SlideShare une entreprise Scribd logo

BYOD - Mobility - Protection: security partnering with business

Télécharger en tant que PPTX, PDF
Mike Brannon
Mike Brannon

Presentation delivered to the Charlotte CISO Summit and Ballantyne IT Pro security summit events. I cover how security has positively partnered with the business at NGC to very securely deploy BYOD and enable mobile access to email, documents and business data.

Technologie
1  sur  20
Are We the Watchers or Their Partners? Mike Brannon, National Gypsum
National Gypsum Company is a fully integrated building products manufacturer Headquartered in Charlotte, NC with mines and quarries, and manufacturing plants across North America
Charlotte Metro ISSA Email us at info@charlotteissa.org Twitter: @cltissa http://www.charlotteissa.org/ ISSA local chapter delivers excellent and low cost Security Training, hosts an annual Summit event and sponsors UNCC scholarships Frequent gatherings to share practices and network – support from sponsor / partners for meetings – Next Meeting 8/27/13 at NGC HQ – and TacoMac Please Join Us!
4 4 We Are The Watchers… Only We Understand Threats… We Must Not Let Them Pass!
5 5 The more the CIO/CISO says no, the less secure the organization becomes. Vivek Kundra, Former U.S. Federal CIO Be responsible, not restrictive Mike Brannon, National Gypsum
6 6 NGC Example: BYOD/Mobility Business Needs: • Business needed improved mobile access • Devices of their choice, ‘native interfaces’ on devices • Explosion of options for devices, apps on app stores… Security Concerns: • Recently gained control of company provided PCs – Now we allow any chosen device / app? • Limited support / management resources in IT • Serious concerns about responsible content management (both Security and Legal teams)
7 7 Traditional enterprise security 7 Firewall & VPN
8 8 The perimeter is gone Copy/Paste Open-in Forward
9 9 Securing data-at-rest
10 10 Open In Copy Save View SharePoint documents Open In Copy Save View Email attachments MobileIron Confidential 10 Secure your document repositories • Solve “open in” problem • Store documents securely on device • Control cut / copy / paste actions • Selectively wipe documents • Prevent unauthorized distribution • Control end-to-end with policy • Leverage existing content repositories • Prevent use of unauthorized tools – – DropBox for example Open In Copy Save View Box shared documents
11 11 Securing email attachments 11 Email App Secure Content Viewer Email with Attachment REMOVE
12 12 Colligo App Viewer Securing SharePoint 12 REMOVE Sharepoint
13 13 Closed-loop actions when compromised 13 Remediation Notify Block Quarantine Closed-loop actions • Notify user and admin • Prevent access • Remove saved files • Remove SharePoint config • Protect enterprise persona MobileIron Confidential
14 14 National Gypsum Implementation • Risks / Threats Addressed: – Loss of Company Data / Lost Devices / Departing Employees – All Devices and Users Registered / Security Policies Enforced – Ease of Use for Employees AND Improved Security & Efficiency • What We Deployed (And Timeline) – MobileIron device (VSP) and support (Sentry) – All Smartphones – Blackberry (now gone), Apple iOS and Android Devices – Push Secure WiFi Config to Minimize Data Use On Premise – Rush To Adopt iPads – From 0 to 100’s of Devices! – More than email access! Apps for SharePoint and Data! – Manage “Allowed” and “Disallowed” Settings / Apps (DropBox) • Replaced with BOX Enterprise – Block ALL Other “Web Content Stores” – Leverage Internal PKI and Push Webclips – Deliver Business Data
15 15 • Where Are We Now? – BES Retired – 70% iOS, 25% Android, 5% Windows Devices – User/Device Configuration Management Implemented – iPad is currently only supported Tablet – • Actively testing Samsung SAFE Android, others (Nexus, Surface) – Plans to allow Windows 8 and MAC OS/X BYOD – Colligo Briefcase for SharePoint Document Access – BOX for External Data Sharing with Partners – Two Apps Deployed on iOS with “One Tap For Data” • Certificates delivered to Device and to User (SCEP/MobileIron) • Invisible Authentication via Juniper Secure Access • IIS Web Server & Application Configuration – “Last Seen User State” • HTML5 / JavaScript to deliver SQL and Mainframe Data National Gypsum Implementation
16 16 National Gypsum Implementation
17 17 Content doesn’t exist in isolation Enterprise Mobile Persona Native experience Data separation Shared policy Selective wipe Secure communications Email Apps Certs Policy Content Federated identity
18 18 Security considerations 2013+ … “No” not a sustainable option -> provide credible alternatives Massive content ecosystem -> crowd-source but don’t lock-in Uncertain economics -> establish “help-yourself-desk” Dynamic risk at endpoint -> automate your mobile trust model Content always one-click from cloud -> co-habitate responsibly Blurring between content and app -> explore new forms
19 19 Security Partnering With Business… Understand incentives of others-> help them look good first Seek to understand -> ask questions, don’t issue demands Uncertain economics -> agile, incremental work not big bang Add value always -> strive to integrate security transparently Leverage outside partners-> “Wall Watchers” contract MSS Be flexible and recalibrate -> build stakeholders and allies
Thank you - Resources Mike Brannon (mebrannon@nationalgypsum.com http://www.charlotteissa.org/

Recommandé

Secure Your Mobile Content!
Secure Your Mobile Content!Secure Your Mobile Content!
Secure Your Mobile Content!Mike Brannon
 
Identity, Security and Healthcare
Identity, Security and HealthcareIdentity, Security and Healthcare
Identity, Security and HealthcareNetIQ
 
Are You Being Anti-Social
Are You Being Anti-SocialAre You Being Anti-Social
Are You Being Anti-SocialNetIQ
 
IoT_Implemented
IoT_ImplementedIoT_Implemented
IoT_ImplementedBrandon Walston
 
SOX: A Short Guide to Compliance
SOX: A Short Guide to ComplianceSOX: A Short Guide to Compliance
SOX: A Short Guide to ComplianceSwiftTech Solutions, Inc.
 
HIPAA Compliance: What you need to know
HIPAA Compliance: What you need to knowHIPAA Compliance: What you need to know
HIPAA Compliance: What you need to knowSwiftTech Solutions, Inc.
 
SocialSafe for SMEs/SMBs - V1
SocialSafe for SMEs/SMBs - V1SocialSafe for SMEs/SMBs - V1
SocialSafe for SMEs/SMBs - V1Julian Ranger
 
Better to Ask Permission? Best Practices for Privacy and Security
Better to Ask Permission? Best Practices for Privacy and SecurityBetter to Ask Permission? Best Practices for Privacy and Security
Better to Ask Permission? Best Practices for Privacy and SecurityEric Kavanagh
 

Recommandé

Secure Your Mobile Content!
Secure Your Mobile Content!Secure Your Mobile Content!
Secure Your Mobile Content!Mike Brannon
 
Identity, Security and Healthcare
Identity, Security and HealthcareIdentity, Security and Healthcare
Identity, Security and HealthcareNetIQ
 
Are You Being Anti-Social
Are You Being Anti-SocialAre You Being Anti-Social
Are You Being Anti-SocialNetIQ
 
IoT_Implemented
IoT_ImplementedIoT_Implemented
IoT_ImplementedBrandon Walston
 
SOX: A Short Guide to Compliance
SOX: A Short Guide to ComplianceSOX: A Short Guide to Compliance
SOX: A Short Guide to ComplianceSwiftTech Solutions, Inc.
 
HIPAA Compliance: What you need to know
HIPAA Compliance: What you need to knowHIPAA Compliance: What you need to know
HIPAA Compliance: What you need to knowSwiftTech Solutions, Inc.
 
SocialSafe for SMEs/SMBs - V1
SocialSafe for SMEs/SMBs - V1SocialSafe for SMEs/SMBs - V1
SocialSafe for SMEs/SMBs - V1Julian Ranger
 
Better to Ask Permission? Best Practices for Privacy and Security
Better to Ask Permission? Best Practices for Privacy and SecurityBetter to Ask Permission? Best Practices for Privacy and Security
Better to Ask Permission? Best Practices for Privacy and SecurityEric Kavanagh
 
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...Black Duck by Synopsys
 
How to safe your company from having a security breach
How to safe your company from having a security breachHow to safe your company from having a security breach
How to safe your company from having a security breachBaltimax
 
Internet & iot security
Internet & iot securityInternet & iot security
Internet & iot securityUsman Anjum
 
Cybersecurity for CRM v0219-3
Cybersecurity for CRM v0219-3Cybersecurity for CRM v0219-3
Cybersecurity for CRM v0219-3Caston Thomas
 
Stepping Up conference 2013
Stepping Up conference 2013Stepping Up conference 2013
Stepping Up conference 2013kumar641
 
Design%20Considerations%20for%20Mobile%20Security[1]
Design%20Considerations%20for%20Mobile%20Security[1]Design%20Considerations%20for%20Mobile%20Security[1]
Design%20Considerations%20for%20Mobile%20Security[1]Vikash Lalsing (CITP)
 
3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputation3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputationNikec Solutions
 
MIRAI: What is It, How Does it Work and Why Should I Care?
MIRAI: What is It, How Does it Work and Why Should I Care?MIRAI: What is It, How Does it Work and Why Should I Care?
MIRAI: What is It, How Does it Work and Why Should I Care?Memoori
 
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SMCarlos Valderrama
 
Online Privacy
Online PrivacyOnline Privacy
Online PrivacyIWMW
 
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016centralohioissa
 
Social media and security
Social media and securitySocial media and security
Social media and securityElvis Eromosele
 
festival ICT 2013: La consumerizzazione dell’IT: come coglierne i vantaggi ec...
festival ICT 2013: La consumerizzazione dell’IT: come coglierne i vantaggi ec...festival ICT 2013: La consumerizzazione dell’IT: come coglierne i vantaggi ec...
festival ICT 2013: La consumerizzazione dell’IT: come coglierne i vantaggi ec...festival ICT 2016
 
Odoo iot box integration
Odoo iot box integrationOdoo iot box integration
Odoo iot box integrationCeline George
 
Privacy by design for peerlyst meetup
Privacy by design for peerlyst meetupPrivacy by design for peerlyst meetup
Privacy by design for peerlyst meetupIshay Tentser
 
Privacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam CompliancePrivacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam ComplianceDan Michaluk
 
Logikcull Webinar: Preventing the #1 Litigation Risk
Logikcull Webinar: Preventing the #1 Litigation Risk Logikcull Webinar: Preventing the #1 Litigation Risk
Logikcull Webinar: Preventing the #1 Litigation Risk Logikcull.com
 
Security and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSecurity and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSomasundaram Jambunathan
 
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...centralohioissa
 
Interview With Eric Vanderburg, Cyber Security & Privacy Expert
Interview With Eric Vanderburg, Cyber Security & Privacy ExpertInterview With Eric Vanderburg, Cyber Security & Privacy Expert
Interview With Eric Vanderburg, Cyber Security & Privacy ExpertMuhammad Khan
 
Addressing Security Challenges of Mobility and Web 2.0 2009
Addressing Security Challenges of Mobility and Web 2.0 2009Addressing Security Challenges of Mobility and Web 2.0 2009
Addressing Security Challenges of Mobility and Web 2.0 2009Jason Edelstein
 
Azure Active Directory : on fait le point
Azure Active Directory : on fait le pointAzure Active Directory : on fait le point
Azure Active Directory : on fait le pointMaxime Rastello
 

Contenu connexe

Tendances

Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...Black Duck by Synopsys
 
How to safe your company from having a security breach
How to safe your company from having a security breachHow to safe your company from having a security breach
How to safe your company from having a security breachBaltimax
 
Internet & iot security
Internet & iot securityInternet & iot security
Internet & iot securityUsman Anjum
 
Cybersecurity for CRM v0219-3
Cybersecurity for CRM v0219-3Cybersecurity for CRM v0219-3
Cybersecurity for CRM v0219-3Caston Thomas
 
Stepping Up conference 2013
Stepping Up conference 2013Stepping Up conference 2013
Stepping Up conference 2013kumar641
 
Design%20Considerations%20for%20Mobile%20Security[1]
Design%20Considerations%20for%20Mobile%20Security[1]Design%20Considerations%20for%20Mobile%20Security[1]
Design%20Considerations%20for%20Mobile%20Security[1]Vikash Lalsing (CITP)
 
3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputation3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputationNikec Solutions
 
MIRAI: What is It, How Does it Work and Why Should I Care?
MIRAI: What is It, How Does it Work and Why Should I Care?MIRAI: What is It, How Does it Work and Why Should I Care?
MIRAI: What is It, How Does it Work and Why Should I Care?Memoori
 
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SMCarlos Valderrama
 
Online Privacy
Online PrivacyOnline Privacy
Online PrivacyIWMW
 
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016centralohioissa
 
Social media and security
Social media and securitySocial media and security
Social media and securityElvis Eromosele
 
festival ICT 2013: La consumerizzazione dell’IT: come coglierne i vantaggi ec...
festival ICT 2013: La consumerizzazione dell’IT: come coglierne i vantaggi ec...festival ICT 2013: La consumerizzazione dell’IT: come coglierne i vantaggi ec...
festival ICT 2013: La consumerizzazione dell’IT: come coglierne i vantaggi ec...festival ICT 2016
 
Odoo iot box integration
Odoo iot box integrationOdoo iot box integration
Odoo iot box integrationCeline George
 
Privacy by design for peerlyst meetup
Privacy by design for peerlyst meetupPrivacy by design for peerlyst meetup
Privacy by design for peerlyst meetupIshay Tentser
 
Privacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam CompliancePrivacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam ComplianceDan Michaluk
 
Logikcull Webinar: Preventing the #1 Litigation Risk
Logikcull Webinar: Preventing the #1 Litigation Risk Logikcull Webinar: Preventing the #1 Litigation Risk
Logikcull Webinar: Preventing the #1 Litigation Risk Logikcull.com
 
Security and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSecurity and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSomasundaram Jambunathan
 
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...centralohioissa
 
Interview With Eric Vanderburg, Cyber Security & Privacy Expert
Interview With Eric Vanderburg, Cyber Security & Privacy ExpertInterview With Eric Vanderburg, Cyber Security & Privacy Expert
Interview With Eric Vanderburg, Cyber Security & Privacy ExpertMuhammad Khan
 

Tendances (20)

Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...
 
How to safe your company from having a security breach
How to safe your company from having a security breachHow to safe your company from having a security breach
How to safe your company from having a security breach
 
Internet & iot security
Internet & iot securityInternet & iot security
Internet & iot security
 
Cybersecurity for CRM v0219-3
Cybersecurity for CRM v0219-3Cybersecurity for CRM v0219-3
Cybersecurity for CRM v0219-3
 
Stepping Up conference 2013
Stepping Up conference 2013Stepping Up conference 2013
Stepping Up conference 2013
 
Design%20Considerations%20for%20Mobile%20Security[1]
Design%20Considerations%20for%20Mobile%20Security[1]Design%20Considerations%20for%20Mobile%20Security[1]
Design%20Considerations%20for%20Mobile%20Security[1]
 
3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputation3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputation
 
MIRAI: What is It, How Does it Work and Why Should I Care?
MIRAI: What is It, How Does it Work and Why Should I Care?MIRAI: What is It, How Does it Work and Why Should I Care?
MIRAI: What is It, How Does it Work and Why Should I Care?
 
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM
[4YFN]Cyber Security Innovation, an urgent call to cyber heroes SM
 
Online Privacy
Online PrivacyOnline Privacy
Online Privacy
 
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
Dino Tsibouris & Mehmet Munur - Legal Perspective on Data Security for 2016
 
Social media and security
Social media and securitySocial media and security
Social media and security
 
festival ICT 2013: La consumerizzazione dell’IT: come coglierne i vantaggi ec...
festival ICT 2013: La consumerizzazione dell’IT: come coglierne i vantaggi ec...festival ICT 2013: La consumerizzazione dell’IT: come coglierne i vantaggi ec...
festival ICT 2013: La consumerizzazione dell’IT: come coglierne i vantaggi ec...
 
Odoo iot box integration
Odoo iot box integrationOdoo iot box integration
Odoo iot box integration
 
Privacy by design for peerlyst meetup
Privacy by design for peerlyst meetupPrivacy by design for peerlyst meetup
Privacy by design for peerlyst meetup
 
Privacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam CompliancePrivacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam Compliance
 
Logikcull Webinar: Preventing the #1 Litigation Risk
Logikcull Webinar: Preventing the #1 Litigation Risk Logikcull Webinar: Preventing the #1 Litigation Risk
Logikcull Webinar: Preventing the #1 Litigation Risk
 
Security and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of ThingsSecurity and Privacy considerations in Internet of Things
Security and Privacy considerations in Internet of Things
 
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
Heather Enlow & Chris Ingram - Cybersecurity Act of 2015 and Other Hot Privac...
 
Interview With Eric Vanderburg, Cyber Security & Privacy Expert
Interview With Eric Vanderburg, Cyber Security & Privacy ExpertInterview With Eric Vanderburg, Cyber Security & Privacy Expert
Interview With Eric Vanderburg, Cyber Security & Privacy Expert
 

En vedette

Addressing Security Challenges of Mobility and Web 2.0 2009
Addressing Security Challenges of Mobility and Web 2.0 2009Addressing Security Challenges of Mobility and Web 2.0 2009
Addressing Security Challenges of Mobility and Web 2.0 2009Jason Edelstein
 
Azure Active Directory : on fait le point
Azure Active Directory : on fait le pointAzure Active Directory : on fait le point
Azure Active Directory : on fait le pointMaxime Rastello
 
The intersection of cool mobility and corporate protection
The intersection of cool mobility and corporate protectionThe intersection of cool mobility and corporate protection
The intersection of cool mobility and corporate protectionEnclaveSecurity
 
Arquitectura y Visión de Extreme Networks en el Data Center
Arquitectura y Visión de Extreme Networks en el Data CenterArquitectura y Visión de Extreme Networks en el Data Center
Arquitectura y Visión de Extreme Networks en el Data CenterExtreme Networks
 
Mobility Security - A Business-Centric Approach
Mobility Security - A Business-Centric ApproachMobility Security - A Business-Centric Approach
Mobility Security - A Business-Centric ApproachOmar Khawaja
 
Enterprise Mobility + Security : tour d'horizon
Enterprise Mobility + Security : tour d'horizonEnterprise Mobility + Security : tour d'horizon
Enterprise Mobility + Security : tour d'horizonMaxime Rastello
 
Secure Mobility with Analytics for the Private Cloud
Secure Mobility with Analytics for the Private CloudSecure Mobility with Analytics for the Private Cloud
Secure Mobility with Analytics for the Private CloudExtreme Networks
 
CIS14: Building Blocks for Mobile Authentication and Security
CIS14: Building Blocks for Mobile Authentication and SecurityCIS14: Building Blocks for Mobile Authentication and Security
CIS14: Building Blocks for Mobile Authentication and SecurityCloudIDSummit
 
Telus Analyst Briefing mobile security and managed mobility sept 2012 v6 gc ss
Telus Analyst Briefing mobile security and managed mobility sept 2012 v6 gc ssTelus Analyst Briefing mobile security and managed mobility sept 2012 v6 gc ss
Telus Analyst Briefing mobile security and managed mobility sept 2012 v6 gc ssGraham Chalk
 
Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Chris Genazzio
 
Security and Privacy in the current e-mobility charging infrastructure
Security and Privacy in the current e-mobility charging infrastructureSecurity and Privacy in the current e-mobility charging infrastructure
Security and Privacy in the current e-mobility charging infrastructureAchim Friedland
 
Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...
Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...
Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...Andris Soroka
 
IT Guide for Mobility: Making the case for Security leaders
IT Guide for Mobility: Making the case for Security leadersIT Guide for Mobility: Making the case for Security leaders
IT Guide for Mobility: Making the case for Security leadersCisco Mobility
 

En vedette (14)

Addressing Security Challenges of Mobility and Web 2.0 2009
Addressing Security Challenges of Mobility and Web 2.0 2009Addressing Security Challenges of Mobility and Web 2.0 2009
Addressing Security Challenges of Mobility and Web 2.0 2009
 
Azure Active Directory : on fait le point
Azure Active Directory : on fait le pointAzure Active Directory : on fait le point
Azure Active Directory : on fait le point
 
The intersection of cool mobility and corporate protection
The intersection of cool mobility and corporate protectionThe intersection of cool mobility and corporate protection
The intersection of cool mobility and corporate protection
 
Arquitectura y Visión de Extreme Networks en el Data Center
Arquitectura y Visión de Extreme Networks en el Data CenterArquitectura y Visión de Extreme Networks en el Data Center
Arquitectura y Visión de Extreme Networks en el Data Center
 
Mobility Security - A Business-Centric Approach
Mobility Security - A Business-Centric ApproachMobility Security - A Business-Centric Approach
Mobility Security - A Business-Centric Approach
 
Enterprise Mobility + Security : tour d'horizon
Enterprise Mobility + Security : tour d'horizonEnterprise Mobility + Security : tour d'horizon
Enterprise Mobility + Security : tour d'horizon
 
Secure Mobility with Analytics for the Private Cloud
Secure Mobility with Analytics for the Private CloudSecure Mobility with Analytics for the Private Cloud
Secure Mobility with Analytics for the Private Cloud
 
CIS14: Building Blocks for Mobile Authentication and Security
CIS14: Building Blocks for Mobile Authentication and SecurityCIS14: Building Blocks for Mobile Authentication and Security
CIS14: Building Blocks for Mobile Authentication and Security
 
Telus Analyst Briefing mobile security and managed mobility sept 2012 v6 gc ss
Telus Analyst Briefing mobile security and managed mobility sept 2012 v6 gc ssTelus Analyst Briefing mobile security and managed mobility sept 2012 v6 gc ss
Telus Analyst Briefing mobile security and managed mobility sept 2012 v6 gc ss
 
Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview
 
Security and Privacy in the current e-mobility charging infrastructure
Security and Privacy in the current e-mobility charging infrastructureSecurity and Privacy in the current e-mobility charging infrastructure
Security and Privacy in the current e-mobility charging infrastructure
 
Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...
Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...
Data Security Solutions @ Lithuania CIO Forum 2015 - Mobility will happen by ...
 
IT Guide for Mobility: Making the case for Security leaders
IT Guide for Mobility: Making the case for Security leadersIT Guide for Mobility: Making the case for Security leaders
IT Guide for Mobility: Making the case for Security leaders
 
Mobility switch security architecture scott calzia madani adjali
Mobility switch security architecture scott calzia madani adjaliMobility switch security architecture scott calzia madani adjali
Mobility switch security architecture scott calzia madani adjali
 

Similaire à BYOD - Mobility - Protection: security partnering with business

Secure mobile content SharePoint Best Practices Conference 2013
Secure mobile content SharePoint Best Practices Conference 2013Secure mobile content SharePoint Best Practices Conference 2013
Secure mobile content SharePoint Best Practices Conference 2013Mike Brannon
 
SplunkLive! Splunk for Insider Threats and Fraud Detection
SplunkLive! Splunk for Insider Threats and Fraud DetectionSplunkLive! Splunk for Insider Threats and Fraud Detection
SplunkLive! Splunk for Insider Threats and Fraud DetectionSplunk
 
Develop and Enforce a Bring-Your-Own-Device (BYOD) Policy
Develop and Enforce a Bring-Your-Own-Device (BYOD) PolicyDevelop and Enforce a Bring-Your-Own-Device (BYOD) Policy
Develop and Enforce a Bring-Your-Own-Device (BYOD) PolicyOracleIDM
 
Privacies are Coming
Privacies are ComingPrivacies are Coming
Privacies are ComingErnest Staats
 
Symantec Mobile Security Whitepaper June 2011
Symantec Mobile Security Whitepaper June 2011Symantec Mobile Security Whitepaper June 2011
Symantec Mobile Security Whitepaper June 2011Symantec
 
Mitigating the Top 5 Cloud Security Threats
Mitigating the Top 5 Cloud Security ThreatsMitigating the Top 5 Cloud Security Threats
Mitigating the Top 5 Cloud Security ThreatsBitglass
 
A Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOsA Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOsgppcpa
 
Aisha visram presentacion bmobilew 2015 rev 2
Aisha visram presentacion bmobilew 2015 rev 2Aisha visram presentacion bmobilew 2015 rev 2
Aisha visram presentacion bmobilew 2015 rev 2Aisha Visram
 
Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)Huntsman Security
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in MindGosia Fraser
 
Forcepoint Dynamic Data Protection
Forcepoint Dynamic Data ProtectionForcepoint Dynamic Data Protection
Forcepoint Dynamic Data ProtectionMarketingArrowECS_CZ
 
Webinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Webinar: Endpoint Backup is not Enough - You Need an End-user Data StrategyWebinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Webinar: Endpoint Backup is not Enough - You Need an End-user Data StrategyStorage Switzerland
 
CISSPCertified Information SystemsSecurity ProfessionalCop.docx
CISSPCertified Information SystemsSecurity ProfessionalCop.docxCISSPCertified Information SystemsSecurity ProfessionalCop.docx
CISSPCertified Information SystemsSecurity ProfessionalCop.docxmccormicknadine86
 
CISSPCertified Information SystemsSecurity ProfessionalCop.docx
CISSPCertified Information SystemsSecurity ProfessionalCop.docxCISSPCertified Information SystemsSecurity ProfessionalCop.docx
CISSPCertified Information SystemsSecurity ProfessionalCop.docxsleeperharwell
 
Ciso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data ExposedCiso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data ExposedElastica Inc.
 
SL_Long Beach_Creative Artists_12_04_2015
SL_Long Beach_Creative Artists_12_04_2015SL_Long Beach_Creative Artists_12_04_2015
SL_Long Beach_Creative Artists_12_04_2015Jon Papp
 
SplunkLive! Customer Presentation - SSA
SplunkLive! Customer Presentation - SSASplunkLive! Customer Presentation - SSA
SplunkLive! Customer Presentation - SSASplunk
 
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)Lacoon Mobile Security
 

Similaire à BYOD - Mobility - Protection: security partnering with business (20)

Secure mobile content SharePoint Best Practices Conference 2013
Secure mobile content SharePoint Best Practices Conference 2013Secure mobile content SharePoint Best Practices Conference 2013
Secure mobile content SharePoint Best Practices Conference 2013
 
SplunkLive! Splunk for Insider Threats and Fraud Detection
SplunkLive! Splunk for Insider Threats and Fraud DetectionSplunkLive! Splunk for Insider Threats and Fraud Detection
SplunkLive! Splunk for Insider Threats and Fraud Detection
 
Develop and Enforce a Bring-Your-Own-Device (BYOD) Policy
Develop and Enforce a Bring-Your-Own-Device (BYOD) PolicyDevelop and Enforce a Bring-Your-Own-Device (BYOD) Policy
Develop and Enforce a Bring-Your-Own-Device (BYOD) Policy
 
Privacies are Coming
Privacies are ComingPrivacies are Coming
Privacies are Coming
 
Symantec Mobile Security Whitepaper June 2011
Symantec Mobile Security Whitepaper June 2011Symantec Mobile Security Whitepaper June 2011
Symantec Mobile Security Whitepaper June 2011
 
BYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO'sBYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO's
 
Mitigating the Top 5 Cloud Security Threats
Mitigating the Top 5 Cloud Security ThreatsMitigating the Top 5 Cloud Security Threats
Mitigating the Top 5 Cloud Security Threats
 
A Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOsA Cybersecurity Planning Guide for CFOs
A Cybersecurity Planning Guide for CFOs
 
Aisha visram presentacion bmobilew 2015 rev 2
Aisha visram presentacion bmobilew 2015 rev 2Aisha visram presentacion bmobilew 2015 rev 2
Aisha visram presentacion bmobilew 2015 rev 2
 
mobile application security
mobile application securitymobile application security
mobile application security
 
Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in Mind
 
Forcepoint Dynamic Data Protection
Forcepoint Dynamic Data ProtectionForcepoint Dynamic Data Protection
Forcepoint Dynamic Data Protection
 
Webinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Webinar: Endpoint Backup is not Enough - You Need an End-user Data StrategyWebinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Webinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
 
CISSPCertified Information SystemsSecurity ProfessionalCop.docx
CISSPCertified Information SystemsSecurity ProfessionalCop.docxCISSPCertified Information SystemsSecurity ProfessionalCop.docx
CISSPCertified Information SystemsSecurity ProfessionalCop.docx
 
CISSPCertified Information SystemsSecurity ProfessionalCop.docx
CISSPCertified Information SystemsSecurity ProfessionalCop.docxCISSPCertified Information SystemsSecurity ProfessionalCop.docx
CISSPCertified Information SystemsSecurity ProfessionalCop.docx
 
Ciso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data ExposedCiso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data Exposed
 
SL_Long Beach_Creative Artists_12_04_2015
SL_Long Beach_Creative Artists_12_04_2015SL_Long Beach_Creative Artists_12_04_2015
SL_Long Beach_Creative Artists_12_04_2015
 
SplunkLive! Customer Presentation - SSA
SplunkLive! Customer Presentation - SSASplunkLive! Customer Presentation - SSA
SplunkLive! Customer Presentation - SSA
 
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)
 

Plus de Mike Brannon

Microsoft Security Advice ISSA Slides.pptx
Microsoft Security Advice ISSA Slides.pptxMicrosoft Security Advice ISSA Slides.pptx
Microsoft Security Advice ISSA Slides.pptxMike Brannon
 
Secure Your Cloud Migration - Secureworld 2019 Charlotte
Secure Your Cloud Migration - Secureworld 2019 CharlotteSecure Your Cloud Migration - Secureworld 2019 Charlotte
Secure Your Cloud Migration - Secureworld 2019 CharlotteMike Brannon
 
Move Securely to the Microsoft Cloud
Move Securely to the Microsoft CloudMove Securely to the Microsoft Cloud
Move Securely to the Microsoft CloudMike Brannon
 
SharePoint Best Practices Conference 2013
SharePoint Best Practices Conference 2013SharePoint Best Practices Conference 2013
SharePoint Best Practices Conference 2013Mike Brannon
 
Search for Overview for SC Upstate SP users
Search for Overview for SC Upstate SP usersSearch for Overview for SC Upstate SP users
Search for Overview for SC Upstate SP usersMike Brannon
 
Mobile Device Security - Responsible Not Repressive
Mobile Device Security - Responsible Not RepressiveMobile Device Security - Responsible Not Repressive
Mobile Device Security - Responsible Not RepressiveMike Brannon
 
NGC records management - SP2010 RM Features
NGC records management - SP2010 RM FeaturesNGC records management - SP2010 RM Features
NGC records management - SP2010 RM FeaturesMike Brannon
 
Mobile Devices Securely Accessing SharePoint
Mobile Devices Securely Accessing SharePointMobile Devices Securely Accessing SharePoint
Mobile Devices Securely Accessing SharePointMike Brannon
 
Smartphone security
Smartphone securitySmartphone security
Smartphone securityMike Brannon
 
Find It With Share Point Search
Find It With Share Point SearchFind It With Share Point Search
Find It With Share Point SearchMike Brannon
 

Plus de Mike Brannon (10)

Microsoft Security Advice ISSA Slides.pptx
Microsoft Security Advice ISSA Slides.pptxMicrosoft Security Advice ISSA Slides.pptx
Microsoft Security Advice ISSA Slides.pptx
 
Secure Your Cloud Migration - Secureworld 2019 Charlotte
Secure Your Cloud Migration - Secureworld 2019 CharlotteSecure Your Cloud Migration - Secureworld 2019 Charlotte
Secure Your Cloud Migration - Secureworld 2019 Charlotte
 
Move Securely to the Microsoft Cloud
Move Securely to the Microsoft CloudMove Securely to the Microsoft Cloud
Move Securely to the Microsoft Cloud
 
SharePoint Best Practices Conference 2013
SharePoint Best Practices Conference 2013SharePoint Best Practices Conference 2013
SharePoint Best Practices Conference 2013
 
Search for Overview for SC Upstate SP users
Search for Overview for SC Upstate SP usersSearch for Overview for SC Upstate SP users
Search for Overview for SC Upstate SP users
 
Mobile Device Security - Responsible Not Repressive
Mobile Device Security - Responsible Not RepressiveMobile Device Security - Responsible Not Repressive
Mobile Device Security - Responsible Not Repressive
 
NGC records management - SP2010 RM Features
NGC records management - SP2010 RM FeaturesNGC records management - SP2010 RM Features
NGC records management - SP2010 RM Features
 
Mobile Devices Securely Accessing SharePoint
Mobile Devices Securely Accessing SharePointMobile Devices Securely Accessing SharePoint
Mobile Devices Securely Accessing SharePoint
 
Smartphone security
Smartphone securitySmartphone security
Smartphone security
 
Find It With Share Point Search
Find It With Share Point SearchFind It With Share Point Search
Find It With Share Point Search
 

Dernier

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 

Dernier (20)

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 

BYOD - Mobility - Protection: security partnering with business

  • 1. Are We the Watchers or Their Partners? Mike Brannon, National Gypsum
  • 2. National Gypsum Company is a fully integrated building products manufacturer Headquartered in Charlotte, NC with mines and quarries, and manufacturing plants across North America
  • 3. Charlotte Metro ISSA Email us at info@charlotteissa.org Twitter: @cltissa http://www.charlotteissa.org/ ISSA local chapter delivers excellent and low cost Security Training, hosts an annual Summit event and sponsors UNCC scholarships Frequent gatherings to share practices and network – support from sponsor / partners for meetings – Next Meeting 8/27/13 at NGC HQ – and TacoMac Please Join Us!
  • 4. 4 4 We Are The Watchers… Only We Understand Threats… We Must Not Let Them Pass!
  • 5. 5 5 The more the CIO/CISO says no, the less secure the organization becomes. Vivek Kundra, Former U.S. Federal CIO Be responsible, not restrictive Mike Brannon, National Gypsum
  • 6. 6 6 NGC Example: BYOD/Mobility Business Needs: • Business needed improved mobile access • Devices of their choice, ‘native interfaces’ on devices • Explosion of options for devices, apps on app stores… Security Concerns: • Recently gained control of company provided PCs – Now we allow any chosen device / app? • Limited support / management resources in IT • Serious concerns about responsible content management (both Security and Legal teams)
  • 8. 8 8 The perimeter is gone Copy/Paste Open-in Forward
  • 10. 10 10 Open In Copy Save View SharePoint documents Open In Copy Save View Email attachments MobileIron Confidential 10 Secure your document repositories • Solve “open in” problem • Store documents securely on device • Control cut / copy / paste actions • Selectively wipe documents • Prevent unauthorized distribution • Control end-to-end with policy • Leverage existing content repositories • Prevent use of unauthorized tools – – DropBox for example Open In Copy Save View Box shared documents
  • 11. 11 11 Securing email attachments 11 Email App Secure Content Viewer Email with Attachment REMOVE
  • 12. 12 12 Colligo App Viewer Securing SharePoint 12 REMOVE Sharepoint
  • 13. 13 13 Closed-loop actions when compromised 13 Remediation Notify Block Quarantine Closed-loop actions • Notify user and admin • Prevent access • Remove saved files • Remove SharePoint config • Protect enterprise persona MobileIron Confidential
  • 14. 14 14 National Gypsum Implementation • Risks / Threats Addressed: – Loss of Company Data / Lost Devices / Departing Employees – All Devices and Users Registered / Security Policies Enforced – Ease of Use for Employees AND Improved Security & Efficiency • What We Deployed (And Timeline) – MobileIron device (VSP) and support (Sentry) – All Smartphones – Blackberry (now gone), Apple iOS and Android Devices – Push Secure WiFi Config to Minimize Data Use On Premise – Rush To Adopt iPads – From 0 to 100’s of Devices! – More than email access! Apps for SharePoint and Data! – Manage “Allowed” and “Disallowed” Settings / Apps (DropBox) • Replaced with BOX Enterprise – Block ALL Other “Web Content Stores” – Leverage Internal PKI and Push Webclips – Deliver Business Data
  • 15. 15 15 • Where Are We Now? – BES Retired – 70% iOS, 25% Android, 5% Windows Devices – User/Device Configuration Management Implemented – iPad is currently only supported Tablet – • Actively testing Samsung SAFE Android, others (Nexus, Surface) – Plans to allow Windows 8 and MAC OS/X BYOD – Colligo Briefcase for SharePoint Document Access – BOX for External Data Sharing with Partners – Two Apps Deployed on iOS with “One Tap For Data” • Certificates delivered to Device and to User (SCEP/MobileIron) • Invisible Authentication via Juniper Secure Access • IIS Web Server & Application Configuration – “Last Seen User State” • HTML5 / JavaScript to deliver SQL and Mainframe Data National Gypsum Implementation
  • 17. 17 17 Content doesn’t exist in isolation Enterprise Mobile Persona Native experience Data separation Shared policy Selective wipe Secure communications Email Apps Certs Policy Content Federated identity
  • 18. 18 18 Security considerations 2013+ … “No” not a sustainable option -> provide credible alternatives Massive content ecosystem -> crowd-source but don’t lock-in Uncertain economics -> establish “help-yourself-desk” Dynamic risk at endpoint -> automate your mobile trust model Content always one-click from cloud -> co-habitate responsibly Blurring between content and app -> explore new forms
  • 19. 19 19 Security Partnering With Business… Understand incentives of others-> help them look good first Seek to understand -> ask questions, don’t issue demands Uncertain economics -> agile, incremental work not big bang Add value always -> strive to integrate security transparently Leverage outside partners-> “Wall Watchers” contract MSS Be flexible and recalibrate -> build stakeholders and allies
  • 20. Thank you - Resources Mike Brannon (mebrannon@nationalgypsum.com http://www.charlotteissa.org/

Notes de l'éditeur

  1. Info Security is full of challenges – Technical challenges getting things to work at all – http://adversari.es/blog/2013/06/19/cant-we-all-just-get-along/The ‘JERK PROBLEM’Interlude: we are the watchers on the wallsMany in the Infosec community are fond of casting the security world as “us versus them,” where “they” aren’t external, malicious actors but unaware users, clueless managers, and bumbling executives within our own organizations. We like to see ourselves as the Night’s Watch of the tech world: out in the cold with little love or support, putting in long nights protecting the realm against the real threats (which the pampered never take seriously) so everyone else can get on with their lives in comfort. We develop a jaundiced attitude: only we understand the real danger, we think, and while we’re doing our best to stave off outsider threats, when the long night comes we need fast and unquestioning cooperation from the rest of the organization lest (hopefully metaphorical) frozen undead kill us all.
  2. EmpathyThe jaundiced attitude among Infosec mentioned above, coupled with differing incentive structures, has an unfortunate tendency to spill over into external interactions. If 90% of lunch conversations are complaints about how terrible users are, how management doesn’t get it, and how the dev team on Project Foo are a bunch of incompetent turd-burglars — the next time you have to meet with Project Foo’s team, you’ll be hard-pressed to give them a fair hearing as they explain how their lack of proper resources and mountain of technical debt prevent them from addressing problems properly.When we go for the easy answers:This {system, product, device, network} is {insecure, vulnerable, unsafe, slow, broken, unprofitable, incomplete, poorly designed, ugly} because the {designer, manager, dev team, executives, QA, sales} {is incompetent, is lazy, doesn’t care about security, is an asshat}we erode our ability to evaluate the true cause of a situation. (Social psychology refers to this as the Fundamental Attribution Error – the tendency to attribute others’ mistakes to their inherent failings, while attributing our own mistakes to the situation at hand.) We damage our reputation (and that of Infosec as a field), make ourselves unpleasant to deal with, and generally make the world a worse place.We also get used to thinking of people and teams in that way. We genuinely become less kind people.
  3. Lost Devices – From the beginning we could assist with trying to find devices, and we could SELECTIVELY wipe our corporate data and configuration from the devicesSome devices will appear to accept ActiveSync host directives – but then NOT actually do it! An Agent on the device, using the MFG API – does enforce our policy!Installation – Obtain the App in the store – then one very simple registration to then connect to the device and user – Interaction with Active Directory, policy engine in MI and our internal PKI – full configuration “appears” after registration!
  4. We went from more than 900 devices managed via our BES to none in 5 years.Those Blackberry devices were replaced by a much more diverse set of devices all chosen by our employees – NOT by the IT Group!We are certain that the new fleet of devices is at least as secure – if not more secure – than the old one! We have BYOD working securely!In addition the setup and management of the new fleet of diverse devices works very efficiently and delivers data people need to do their jobs better!(Old BES only delivered email / calendar – NOT Apps!)
  5. We went from more than 900 devices managed via our BES to none in 5 years.Those Blackberry devices were replaced by a much more diverse set of devices all chosen by our employees – NOT by the IT Group!We are certain that the new fleet of devices is at least as secure – if not more secure – than the old one! We have BYOD working securely!In addition the setup and management of the new fleet of diverse devices works very efficiently and delivers data people need to do their jobs better!(Old BES only delivered email / calendar – NOT Apps!)