1 Managing Remote and Mobile Workers Adam Licata, Enterprise Mobility SE, TSO Brian Sheedy, Sr. Principal TEC, Endpoint Management Managing Remote and Mobile Workers
1
Managing Remote and Mobile Workers
Adam Licata, Enterprise Mobility SE, TSO
Brian Sheedy, Sr. Principal TEC, Endpoint Management
Managing Remote and Mobile Workers
SYMANTEC VISION 2014
Today’s Workforce
Managing Remote and Mobile Workers 2
• 79% employees favor working remotely
• 87% use a laptop
• 80% use a smartphone
• 49% use a tablet
Source: Gallup Poll 4/30/14 http://www.gallup.com/poll/168794/workers-upside-staying-connected-work.aspx
SYMANTEC VISION 2014
SYMANTEC VISION 2014
SYMANTEC VISION 2014
Ownership Irrelevance
Managing Remote and Mobile Workers 5
• BYOD, CYOD, COPE, etc.
• Security requirements do not change
• Protect the data, apps, and resources
• Solution should support multiple models
Source: Gallup Poll 4/30/14 http://www.gallup.com/poll/168794/workers-upside-staying-connected-work.aspx
SYMANTEC VISION 2014
Manage BYOD and Corporate Devices
6
3
2 1
Un
man
aged
Man
aged
Company Owned Personally Owned
Managed Apps & Data Only
Managed Personal Device Corporate Device
Unmanaged Device
BYOD
Application Management
Identity Management
Device Management
Threat Protection
Application Management
Identity Management
Threat Protection
Device Management
Threat Protection
Application Management
Identity Management
Symantec Enterprise Mobility
SYMANTEC VISION 2014
Productivity vs. and Security
Managing Remote and Mobile Workers 7
• Users choose path of least resistance to get the job done
• Enable them, don’t disable
• Choose least invasive security approach
• Account for ownership model
Productivity Security
SYMANTEC VISION 2014
Device Consistency
Managing Remote and Mobile Workers 8
• Implement security for both mobile and desktop
• Be aware of unique risks to mobile
• Physical access
• Location
• Personal use
• Untrusted App Stores
SYMANTEC VISION 2014
Focus on Apps
Managing Remote and Mobile Workers 9
• Cannot assume the device is secure
• Apps handle sensitive data
• At rest
• In motion
• Leverage MAM for mobility
• App wrapping
• Containerization
• Sandboxing
SYMANTEC VISION 2014
Approaches to App Security
• Done in one of three ways:
1. Encrypted Sandbox
2. Hypervisor
3. Wrapping
• Isolates and encrypts
• Per app container
• Allows/disallows OS or app access in/out of the container
• Most require code edits
• Important!
– Solution re-signs app w/out code change
– No rooting or jailbreaking required
– Integrated access control
Containerization App Wrapping
Managing Remote and Mobile Workers
SYMANTEC VISION 2014
VPN is not the Answer
Managing Remote and Mobile Workers 11
• Do not rely on VPN for remote management
• Users do not consistently use VPN
• Causes obsolete inventory/tracking data
• VPN is at the device level, not application level
• BYOD = personal apps accessing corporate networks
VPN Concentrator
SYMANTEC VISION 2014
Remote Management with Symantec
Managing Remote and Mobile Workers 12
Mobile Devices (iOS and Android)
• App Center with Secure App Proxy
Endpoint Management (Windows)
• Altiris ITMS with Cloud Enabled Management (CEM)
SYMANTEC VISION 2014
Symantec Secure App Proxy
Presentation Identifier Goes Here 13
Traffic from Symantec wrapped apps is rerouted to Proxy
Access to Corporate Network from specific corporate apps only
Traffic from personal apps untouched
Personal traffic does not traverse corporate network
Symantec App Proxy allows corp traffic through
SYMANTEC VISION 2014
Enforce Compliance for Mobile Devices
Presentation Identifier Goes Here 14
Managing Remote and Mobile Workers 15
Boundaryless Endpoint Management
SYMANTEC VISION 2014
Common IT challenges
Managing Remote and Mobile Workers 16
“How do I manage users who rarely connect to the corporate network?”
“How do I manage all the new devices and software coming into my environment?”
“How can I make sure we are not over or under
buying software licenses and are in compliance
with our license agreements?”
“How do I protect my corporate assets and network from
vulnerabilities?”
Managing Remote and Mobile Workers 17
How does Symantec Endpoint Management address these challenges?
SYMANTEC VISION 2014
Manage anywhere across remote sites and users
18
• Securely manage users anywhere on the
internet and eliminate the need for
dedicated VPN or leased lines
• Easily support and manage distributed
locations regardless of bandwidth
constraints
• Maximize administrator to managed
device ratios
• Cloud Enabled Management for Windows
Symantec Endpoint Management
Travel Home
Remote Office
Managing Remote and Mobile Workers
SYMANTEC VISION 2014
Cloud Enabled Management
Managing Remote and Mobile Workers 19
Internal External DMZ
CeM
Agent
Internet Gateway
Internal Firewall
External Firewall
Gateway blocks
un-trusted
connections
Secure connection No VPN required
Notification Server
(SMP)
Internet
SYMANTEC VISION 2014
CeM Architecture
Internal External DMZ
CeM
Agents Internet
Gateways
Notification Servers
Internet
Managing Remote and Mobile Workers
SYMANTEC VISION 2014
Cloud Enabled Management Functionality in ITMS 7.5
21 Managing Remote and Mobile Workers
• CeM for Windows endpoints
• Inventory Gathering
• Software Distribution
• Application Metering
• Patch Management
• Basic Client Tasks
• Hierarchy and Replication
Symantec Endpoint Management
SYMANTEC VISION 2014
End-to-end software management
22
• Common data model provides a single
place for purchases/contracts, single
definition of software, single interface for
different users
• Advanced reporting supports financial
costs, departmental expense for
chargeback, alerts on renewal activities,
and trending over time
• Automatic harvesting processes
• Single click application virtualization
• Deploy, update, and run SEP
Symantec Endpoint Management
Managing Remote and Mobile Workers
SYMANTEC VISION 2014
Broad patch management
23
• Support for multiple platforms and over
50 non-Microsoft applications –
including all browsers and plug-ins
• Routine analysis and compliance
enforcement of applied patches
• Advanced analytic reporting and metrics
• Automation routines to simplify process
• Integration with Symantec’s endpoint
security, compliance and data loss
solutions
Symantec Endpoint Management
Managing Remote and Mobile Workers
SYMANTEC VISION 2014
Data insight for faster remediation and planning
24
• Easily access and share business data
• Measure improvement with key
performance indicators (KPIs)
• Analyze trends over time
• Powerful on-the-fly reporting and charts
• Fast remediation with dynamic,
actionable summaries
Symantec Endpoint Management
Managing Remote and Mobile Workers
SYMANTEC VISION 2014
Free yourself from the office
Managing Remote and Mobile Workers 25
iOS Remote Access Console
Consistent experience from the iPad to the Console
Fast access to device summaries
Quickly verify status of policies and tasks
Remediate issues, including remote control
Thank you!
Copyright © 2014 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.
26
SYMANTEC VISION 2014
Symantec Endpoint Management
IT Management Suite
Client Management • Provisioning • Inventory • Software management • Patch management • Application virtualization • Remote management • Reporting and analytics
Server Management • Provisioning • Inventory • Software management • Patch management • VM management • Server monitoring • Reporting and analytics
Asset Management • Asset tracking • Barcode scanning • Contract management • Compliance • Reporting and analytics
Data Loss Prevention Mobile Management
Endpoint Protection Encryption
Complementary Solutions
27 Managing Remote and Mobile Workers
SYMANTEC VISION 2014
Solution Overview: Mobile Management Suite
App Management Threat Protection Device Management
App Center Unified Management Platform
28 Enterprise Mobility - Customer Update