Upload
irisa
View
53
Download
0
Embed Size (px)
DESCRIPTION
Mobile Protection Driving Productivity Without Compromising Protection. Jon Baker, Jason Kataila. Endpoint Management & Mobility Specialist. Mobile Device Explosion Paves Way for BYOD. 39%. 69%. 340%. 2,170%. 2010 177M corp PCs 2015 246M corp PCs. 2010 173 M personal PCs - PowerPoint PPT Presentation
Citation preview
Mobile ProtectionDriving Productivity Without Compromising Protection
Jon Baker, Jason KatailaEndpoint Management & Mobility Specialist
Mobile Protection
2010 177M corp PCs
2015 246M corp PCs
2010 173 M personal PCs
2015 293M personal PCs
2010 300M smartphones
2015 1017M smartphones
2010 15M tablets
2015 326M tablets
39% 69% 340% 2,170%
Mobile Device ExplosionPaves Way for BYOD
2
3
New apps deployedin the cloud
Enterprises allow mobile access to
their network
Workers use threeor more devices
80% 65% 52%
Mobile Protection
1 2 3
Changes In Working Style
The Desires of the User Versus IT Staff
Mobile Protection
Freedom, Privacy & ProductivityEasy access to files, apps, emailUse the latest technology & appsPersonal stuff is untouchedDo it themselves (i.e. Self-Service)
Simple, Secure & ReliableProtect company informationOnly let authorized users inEasy to work with and reliableReporting, audit & monitor
User IT Staff
4
Devices Apps Data
Success = Mastering Control Points
Mobile Protection
…without disrupting user experience
5
Company Controls Personal Device
Company Controls Relevant Apps & Data Only
Company Controls Standard Device
Company Owned But Unmanaged
Evolving Endpoint Adoption Map
Mobile Protection
Company-owned Personally-owned
Man
aged
Unm
anag
ed
BYOD
6
Use Case #1:Access SaaS Apps From Any Device
Mobile Protection 7
Symantec O3™
Private Cloud / Data Center
Symantec O3GatewayIdentity and Access BrokerInformation Gateway
Symantec O3 Intelligence CenterContext-based PoliciesStatus MonitoringLog and Audit Services
Cloud, SaaS and Web Applications
Layered Protection2F Authentication
DLPEncryption
Public Cloud
End-UserAny Device
Symantec O3A Cloud Information Protection Platform
Mobile Protection 8
Cloud & mobile:Opportunity And Challenge
Mobile Protection
“We should embrace BYOD, BYOA and the new mobile platform to augment productivity and innovate new business models”
Mobile
“How do we layer common protection across cloud and mobile without undermining the convenience of the mobile experience?”
Challenge
Cloud
Private Cloud
9
Solving the Cloud-mobileProtection Challenge
Mobile Protection
• A single control point:– for all cloud applications and services– for all users– for all devices– for compliance
10
Symantec O3 Key Features
Mobile Protection
Cloud Identity and Access Control
• Identity Integration, Single ID• Federation, Password
Management, SSO•Context-based Authorization and
Policy• Strong Authentication•Access Event Log•Deployment Choices
•DLP Classification and Enforcement• Encryption and Key Management•Unstructured Data Encryption•Mobile Sandbox• Security Event Log
Available 2H 2012
Cloud Information Security
11
Why Symantec O3
Mobile Protection
• Proven InfrastructureWorks with federated and non-federated apps
1..2..3
2
3
• Highly ScalableLeverages existing infrastructure
• Capture Security EventsCorrelation of security intelligence
12
Use Case #2:Access Company & Personal Email
Mobile Protection
VPNWi-Fi
CA
Network Access
13
Symantec Mobile Management
Mobile Protection
Standalone or Plug into SMP and SCCM
EnableActivate enterprise access, apps and data easily and automatically> iOS, Android, MSFT, BB, Symbian
SecureProtect enterprise data and infrastructure from attack and theft> Detect JB, ensure passcodes, …
ManageControl inventory and configuration with massive scalability> Integrated with SMP & SCCM
14
Comprehensive Device Management
Mobile Protection
Configure Devices
Self-service enrollmentConfigure Email, VPN, Wi-FiIdentity Certificates
Distribute Apps
In-house apps or public-store appsDocs, videos – any active content Group based management
Manage Assets
Centralized visibility & controlAutomated workflowsScalable to 20,000+ devices
Apply Policies
Passwords, App restrictionsCompliance with JailbreakSelective wipe & Full wipe
15
Device Management For Your Enterprise
Mobile Protection
• Built-on a widely deployed system managements platform
• In-built automation and workflow modules
• Integration with Symantec DLP, MPKI products
• Mature & Scalable
• Integrates with Symantec Endpoint Management suite
• iOS + Android + Windows Phone + Macs + PCs + Linux
• Integrates with Symantec DLP and MPKI products
• Integrated & Efficient
• Integrates with Microsoft System Center Config Mgr
• iOS + Android + Windows Phone + PCs
• Leverages existing investments resources & processes
• Faster time to value, Lower TCO
Symantec Mobile Management (stand-alone)
Symantec Mobile Management for Symantec ITMS
Symantec Mobile Management for Microsoft SCCM
16
Unified Management with SCCM
Mobile Protection
• iPhone + Android + PCs
17
Unified Management with SMP
Mobile Protection
• iPhones + Android + Macs + PCs
18
Why Symantec MDM
Mobile Protection
• Fully functional MDMiOS, Android and Windows Phone
1..2..3
2
3
• Reliable & Scalable MDMProven to support 20,000+ devices
• Integrated MDMUnified management with Macs & PCs
19
Use Case #3:Secure iOS/Android/HTML5 Apps & Content
Mobile Protection
Enterprise App Store
Personal
CRM
Corp Apps
Corp AppACME
Public Apps Documents
Containerized Application
20
Mobile App Management
Mobile Application Management
21
Comprehensive App Wrapping Tech
App StoreRepository for internal and external mobile applications
App PolicyProtect app against data loss through encryption, removal control and separation of corporate data
Content CenterDLP policy to control confidential data access
• App deployment & provisioning• User authentication across apps• Copy & paste prevention • Per app file encryption• Remote data/app wipe• iOS & Android support
SYMANTEC APP CENTER
Symantec App Center Mobile App & Data Protection
Mobile Protection 22
Comprehensive Mobile App Management
Mobile Protection
Deploy Apps
Enterprise app store for internal appsRecommendations from public appstoreGroup based targeting
Deploy Content
Enterprise content store for docs, videos Containerize data with per object policiesGroup based targeting
Manage Lifecycle
Revoke and update apps selectivelyCentralized visibility & controlMDM features for policy management
Protect Data
Security and Management layer around dataPasswords, encryption, offline access, rootingSeparate corproate and personal data
23
Same security as Sandboxing,But more flexible
Mobile Protection
.IPA or .APK file with standard libraries
App wrapped with App Centerlibraries and policy controlsready for deployment
24
Business and PersonalApps and Data Co-exist
Mobile Protection 25
iOS & MDM Enhancements
Mobile Protection
FIPS 140-2 Level 1 Encryption for apps & data on iOS devices
MDM Enhancements• Ability to upload config profiles
• Additional iOS MDM restrictions
• “Badge” wrapped apps
• …
• Customers in regulated verticals can confidently use App Center data protection
• Customers can comply with regulatory requirements with App Center• Customers can use App Center for additional MDM capabilities
26
Why Symantec for Mobile Apps
Mobile Protection
• Quick & Easy Expedite deployment of apps with an easy-to-use SaaS app store
1..2..3
• Scalable & SeamlessEnable any number of apps with no source code changes
• Independent of MDMAddress mobile application needs without managing the complete device
27
Personal
CRM
Corp Apps
Corp AppACME
Email Documents
Use Case #4:Secure Email and Prevent Malware
Mobile Protection 28
Android Has Malware Problem
Mobile Protection
• More Than 50% Of Mobile Malware Is On Android
0
500
1000
1500
2000
2500Android Malware
FamilyVariants
67% of enterprises are concerned with malware attacks spreading from mobile devices to internal networks. - Symantec 2012 State of Mobility Survey
29
Symantec Mobile Security
Mobile Protection
AntimalwareAnti-TheftWeb Protection
Centralized ManagementAdvanced Protection
Comprehensive Protection Management
30
Mobile App Analysis System
Comprehensive Protection
Mobile Protection
Mobile Client Collectors
3rd-Party Feeds
Mobile malware sample exchange
Android Marketplace Crawlers
APKs from over 70 Android appstores
• Safe Web Domain Reputation• Insight File Reputation• Trusted Signer DB• IP / Network Reputation
Reputation Systems
APK Data Extraction
• Static code analysis• Dynamic analysis• Heuristics
Advanced Data Analytics
Security Privacy PerformanceTrust Resource
Usage
Metadata from Norton mobile clients
Symantec Mobile Security for Android
1
2 3
AppProfiles
31
Symantec Mobile Security for Android
Mobile Protection
• 1. On-device Anti-Malware Scanning
Google Play
Browser
Amazon
ExternalSources
3rd Party Markets
2 to 10 seconds
Background, ScheduledORManual
32
Symantec Mobile Security …continued
Mobile Protection
• 2. Additional Device Protections… 3. Central Enterprise Management
&
All Policy-based, centrallymanaged…
…and all Enterprise Integrated, alongsideMobile Management
(Altiris / SMP)
33
Why Symantec for Mobile Security
Mobile Protection
• High efficacyMonitors 70+ appstores, analyzes 3 million+ apps, information from 7 million+ active devices
1..2..3
• Enterprise Grade SecurityMost apps are freeware, consumer editions. SMS provides centralized mgmt including LiveUpdates
• Enterprise IntegrationAnti-malware is one-piece of mobile security. Symantec Mobile Security is integrated with MDM
34
5 Pillars for Enterprise Mobility
Mobile Protection
Cont
rol P
oint
s
Data
Apps
Device
User & App Access
App & Data Protection
Device Management
Threat Protection
Secure File Sharing
35
Symantec’s Comprehensive Solution
Mobile Protection
User & App Access
App & Data Protection
Device Management
Threat Protection
Secure File Sharing
Symantec O3App Center
Mobile Management
Mobile Security
Content Center
MPKI
VIP
DLP for Mobile
PGP Encryption
ITMS
CMSSEP O3
Primary Products
Complementary Products
36
Competitive Matrix
Mobile Protection
Airwatch
MobileIron
Symantec
User & App Access
App & Data Protection
Device Management
Threat Protection
Secure File Sharing
Good
Fiberlink
McAfee
SAP/Sybase
Zenprise
37
Company Controls Apps & Data Only
Company Controls Personal DeviceCompany Controls Standard Device
3
21
Unm
anagedM
anaged
Company Owned Personally Owned
Company Owns an Unmanaged Device
BYOD
User & App Access
ThreatProtection
Secure File Sharing
Device Management
App & DataProtection
User & App Access Mgmt.
ThreatProtection
Secure File Sharing
Device Management
App& DataProtection
User & App Access Mgmt.
Secure File Sharing
App& DataProtection
Symantec Total Mobile Story
Mobile Protection 38
Bringing It All Together
Devices. Apps. Data.Mobile Protection 39
Thank you!
Copyright © 2011 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.
This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.
Mobile Protection
Jon Baker, Jason Katailawww.Symantec.comMobility Specialist Group
40