Download - Enterprise Mobility Management
webinars.plantemoran.com
Enterprise Mobility Management
webinars.plantemoran.com
Presenters
Karl Zager, Consulting Manager- Plante Moran, Technology Consulting & SolutionsKarl specializes in the transition of IT for mergers and acquisitions. His work with both U.S. and non U.S. investors has included IT due diligence prior to the acquisition and post-acquisition, the development of a new IT organization structure, global infrastructure design, and project management of the entire IT transition. Karl has spent more than 25 years designing, implementing, and supporting IT infrastructure from the high level global network planning to router configuration and packet analysis. His projects have included Michigan’s two largest counties, school districts, leading hospitals, and the U.S. Military. Karl has received a Network Architect certification from Pine Mountain Group. Karl has a Bachelor of Science in Electronic Engineering Technology from Lawrence Technological University.
Marv Sauer, Consulting Manager – Plante Moran, Technology Consulting & SolutionsMarv has more than 25 years taking clients from initial strategic planning through the successful implementation of a variety of proven and leading edge technologies. He is a talented facilitator of small to large groups working with personnel ranging from end users to executive management. Marv has given presentations at local and national conferences on topics such as Building the Network of Tomorrow, Today and With Strategic Planning First, Successful Implementation Follows. Marv holds a Master of Business Administration in Finance from the University of Michigan and a Bachelor of Science in Math and Computer Science from the University of California, Los Angeles (UCLA).
Kurt VanderWal, Senior Consultant – Plante Moran, Technology Consulting & SolutionsKurt has spent more than 16 years in the information technology field specializing in PCI compliance, network security, local area networks, and file servers. Over the past seven years, Kurt has been performing PCI DSS assessments and network security assessments for financial, education, and government institutions. Kurt holds a Bachelor of Science in Information Systems and has acquired multiple certifications over his tenure.
webinars.plantemoran.com
Administration
Slides are available for download from your webcast console. A recording of today’s webinar will be added to our website in a few days.
We will allow time at the end of the presentation to respond to your questions, but please feel free to submit questions at any time.
This is a CPE-eligible webinar. Throughout the webcast, participation pop-ups will appear.
Participants must respond to at least 75% of these pop-ups in order to receive CPE credit.
webinars.plantemoran.com
Overview
Organizations adopting an enterprise mobility management mindset and strategic approach to their mobile environments are transforming the way they do business, leading to innovation and growth. In today's competitive marketplace, achieving greater information access, enhanced collaboration, increased productivity, improved customer service, and lower TCO (total cost of ownership) can put you miles ahead of your competition.
At the completion of this webinar, participants will understand: The mobility environment and transformational impact The importance of mobilization planning and strategy Key factors to consider in managing devices, applications, and
services Security and compliance best practices
webinars.plantemoran.com
Proliferation of mobile devices including tablets and smartphones
Innovative designs, intuitive, and better access to high speed networks
Integral to staying competitive
Web based applications and services are moving people to the cloud
Dealing with a younger generation of workers
Provides a ‘role model’ for innovation
Greater connection to and engagement with the customer
Improves integration with social networking/media sites
5
Mobility background
webinars.plantemoran.com
Increased information access and sharing
Better response times
Improved customer service
Increased productivity and satisfaction
Enhanced collaboration
Increased efficiencies
Reduced costs
Better recruitment of top talent
Greater innovation
6
Reasons to go mobile
webinars.plantemoran.com7
Industry applications
Banking
RetailGovernment
HealthcareManufacturing
webinars.plantemoran.com
Key considerations Device ownership Applications Platforms
Cloud is about enabling and leveraging technology, but mobility is about enabling and leveraging the business
Focus on the business aspects centered around: Access Management Balance
8
Strategy is key
webinars.plantemoran.com
A sound strategy Increases the impact and results Ensures that delivery is cost effective and efficient Provides a means to stay competitive
9
Advantages of a sound strategy
webinars.plantemoran.com
How do we support the devices?
What if the user jailbreaks the device?
Do we need to develop apps?
How do we secure the device and data?
Do we need to support every device?
10
How do we stop data leakage?
Do they want it for more than email?
Who gets them and how do we pay for them?
How do we maintain the service expectation?
What about compatibility?
IT concerns
webinars.plantemoran.com
The process may take multiple iterations to resolve.
11
Strategy Policy Architecture Tools Procedure
Make nothing public until the process is complete.
Process
webinars.plantemoran.com
Decisions are interrelated and can have a huge impact.
12
DeviceOwnership
Plan Coverage
Device Types
Email Apps
Depth of Control
Business Apps
File Exchange
Business –Employee
Relationship,Cost, Productivity
Support
Strategy
webinars.plantemoran.com13
Email Only
Data ownership Data leakage Device ownership /
cost Inventory Account
Management Communications
Management
+ Web Applications
Internal Wi-Fi Purpose Specific
+ Internal Business
Applications
Device Compatibility
Inventory Software updates Access control
Data ownership Data leakage Device ownership /
cost Inventory Account
Management Communications
Management Device
Compatibility
Data ownership Data leakage Device ownership /
cost Inventory Account
Management Communications
Management Device
Compatibility Communications
Security Access Control Support Training
Leading Management Concerns by Strategy
webinars.plantemoran.com
Device ownership, service provider, coverage, communication costs
Data ownership
Privacy – personal data, device use, location, applications
Device care - damage and loss
User separation
Security – features and user actions
Support – depth vs. cost
14
Policy
webinars.plantemoran.com
Device type considerations – environment, capabilities
Access to data – messages (includes calendar and contacts) only apps, synchronization, remote VPN, remote desktop
Data storage and backup
Policy enforcement – security, application restrictions, data leakage
Lockdown – recovery, wipe
Software and configuration distribution
Support – recovery, configuration, backups, updates, applications
Administration – inventory, IDs, rights, monitoring
Device management depth – light, heavy, containerized15
Architecture Components
webinars.plantemoran.com
Mail Synchronization Servers (BES, MS Sync, Notes Traveler)
Mobile Device Management Software (Airwatch, Fiberlink, Zenprise, Excitor, MobileIron, Sybase, Good)
Antivirus software (AVG, Kaspersky, ESET)
Mobile VPN clients (most major firewall vendors)
Remote control / Virtual PC (Citrix, VMware, Microsoft, VNC)
Training
16
Management Tools
webinars.plantemoran.com
Request process Policy acceptance
Acquisition
Initial setup Apps Accounts Configuration Training
Management
Updates
Enforcement
17
Procedures
webinars.plantemoran.com
Why we need to secure the devices
Types of mobile access
Remote wipes
Managing the security of mobile devices
Additional security points
18
Security
webinars.plantemoran.com
It is estimated that by 2013 There will be 1.2 billion mobile workers worldwide 75% of all U.S. workers will be mobile at least 20% of the time
Another estimate shows that 36% of cell phone owners have lost a phone or had one stolen
• Of these, almost 90% had no way to remotely lock or wipe the data from them
• Over 50% did not use password protection on their phones
In the U.S., 113 cell phones are lost every minute
19
Why we need to secure the devices
webinars.plantemoran.com
While mobility is a top security concern to business, few have addressed these concerns. Why? Businesses and employees are seeing the advantages and pushing
IT to “make it work” There are many different types of mobile devices These devices can be both business owned or employee owned Ability for users to install new, untested applications is too easy
Too many variables
20
Why we need to secure the devices
webinars.plantemoran.com
Multiple ways mobile devices attach to the corporate network Internet Access Only (Internal) Remote Access to Email Remote Access to Network Resources and Data
Regardless of the method, both the mobile device and the corporate network need to be protected
21
Types of mobile access
webinars.plantemoran.com
Description Staff members bring mobile device (BYOD or Corporate owned) to the office Only want to access Internet
Security Risk Potentially infected devices accessing your corporate network
Solutions Setup a separate Internet-only connection with wireless access
(small companies, banks) Segment all mobile wireless traffic from the corporate network
22
Internet access only
webinars.plantemoran.com
Description Staff members accessing corporate email from remote locations
Security Risks Data now resides on mobile device
• Lost data due to stolen/lost device• Via OWA or other client software
User credentials are now sent to/from the mobile device to the corporate network• If insecure, credentials could be stolen
Solutions Restrict the download of documents to mobile devices (OWA) Require the use of a SECURE third party application to access the email (Good,
Sync) Ensure remote locking and remote wiping is enabled and configured properly
23
Remote access to corporate email
webinars.plantemoran.com
Description Staff members accessing corporate network and resources from remote locations
Security Risks Devices are accessing an internal corporate resource Spread of viruses/malware across corporate network Data now resides on mobile device
• Lost data due to stolen/lost device
User credentials are now sent to/from the mobile device to the corporate network• If insecure, credentials could be stolen
Insecure mobile devices (screen locks, passwords) lead to compromise of corporate network
Ensure remote locking and wipe are enabled
24
Remote access to corporate network
webinars.plantemoran.com
Solutions Require all remote devices go through a NAC prior to accessing the
network Require that communications to the corporate network occur through a
secure VPN or secure portal (i.e. Terminal Services) where data is Read-Only
Ensure that the devices/removable cards are encrypted Ensure strong policies are established and adhered to Ensure remote wipe is enabled
25
Remote access to corporate network
webinars.plantemoran.com
What is a Remote Wipe? Erasing the contents of the mobile devices from a remote location (full
or partial)
How is it done? Depending on the device and OS, it typically deletes either the
encryption key OR writes a series of 1’s over the entire phone
Is it effective? Yes
Notes Must be setup and configured prior to device being ‘lost’ If device is being sent in for repairs, a backup should be performed
and then a wipe
26
Remote wipes
webinars.plantemoran.com
Managing the security of the mobile devices Implement firewall/NAC technologies which support the mobile
operating systems Limit the types of devices/OS versions allowed to attach Inventory/Manage the devices – Mobile Device Management Ensure that users agree to the corporate policy prior to accessing the
network• Defines ownership of data• Defines required configurations• Prohibits “jail-broken” devices on the network
Security test these devices/apps Provide end user training
27
Managing the security
webinars.plantemoran.com
Configuring the devices Enable remote wipes Ensure screen lock passwords are set Ensure screen lock passwords are strong Ensure key pad lock is enabled after a period of inactivity Require Anti-virus and Malware detection software
Act Now!
28
Additional security points
webinars.plantemoran.com
Set a short-term and long-term direction
Engage all business units
Get support/buy-in
Include total cost of ownership (TCO) and total cost impact
Include devices, applications, services, security, support, policies, etc. (all facets of mobility)
Establish central governance
29
Best practices
webinars.plantemoran.com
Q&A
Q&A
webinars.plantemoran.com
Marv [email protected]
Karl [email protected]
Kurt [email protected]
To view a complete calendar of upcoming Plante Moran webinars, visit webinars.plantemoran.com
Thank you for attending