This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
ENTERPRISE MOBILE SECURITY– Senior executives want to use iPhones, iPads, Androids and
other mobile devices to access corporate data– New business requirements for tablets, e.g. retail, medical – Consumerisation / BYOD – expand mobile workforce cost
effectively
What are the risks?What security can be applied?How to securely enable apps?
SECURITY RISKS– Malware / malicious apps– No (or poorly implemented) encryption– Jailbroken operating systems– SMS– Data loss – corporate / personal emails– Data loss – email attachments / Dropbox– Sync and backup – to home PC and iCloud– Malicious, compromised, or inappropriate web sites
The continued growth of mobile phone adoption globally is driving growth in the mobile malware sector. While malware targeting the Symbian platform is still the most prevalent, there has been a sea change in top targets in 2011. In Q3 nearly all of the malware samples discovered by McAfee Labs targeted the newer and more popular (now) Android platform.
Q1 09
Q2 09
Q3 09
Q4 09
Q1 10
Q2 10
Q3 10
Q4 10
Q1 11
Q2 11
Q3 11
0200400600800
100012001400
data from McAfee
iOS – two viruses detected to date, both only effective against jailbroken devices
ENTERPRISE MOBILE SECURITY MODEL Enable Applications• e-mail, calendar and contacts• Business applications
Sandbox• Protect corporate data• Control Interaction with host
Enforce Mobile Security• Device Password• Encryption• Whitelist or blacklist Apps• Connection methods• Block jailbroken devices• Remote wipe• Control synchronisation• Mobile Anti-Virus• Personal Firewall
Device Management• Monitor and audit• Reporting and alerts• Remote unlock
EXAMPLE: UK POLICE MOBILE DATA– Balfour Beatty Workplace– Mobile data workflow and information– Police outsource contract– Police / UK Government security
standards– Ease of use – “invisible” security– Solution: SSL VPN / lockdown /
– Strong demand for business use of mobile devices – Multiple security risks– Need to enable enterprise applications– Solutions available– No solution is perfect!