byod - build your own defense
TRANSCRIPT
![Page 1: BYOD - Build Your Own Defense](https://reader035.vdocument.in/reader035/viewer/2022062412/58eefada1a28ab743a8b4603/html5/thumbnails/1.jpg)
Build Your Own Defense
Abbas Ali Khumanpur, CISSPSecurity Consultant, STARLINK
ISC2 Kuwait ChapterMeet
13th May 2015
![Page 2: BYOD - Build Your Own Defense](https://reader035.vdocument.in/reader035/viewer/2022062412/58eefada1a28ab743a8b4603/html5/thumbnails/2.jpg)
AGENDA
• Evolution of Computing Space
• Why BYOD Matters
• Threat Vectors on Mobile
• BYOD Strategy
• Multiple OS & Platforms• IOS• Android• Microsoft 10
![Page 3: BYOD - Build Your Own Defense](https://reader035.vdocument.in/reader035/viewer/2022062412/58eefada1a28ab743a8b4603/html5/thumbnails/3.jpg)
Evolution of Computing Space
SOURCES: Asymco.com, Public Filings, Morgan Stanley Research, Gartner, IDC
The PC/Web Era The Post-PC EraThe Mobile/BYOD Era
![Page 4: BYOD - Build Your Own Defense](https://reader035.vdocument.in/reader035/viewer/2022062412/58eefada1a28ab743a8b4603/html5/thumbnails/4.jpg)
Mainframe EraApplications and Data…
behind a Glass Wall.
PC EraApplications and data on our desks…trapped at work.
Web EraAll-access, apps and content…
everywhere
![Page 5: BYOD - Build Your Own Defense](https://reader035.vdocument.in/reader035/viewer/2022062412/58eefada1a28ab743a8b4603/html5/thumbnails/5.jpg)
BYOD EraAny app and data
For personal and work
On a device we love
Wherever we are
Mobile will unlock human potential in the Workplace
![Page 6: BYOD - Build Your Own Defense](https://reader035.vdocument.in/reader035/viewer/2022062412/58eefada1a28ab743a8b4603/html5/thumbnails/6.jpg)
Why BYOD Matters &Should you be worried?
• Smartphone and Tablet Technologies evolving and changing very rapidly.
• Empower Workforce through “Consumerisation of IT”• Ultimate goal: Increased Productivity with reduced costs.
BYOD DARK SIDE:• If BYOD not understood & regulated correctly, it THREATENS IT
Security
![Page 7: BYOD - Build Your Own Defense](https://reader035.vdocument.in/reader035/viewer/2022062412/58eefada1a28ab743a8b4603/html5/thumbnails/7.jpg)
Threat Vectors on Mobile are Different from PC
![Page 8: BYOD - Build Your Own Defense](https://reader035.vdocument.in/reader035/viewer/2022062412/58eefada1a28ab743a8b4603/html5/thumbnails/8.jpg)
Building a Successful BYOD Strategy
• According to Gartners, 90% of Enterprises (with >500 Employees) have already deployed Mobile Devices and many don’t have a STRATEGY.
• BYOD is more than just shifting ownership of device to the employee.
• It has complex and hidden implications.
![Page 9: BYOD - Build Your Own Defense](https://reader035.vdocument.in/reader035/viewer/2022062412/58eefada1a28ab743a8b4603/html5/thumbnails/9.jpg)
Sustainability
• Secure corporate data• Minimize cost to implement and enforce• Preserve user experience• Stay up-to-date with user preference and technology
innovation
“User experience is the litmus test for policy sustainability”
![Page 10: BYOD - Build Your Own Defense](https://reader035.vdocument.in/reader035/viewer/2022062412/58eefada1a28ab743a8b4603/html5/thumbnails/10.jpg)
Device Choice
BYOD Policy needs to be built around Device Choice
• Analyzing employee preference
• Define an Acceptable Baseline: Security and supported features
• Establishing clear communication to users about which devices are allowed or not, and why
• Ensuring the IT team has the bandwidth to stay up-to-date:
![Page 11: BYOD - Build Your Own Defense](https://reader035.vdocument.in/reader035/viewer/2022062412/58eefada1a28ab743a8b4603/html5/thumbnails/11.jpg)
Trust Model
“The trust level of a mobile device is dynamic”
• Identifying and assessing risk for common security posture issues on personal devices
• Defining remediation options (notification, access control, quarantine, selective wipe):
• Setting tiered policy: “Based on Ownership”
![Page 12: BYOD - Build Your Own Defense](https://reader035.vdocument.in/reader035/viewer/2022062412/58eefada1a28ab743a8b4603/html5/thumbnails/12.jpg)
User Experience & Privacy
The core tenet of successful BYOD deployments is preservation of user experience.
• User experience should not be compromised
• Identifying the activities and data IT will monitor
• Clarifying the actions IT will take and under what circumstances
Transparency will create trust
![Page 13: BYOD - Build Your Own Defense](https://reader035.vdocument.in/reader035/viewer/2022062412/58eefada1a28ab743a8b4603/html5/thumbnails/13.jpg)
Liability• Important Considerations around BYOD liability
include:
• Assessing liability for personal web and app usage
• Evaluating the nature of BYOD reimbursement
• Assessing the risk and resulting liability of accessing and damaging personal data.
(for example, doing a full instead of selective wipe by mistake)
![Page 14: BYOD - Build Your Own Defense](https://reader035.vdocument.in/reader035/viewer/2022062412/58eefada1a28ab743a8b4603/html5/thumbnails/14.jpg)
Managing OS & Platforms
![Page 15: BYOD - Build Your Own Defense](https://reader035.vdocument.in/reader035/viewer/2022062412/58eefada1a28ab743a8b4603/html5/thumbnails/15.jpg)
Apple IOS
![Page 16: BYOD - Build Your Own Defense](https://reader035.vdocument.in/reader035/viewer/2022062412/58eefada1a28ab743a8b4603/html5/thumbnails/16.jpg)
Android
Lollipop was clearly designed to change perceptions of vulnerability and fragmentation.
Android Lollipop
![Page 17: BYOD - Build Your Own Defense](https://reader035.vdocument.in/reader035/viewer/2022062412/58eefada1a28ab743a8b4603/html5/thumbnails/17.jpg)
Android For Work
![Page 18: BYOD - Build Your Own Defense](https://reader035.vdocument.in/reader035/viewer/2022062412/58eefada1a28ab743a8b4603/html5/thumbnails/18.jpg)
Android For Work
• Securely Deploying Enterprise Apps
• New APIs that Support Android for Work
• Separate Encryption Layer
• Separate Android for Work App Screenlock
![Page 19: BYOD - Build Your Own Defense](https://reader035.vdocument.in/reader035/viewer/2022062412/58eefada1a28ab743a8b4603/html5/thumbnails/19.jpg)
![Page 20: BYOD - Build Your Own Defense](https://reader035.vdocument.in/reader035/viewer/2022062412/58eefada1a28ab743a8b4603/html5/thumbnails/20.jpg)
Thank You !!!