By

Matthew Witten, MBA, CISA, CISSP, CRISC, MCSA, ACE

MOBILE SECURITY AND THE CHANGING WORKFORCE

WHO KNOWS THIS GUY?

WHERE DID THIS COME FROM?

WHERE IS MOBILE HEADED?

• 4 Billion mobile devices by 2014

• 20 Billion devices by 2020

WRAPPING OUR HEAD AROUND IT

• Do we allow personal devices on the network? (BYOD)

• Do we only allow company purchased devices?

• Are we entering a Perfect Storm?

BYOD – FORGET THE PAST

• Cannot vet apps

• Traditional admin vs user roles do not exist

• Traditional policies may not be effective

BYOD

• Personal and corporate data intertwined (Sandboxing)

• Geo-location policy

• Do you really save money?

BYOD – IS THERE A HAPPY MEDIUM?

BYOD – THINGS TO PONDER

BYOD – THINGS TO PONDER

BYOD – THINGS TO PONDER

BYOD – THINGS TO PONDER

*Visage Mobile study

BYOD – MOVING TO THE CLOUD

• Risk vs. Rewards

• Loss of Control?

BYOD – MOVING TO THE CLOUD

MOBILE - THE NEXT (CURRENT) GENERATION

MOBILE IN EDUCATION

MOBILE IN EDUCATION

MOBILE IN EDUCATION - RESEARCH• CourseSmart and Wakefield Research:

• 67% cannot go more than 1 hour without digital technology and 40% cannot last more than 10 minutes

• 79% use mobile technology for quick knowledge checks before a test

• 68% believe they are saving more than 2 hours a day using their devices

MOBILE IN EDUCATION - RESEARCH• CourseSmart and Wakefield Research: (cont.)

• 51% prefer digital textbooks on eReaders to print textbooks

• 58% have taken an online course

• Even with traditional courses, 79% have submitted papers and assignments online and 71% have taken tests and quizzes online

MOBILE IN EDUCATION - RESEARCH• CourseSmart and Wakefield Research: (cont.)

• 18% report receiving materials via Facebook

• 58% have taken an online course

• 84% can access their syllabus and 78% of students receive class updates and news via online learning systems

MOBILE IN RESEARCH

• Innovations and advances

• Data collected onsite

• With new development comes new risks

GPS

• May 2, 2000

• GPS Dot

GPS

• No more Big Brother, but Big Neighbor

• Wave Bubble (be careful… not good like

on the surface)

• GPS Spoofing

GPS

GPS

GPS

• What are you going to do when this new “cool” asset tracking is shown to your CIO?

• What are the protections and countermeasures that can be put into place?

WHERE DO WE GO FROM HERE?

• Developing a mobile and cloud security policy

• Who is going to be the first liability case?

• Sure Headed IT hits the fan

• Remember: MDM ≠ Security

WHERE DO WE GO FROM HERE?

• Examine the risk and reward

• How do we prevent users from bypassing controls?

I LEAVE YOU WITH DILBERT…

©2007, Dilbert Cartoon

THANK YOU!