security of mobile platforms, byod and mdm for the ...security of mobile platforms, byod and mdm for...

Security of Mobile

Platforms, BYOD and

MDM for the Solution

of their Administration

November 22nd 2012, Marek Deml

Security of Mobile

Platforms

3 © 2012 Deloitte Česká republika

Situation Worldwide

Source: IDC Worldwide Mobile Phone Tracker, August 8, 2012

68,10%

16,90%

4,80%

3,50% 6,90%

Google Android

Apple iOS

RIM Black Berry

Microsoft Windows Phone /Windows Mobile

Others


Android


72%


Source: developer.android.com, October 2012

0,10% 0,40% 3,40%

12,90%

55,80%

1,90%

23,70%

1,80%

1.5 Cupcake

1.6 Donut

2.1 Eclair

2.2 Froyo

2.3 Gingerbread

3.1 Honeycomb

4.0 Ice Cream Sandwich

4.1 Jelly Bean


Security

• Authentication

• Application

• Encryption

• Enterprise functions

• “Root” of the device


iOS


20%


Source: chtika.com, October 2012

9%

4%

25%

61%

1%

iOS 4

iOS 5.0

iOS 5.1

iOS 6

Other iOS


Security

• Authentication

• Application

• Encryption


• “Jailbreak” of the

device


BlackBerry


Security

• Authentication

• Application

• Encryption



Windows Phone


Security

• Authentication

• Application

• Encryption



Ranking of platforms

BlackBerry

iOS

Android

Windows Phone

iOS

BlackBerry

Android

Windows Phone

Security Security + “cool” factor


•Look

ahead


81% of university

students believe that

they will have the

opportunity to choose

the devices for work.

Permanently-connected Students… Source: Cisco 2011 Annual

Security Report & Cisco Connected

World Technology Report

… are not thrilled by working

for someone who bans them

from access to social networks

at work.

… do not want to work only in

the office, as they believe that

they are more productive when

they work outside the office.

… prefer having an internet connection to a

car.

... are not very interested in

protecting their passwords.

…check Facebook at least once

a day.

… let other people use their

notebook, mobile phone or iPad.

…want to bring their own devices

to the office.


Trends in Mobile Equipment

• Employees work at different places and require mobile support

• Requirement for the support of personal devices (Bring Your Own Device

- BYOD)

• Pressure on the development of mobile applications and acceptance of

“socially connected” applications

• Use of applications without knowledge of the risks that they bring

• Unsecured applications

• Increase in productivity and decrease in costs

• All Nippon Airways – 6000 iPads, 400 million yen (EUR 3.89 million) of

savings per year

• The Senate of the Dutch Parliament has replaced printed parliamentary

documents with iPads

The management and security of mobile equipment is a significant challenge.


BYOD (Bring Your Own Device)

• Zaměstnanci chtějí stále častěji používat svá oblíbená mobilní zařízení

Firms should bring

the anticipations of

users, IT capabilities

and security policy

into line. A failure to

act may increase the

security risk, as

uncontrolled mobile

devices will continue

to connect to the

firm’s network.

BYOD does not mean that the user does what he wants!

Average number of results: 7,600,000 (0.17 s)


BYOD

Reasons for BYOD

• User perspective

• To have one device rather than two

• Fully own the decision-making process in

selecting personal devices/ have the most-

recent version of the device

• The local store offers a better selection than

the IT department

• Company perspective

• Increased productivity of employees, they

perceive BYOD as a benefit

• Potential of decreasing costs of hardware,

monthly services, provision and ongoing

support

• IT department perspective

• Potential of lower burden for IT employees:

they do not provide support for HW

equipment does not apply for VIP users

Problems of BYOD

• Security

• Confidentiality, integrity and availability of

corporate data

• Responsibility for personal data (deletion,

central storage)

• Defining and enforcing of the security level

• Fragmented applications

• Impact of an environment with

heterogeneous equipment on the

development of applications and

requirements for support

• Support

• Certification, provision and management of

devices

• Costs

• Potential loss of corporate bulk discounts due

to personal purchases

• Additional cost for management of

heterogeneous BYOD devices, eg MDM


BYOD Pitfalls and their Solutions

• BYOD involves the following pitfalls:

• Compliance with the legislation, compliance with the Labour Code, data privacy and

protection

• Data privacy and protection, Data ownership and restoration

• Monitoring of employees

• Intellectual property protection

• However, the most significant problem is the security level!

• Guideline for BYOD is a condition

• Increases the knowledge of security and privacy protection

• Ensures the enforceability of rules through (employment) contracts

• Ensures legal risks and responsibilities

How do you achieve that?


Technical Setting of BYOD

• Encryption

• Security of access to data

• Security of the process of data mining from the system

• Rules for the data deletion

• Access without the prior permission and approval can be classified as

‘hacking’

• Reflection of privacy in work procedures

• Introduction of monitoring (system, compliance with the rules, etc)


• Simple connection to the corporate network, setting of the mobile office

• Security of access to the corporate network

• Enforcement of a password, its strength, etc

• Protection against viruses and other harmful codes

• Remote deletion in the event of a loss, only deletion of corporate data in

BYOD

• Monitoring of data synchronisation on the server

• Distribution, update of SW and applications

Who owns the strategy and administration and management

model of mobile equipment?

MDM - Mobile Device Management


MDM Mobile Device Management

• Mobile device management provides support

for the entire lifecycle of mobile devices,

mobile applications and the related data

warehouses, and assists in:

• Due securing of applications, patches, security agents,

etc;

• Ensuring that the data are automatically backed up and

always protected (in static situations and in transfer);

• Ensuring that devices are correctly configured and

protected against threats; and

• Ensuring that IT may remotely fix problems, delete data

and remove the device from operations

• This requires systems, defined processes and

qualified sources in several areas

Source: Gartner Magic Quadrant for MDM solution

May 2012

Úplnost vize

Schopnost re

aliz

ace

Subjekty reagující na výzvy Vedoucí subjekty

Hráči v oblasti mezery na trhu Vizionáři


MDM Mobile Device Management

• Comparison of the critical properties of MDM solutions and the total result

Source: Gartner Critical Capabilities

for Mobile Device Management

July 2011

Questions?

Marek Deml

E-mail: [email protected]

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK

private company limited by guarantee, and its network of member firms, each

of which is a legally separate and independent entity. Please see

www.deloitte.com/cz/about for a detailed description of the legal structure of

Deloitte Touche Tohmatsu Limited and its member firms.

© 2012 Deloitte Czech Republic

security of mobile platforms, byod and mdm for the ...security of mobile platforms, byod and mdm for...

Documents