes
1 2 3 4
Begin Enter Install cert Download enterprise
enrollment credentials and profile recommended apps
© 2011 Zenprise, Inc. All rights reserved. 16
- 18. How It Works: Enterprise-Grade Architecture
© 2011 Zenprise, Inc. All rights reserved. 17
- 19. How It Works: Enterprise-Grade Architecture
© 2011 Zenprise, Inc. All rights reserved. 18
- 21. Customer Case Study: Aerospace
• Fortune 100 aerospace company
• Challenges
- Management
Dozens of devices types, operating systems, applications, carrier and support plans
- Security
Lost or stolen devices exposing data, mobile threats via browser
- Visibility
Installed applications, user activity
• Chose Zenprise over MobileIron because
- Best fit with security and technical requirements
- Actionable intelligence about carrier expenses and service
• Foundational to multi-thousand device global roll-out
© 2011 Zenprise, Inc. All rights reserved. 20
- 22. Customer Case Study: Telecommunications
• Fortune 100 global telecommunications company
• Challenges
• Scalability
Centrally manage tens of thousands of employees around the world
• Management
Diverse array of operating systems (iOS, Android, BlackBerry, WinMo, and Symbian)
• Enterprise integration
Active Directory, integration with business process management system, single
sign-on
• Chose Zenprise over MobileIron, AirWatch, BoxTone, and
Good because
• Simple, well-supported integration and configuration
• Strong match with current and future requirements (roadmap)
• Result: 30%+ reduction in device-enablement service requests
© 2011 Zenprise, Inc. All rights reserved. 21
- 23. The Top Five
Win Customers While Planting Competitive Landmines
Protection across ALL LAYERS: device, app, network,
1 data
2 Security ARCHITECTED in; no data exposed in the DMZ
The most SCALABLE cloud and on-prem solution in the
3 market; proven in production
4 …with the HIGHEST AVAILABILITY (fully-redundant at all
levels)
5 The LEADER in Critical Capabilities, per Gartner
© 2011 Zenprise, Inc. All rights reserved. 22
- 25. Android Apps SECURITY
• UIDs
• Application Sandbox with distinct permission
• Application signing using self-signing certificates
• Permissions on Manifest
© 2011 Zenprise, Inc. All rights reserved. 24
- 26. Levels of Permission
• Normal
• Dangerous
• Signature
• SignatureOrSystem
© 2011 Zenprise, Inc. All rights reserved. 25
- 27. Intent Filter
• IntentFilters are not a security boundary they cannot be
associated with permissions
• Categories when added to Intent, help to avoid unintented
consequences
• android:permission attribute in an <activity>
• When are Activities Private
• Intent arugments: Command-line
© 2011 Zenprise, Inc. All rights reserved. 26
- 29. Questions?
© 2011 Zenprise, Inc. All rights reserved. 28