Securing Mobile Devices for BYOD Environments Nate Kaminski nkaminski@lancope.com Thank you for joining. We will begin shortly. Joe Yeager jyeager@lancope.com.

Securing Mobile Devices for BYOD Environments

Nate Kaminskinkaminski@lancope.com

Thank you for joining. We will begin shortly.

Joe Yeagerjyeager@lancope.com

Can you hear me?

NO…

1. Turn on/up the volume on your computer speakers

- or -

2. Teleconference into the webcasta. Tick the ‘Request’ box under the

‘Participants’ panel on the right hand side of your screen

Participant

Agenda

Introduction Mobile Device Fast Facts The BYOD Problem “Solutions” to BYOD Lancope Solution to BYOD Conclusion

3

4

What is BYOD?

According to IDC estimates, mobile devices will outship PC’s in 2012 by more than 2 to 1 and mobile device spending will exceed PC spending, growing 4 times as fast. 1

Aberdeen estimates nearly 75 percent of companies currently allow employee-owned smartphones and/or tablets to be used at work. 2

Garter finds that 90 percent of organizations will support corporate applications on personal devices by 2014. 3

Mobile Device are Here to Stay

2:1 90

%75%

4XShipping Spending

Work Use Corp Apps

1: http://events.idc-cema.com/dwn/SF_52232_top_10_preditions_2012.pdf2: http://www.itworld.com/mobile-wireless/151839/75-enterprises-have-byod-policies-53-support-ipads3: http://www.gartner.com/it/page.jsp?id=1480514

5

Organizations should embrace BYOD

According to the Cisco Connected World Technology Report, 1

– 40% of college students would accept a lower-paying job that had flexible IT

– 70% of young workers ignore IT rules

ISACA has found through surveys that– Almost half of young professionals use their own

personal device at work. 2

– Over half of all IT leaders in the U.S. say that employee-owned mobile devices pose a greater risk to the enterprise than mobile devices supplied by the company. 3

1: http://www.cisco.com/en/US/netsol/ns1120/index.html 2: http://www.isaca.org/Pages/Survey-Online-Shopping-Risks-2011.aspx 3: http://www.isaca.org/Pages/Survey-Risk-Reward-Barometer.aspx

6

7

The “BYOD Problem”

Most organizations have… Scarce knowledge of what the device, operating system, or patch

level is Limited control over policy for what resources device can and

cannot access Incomplete information about whose device it is Lack of visibility into what the device is doing on the internal

network and how confidential data is moving around Little understanding of the impact of the device on the network

BYOD: Proposed Solutions by the Security Industry

8

Say No to BYOD BYOD is here whether you embrace it or not

Install agents on the devices You have limited control over the employee’s device

Convert the device to a corporate one

Don’t forget the Your Own part of BYOD

Install more network probes Not a cost-effective nor scalable solution

BYOD REQUIRESA DIFFERENTAPPROACH

Network Security Monitoring Using the Network

9

InternetAtlanta

San Jose

New York

ASR-1000

Cat6k

UCS withNexus 1000v

ASACat6k

3925 ISR

3560-X

3750-XStack(s)

Cat4kDatacenter

WAN

DMZ

Access

9

Cisco Infrastructure Provides the Intelligence...

10

InternetAtlanta

San Jose

New York

ASR-1000

Cat6k

UCS withNexus 1000v

ASACat6k

3925 ISR

3560-X

3750-XStack(s)

Cat4kDatacenter

WAN

DMZ

Access

NetFlowNetFlow

NetFlow

NetFlow

NetFlow

NetFlow

NetFlow

NetFlow

NetFlow

NetFlow

NetFlow

NetFlow

NetFlow

NetFlow

NetFlowNetFlow

10

Internal Visibility from Edge to Access...

InternetAtlanta

San Jose

New York

ASR-1000

Cat6k

UCS withNexus 1000v

ASACat6k

3925 ISR

3560-X

3750-XStack(s)

Cat4kDatacenter

WAN

DMZ

Access

Lancope NetFlow Collector

StealthWatch – A Complete, Integrated Family of Products

Behavior-based flow monitoring

Contextual awareness– Identity– Device– Application– Virtual

The Concern IndexTM

Relational Flow MappingTM

Point of ViewTM

Advanced Querying & Reporting

12

Management Reporting

Custom Dashboards

RelationalFlow Maps

Security Monitoring

Forensics Anomaly Detection

Compliance Mitigation

Network Performance Monitoring

Trouble-shooting

Service Delivery

WAN Optimization

Capacity Planning

APPLICATION AWARENESS

IDENTITY AWARENESS

VIRTUAL AWARENESS

Behavioral Analysis

Flow Collection

StealthWatch

DEVICE AWARENESS

13

StealthWatch Answers The Tough Questions

Who

What

Where

When

How

owns the device

the device is doing

the device is on the network

the device is impacting the network

the device was on the network

StealthWatch can show you…

StealthWatch Monitors BYOD Environments

Monitors the entire internal network by passively collecting data from existing infrastructure and does not use agents, install software, or in any way modify the employee’s device.

StealthWatch monitors and records everything that every user on any device running any operating system is doing on the network and how the network is affected by the user’s actions.

Utilizing patented behavioral analysis techniques, StealthWatch determines whether any device is acting suspiciously, is accessing privileged resources outside of its policy.

14

Behavior-based Analysis

15

Critical Servers Tablet computersMobile phones Marketing

Company with StealthWatch

Company with Legacy Monitoring

Tools

To Enable Early Interjection BEFORE CrisisIm

pact

to th

e Bu

sine

ss (

$ )

Time

credit card data compromised

*

attack identified*

vulnerability closed

*CRISIS REGION

*attackthwarted*early

warning

*attackidentified

*vulnerability closed

attackonset

*

StealthWatchReduces MTTK

Network activity is correlated with user and device information along with physical location on the network And you can also start with the user or device you are looking for and look at its network activity

WHAT

WHO

WHEN

StealthWatch: The Solution for BYOD Environments

18

StealthWatch: The Solution for BYOD Environments

And can drill down to the exact flow:WHEN

HOW BAD

WHO

WHAT

19

StealthWatch: The Solution for BYOD Environments

Including which devices in the network it crossed:

WHY

WHERE

Quick Recap

• BYOD is already hereEmbrace it

• Other solutions do not meet the needs of BYODPrevent BYODInstall agentsChange the deviceInstall more network probes

• With StealthWatch you can gain visibility into every device on your networkUsing your existing infrastructureAnswer the tough who, what, where, when, why, and how questions

• Once you’ve enabled flow collection you can...Gain deep traffic analysis and network visibilityDetect attacks and network anomalies

20

Next Steps

Contact Lancope:

Joe Yeagerjyeager@lancope.com

Lancopesales@lancope.com

Lancope Marketingmarketing@lancope.com

Visit Lancope @ Blackhatfor a live demo of the StealthWatch System & pick-up your free copy of “NetFlow Security Monitoring for Dummies” book.

21

Questions

Webhttp://www.lancope.com

Blog

http://netflowninjas.lancope.com

Twitter@netflowninjas

LinkedIn : NetFlow Ninjashttp://www.linkedin.com/groups?about=&gid=2261596&trk=anet_ug_grppro

NetFlow Ninjas Challenge http://www.lancope.com/netflow-ninja-quiz

22

Webinar with Forrester Research

23 ©2012 Lancope , Inc. All Rights Reserved.