beyond mdm: 5 things you must do to secure mobile devices in the enterprise
TRANSCRIPT
Beyond MDM5 Things You Must Do To Secure Mobile Devices in the EnterpriseK Scott Morrison, CTO
November, 2012
2
Housekeeping
Questions - Chat any questions you have and we’ll answer them at the end of this call
Twitter - Today’s event hashtag:
- #L7webinar
- Follow us on Twitter:
- @layer7
- @KScottMorrison
facebook.com/layer7
layer7.com/blogs
layer7.com/linkedin
I already have mobility…
Change Agent
Interest in Mobile Security is Increasing
Old Thinking,New Technology
Who Owns Mobile?
Implementation falls to IT
What is the Classic Security Solution?
Directory
Identity and Access Management (IAM)
VPN
What can you expect fromMobile Device Management (MDM)?• Device inventory
• Locate device, track device• Network settings, wifi settings• Backup management• Manage synchronization with laptop• Manage access to cloud services (eg: iCloud synchronization)• Device encryption, device wipe, selective wipe, data fading• Password policies, password resets, remote lock• Jailbreak detection, root detection• User communication (notifications, email, SMS, etc)• App inventory, blacklist/whitelist for apps• Private app stores, integration with public app stores and
corporate plans• App configuration provisioning• VPN configuration provisioning, email configuration mgmt.• Roaming policy management
Is MDM enough?
No. MDM is only half.
New Thinking,New Technology
It’s about the app
The Challenge is to Give Mobile Apps Access to Enterprise Data Securely
Firewall
Enterprise Network
Internal Server
Directory
The Real Owners are App Developers
New Challenges
15458617-7813-4a37-94ac-a8e6da6f6405
?
A
A person?
Or an app?
Identity is the Crux Issue
The New Roles
API Client Developers
API Server DevelopersExternal Internal
A Fundamental Shift is Occurring
The Old Enterprise The New Mobile Enterprise
This is the secret to achieve scale and agile federation
What About Data in Transit?
Firewall
Enterprise Network
Internal Server
Directory
Or Data on the Device?
Silos
App layer
Persistence layer
Strategies
Mobile Access Gateway
Firewall
Enterprise Network
API Server
API Client
API Proxy
Security Admin
API Developer Portal
Firewall
Enterprise Network
API Server
API Client
iPhone Developer
API Portal
API Proxy
Client Libraries
Firewall
Enterprise Network
API Server
API Proxy
Security Admin
Do SSL right Make OAuth easy Manage sessions automatically
The 5 Things You Must Do To Secure Mobile Devices In The Enterprise
1. Start with MDM, but layer application security services over it.
2. Integrate mobile apps and enterprise data using APIs.
3. SSL everywhere.
4. Authenticate users, authorize apps.
5. Avoid local storage.
November 2012
K. Scott MorrisonChief Technology Officer
Layer 7 Technologies1100 Melville St, Suite 405Vancouver, B.C. V6E 4A6Canada(800) 681-9377
[email protected]://www.layer7.com
For further information:
Picture Credits
New Moon Seen Through a Telescope by mkrijgsman – stock.exchg
Band silhouettes by mr_basmt– stock.exchg