Mobile ProtectionDriving Productivity Without Compromising Protection

Jon Baker, Jason KatailaEndpoint Management & Mobility Specialist

Mobile Protection

2010 177M corp PCs

2015 246M corp PCs

2010 173 M personal PCs

2015 293M personal PCs

2010 300M smartphones

2015 1017M smartphones

2010 15M tablets

2015 326M tablets

39% 69% 340% 2,170%

Mobile Device ExplosionPaves Way for BYOD

2

3

New apps deployedin the cloud

Enterprises allow mobile access to

their network

Workers use threeor more devices

80% 65% 52%

Mobile Protection

1 2 3

Changes In Working Style

The Desires of the User Versus IT Staff

Mobile Protection

Freedom, Privacy & ProductivityEasy access to files, apps, emailUse the latest technology & appsPersonal stuff is untouchedDo it themselves (i.e. Self-Service)

Simple, Secure & ReliableProtect company informationOnly let authorized users inEasy to work with and reliableReporting, audit & monitor

User IT Staff

4

Devices Apps Data

Success = Mastering Control Points

Mobile Protection

…without disrupting user experience

5

Company Controls Personal Device

Company Controls Relevant Apps & Data Only

Company Controls Standard Device

Company Owned But Unmanaged

Evolving Endpoint Adoption Map

Mobile Protection

Company-owned Personally-owned

Man

aged

Unm

anag

ed

BYOD

6

Use Case #1:Access SaaS Apps From Any Device

Mobile Protection 7

Symantec O3™

Private Cloud / Data Center

Symantec O3GatewayIdentity and Access BrokerInformation Gateway

Symantec O3 Intelligence CenterContext-based PoliciesStatus MonitoringLog and Audit Services

Cloud, SaaS and Web Applications

Layered Protection2F Authentication

DLPEncryption

Public Cloud

End-UserAny Device

Symantec O3A Cloud Information Protection Platform

Mobile Protection 8

Cloud & mobile:Opportunity And Challenge

Mobile Protection

“We should embrace BYOD, BYOA and the new mobile platform to augment productivity and innovate new business models”

Mobile

“How do we layer common protection across cloud and mobile without undermining the convenience of the mobile experience?”

Challenge

Cloud

Private Cloud

9

Solving the Cloud-mobileProtection Challenge

Mobile Protection

• A single control point:– for all cloud applications and services– for all users– for all devices– for compliance

10

Symantec O3 Key Features

Mobile Protection

Cloud Identity and Access Control

• Identity Integration, Single ID• Federation, Password

Management, SSO•Context-based Authorization and

Policy• Strong Authentication•Access Event Log•Deployment Choices

•DLP Classification and Enforcement• Encryption and Key Management•Unstructured Data Encryption•Mobile Sandbox• Security Event Log

Available 2H 2012

Cloud Information Security

11

Why Symantec O3

Mobile Protection

• Proven InfrastructureWorks with federated and non-federated apps

1..2..3

2

3

• Highly ScalableLeverages existing infrastructure

• Capture Security EventsCorrelation of security intelligence

12

Use Case #2:Access Company & Personal Email

Mobile Protection

VPNWi-Fi

CA

Network Access

13

Symantec Mobile Management

Mobile Protection

Standalone or Plug into SMP and SCCM

EnableActivate enterprise access, apps and data easily and automatically> iOS, Android, MSFT, BB, Symbian

SecureProtect enterprise data and infrastructure from attack and theft> Detect JB, ensure passcodes, …

ManageControl inventory and configuration with massive scalability> Integrated with SMP & SCCM

14

Comprehensive Device Management

Mobile Protection

Configure Devices

Self-service enrollmentConfigure Email, VPN, Wi-FiIdentity Certificates

Distribute Apps

In-house apps or public-store appsDocs, videos – any active content Group based management

Manage Assets

Centralized visibility & controlAutomated workflowsScalable to 20,000+ devices

Apply Policies

Passwords, App restrictionsCompliance with JailbreakSelective wipe & Full wipe

15

Device Management For Your Enterprise

Mobile Protection

• Built-on a widely deployed system managements platform

• In-built automation and workflow modules

• Integration with Symantec DLP, MPKI products

• Mature & Scalable

• Integrates with Symantec Endpoint Management suite

• iOS + Android + Windows Phone + Macs + PCs + Linux

• Integrates with Symantec DLP and MPKI products

• Integrated & Efficient

• Integrates with Microsoft System Center Config Mgr

• iOS + Android + Windows Phone + PCs

• Leverages existing investments resources & processes

• Faster time to value, Lower TCO

Symantec Mobile Management (stand-alone)

Symantec Mobile Management for Symantec ITMS

Symantec Mobile Management for Microsoft SCCM

16

Unified Management with SCCM

Mobile Protection

• iPhone + Android + PCs

17

Unified Management with SMP

Mobile Protection

• iPhones + Android + Macs + PCs

18

Why Symantec MDM

Mobile Protection

• Fully functional MDMiOS, Android and Windows Phone

1..2..3

2

3

• Reliable & Scalable MDMProven to support 20,000+ devices

• Integrated MDMUnified management with Macs & PCs

19

Use Case #3:Secure iOS/Android/HTML5 Apps & Content

Mobile Protection

Enterprise App Store

Personal

CRM

Corp Apps

Corp AppACME

Public Apps Documents

Containerized Application

20

Mobile App Management

Mobile Application Management

21

Comprehensive App Wrapping Tech

App StoreRepository for internal and external mobile applications

App PolicyProtect app against data loss through encryption, removal control and separation of corporate data

Content CenterDLP policy to control confidential data access

• App deployment & provisioning• User authentication across apps• Copy & paste prevention • Per app file encryption• Remote data/app wipe• iOS & Android support

SYMANTEC APP CENTER

Symantec App Center Mobile App & Data Protection

Mobile Protection 22

Comprehensive Mobile App Management

Mobile Protection

Deploy Apps

Enterprise app store for internal appsRecommendations from public appstoreGroup based targeting

Deploy Content

Enterprise content store for docs, videos Containerize data with per object policiesGroup based targeting

Manage Lifecycle

Revoke and update apps selectivelyCentralized visibility & controlMDM features for policy management

Protect Data

Security and Management layer around dataPasswords, encryption, offline access, rootingSeparate corproate and personal data

23

Same security as Sandboxing,But more flexible

Mobile Protection

.IPA or .APK file with standard libraries

App wrapped with App Centerlibraries and policy controlsready for deployment

24

Business and PersonalApps and Data Co-exist

Mobile Protection 25

iOS & MDM Enhancements

Mobile Protection

FIPS 140-2 Level 1 Encryption for apps & data on iOS devices

MDM Enhancements• Ability to upload config profiles

• Additional iOS MDM restrictions

• “Badge” wrapped apps

• …

• Customers in regulated verticals can confidently use App Center data protection

• Customers can comply with regulatory requirements with App Center• Customers can use App Center for additional MDM capabilities

26

Why Symantec for Mobile Apps

Mobile Protection

• Quick & Easy Expedite deployment of apps with an easy-to-use SaaS app store

1..2..3

• Scalable & SeamlessEnable any number of apps with no source code changes

• Independent of MDMAddress mobile application needs without managing the complete device

27

Personal

CRM

Corp Apps

Corp AppACME

Email Documents

Use Case #4:Secure Email and Prevent Malware

Mobile Protection 28

Android Has Malware Problem

Mobile Protection

• More Than 50% Of Mobile Malware Is On Android

0

500

1000

1500

2000

2500Android Malware

FamilyVariants

67% of enterprises are concerned with malware attacks spreading from mobile devices to internal networks. - Symantec 2012 State of Mobility Survey

29

Symantec Mobile Security

Mobile Protection

AntimalwareAnti-TheftWeb Protection

Centralized ManagementAdvanced Protection

Comprehensive Protection Management

30

Mobile App Analysis System

Comprehensive Protection

Mobile Protection

Mobile Client Collectors

3rd-Party Feeds

Mobile malware sample exchange

Android Marketplace Crawlers

APKs from over 70 Android appstores

• Safe Web Domain Reputation• Insight File Reputation• Trusted Signer DB• IP / Network Reputation

Reputation Systems

APK Data Extraction

• Static code analysis• Dynamic analysis• Heuristics

Advanced Data Analytics

Security Privacy PerformanceTrust Resource

Usage

Metadata from Norton mobile clients

Symantec Mobile Security for Android

1

2 3

AppProfiles

31

Symantec Mobile Security for Android

Mobile Protection

• 1. On-device Anti-Malware Scanning

Google Play

Browser

Amazon

ExternalSources

3rd Party Markets

2 to 10 seconds

Background, ScheduledORManual

32

Symantec Mobile Security …continued

Mobile Protection

• 2. Additional Device Protections… 3. Central Enterprise Management

&

All Policy-based, centrallymanaged…

…and all Enterprise Integrated, alongsideMobile Management

(Altiris / SMP)

33

Why Symantec for Mobile Security

Mobile Protection

• High efficacyMonitors 70+ appstores, analyzes 3 million+ apps, information from 7 million+ active devices

1..2..3

• Enterprise Grade SecurityMost apps are freeware, consumer editions. SMS provides centralized mgmt including LiveUpdates

• Enterprise IntegrationAnti-malware is one-piece of mobile security. Symantec Mobile Security is integrated with MDM

34

5 Pillars for Enterprise Mobility

Mobile Protection

Cont

rol P

oint

s

Data

Apps

Device

User & App Access

App & Data Protection

Device Management

Threat Protection

Secure File Sharing

35

Symantec’s Comprehensive Solution

Mobile Protection

User & App Access

App & Data Protection

Device Management

Threat Protection

Secure File Sharing

Symantec O3App Center

Mobile Management

Mobile Security

Content Center

MPKI

VIP

DLP for Mobile

PGP Encryption

ITMS

CMSSEP O3

Primary Products

Complementary Products

36

Competitive Matrix

Mobile Protection

Airwatch

MobileIron

Symantec

User & App Access

App & Data Protection

Device Management

Threat Protection

Secure File Sharing

Good

Fiberlink

McAfee

SAP/Sybase

Zenprise

37

Company Controls Apps & Data Only

Company Controls Personal DeviceCompany Controls Standard Device

3

21

Unm

anagedM

anaged

Company Owned Personally Owned

Company Owns an Unmanaged Device

BYOD

User & App Access

ThreatProtection

Secure File Sharing

Device Management

App & DataProtection

User & App Access Mgmt.

ThreatProtection

Secure File Sharing

Device Management

App& DataProtection

User & App Access Mgmt.

Secure File Sharing

App& DataProtection

Symantec Total Mobile Story

Mobile Protection 38

Bringing It All Together

Devices. Apps. Data.Mobile Protection 39

Thank you!

Copyright © 2011 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.

Mobile Protection

Jon Baker, Jason Katailawww.Symantec.comMobility Specialist Group

40