byod webinar for sap: securing data in a mobile world
DESCRIPTION
SAP customers, like any other business, are adapting to the BYOD culture and the myriad of security challenges inherent to mobility. While mobility is enabling business users to stay connected and productive, it could create potential holes in your security as sensitive information is shared by employees and, often unknowingly, exposed to a growing number of risks.TRANSCRIPT
© 2014 SECUDE AG |
© 2014 SECUDE AG | WWW.SECUDE.COM
BYOD Webinar for SAP Securing Data in a Mobile World
© 2014 SECUDE AG |
Speakers
2
Michael Kummer President Americas, SECUDE
Aparna Jue Technical Product Manager, SECUDE
© 2014 SECUDE AG |
Agenda
! Mobility & BYOD trends and what they mean for you
! Mobility & BYOD challenges
! Current approach and why it’s failing
! What else can be done? A look at new technologies
3
1
2
3
4
© 2014 SECUDE AG |
About SECUDE
4
1996 Startup of Secude, Spin-Off from Fraunhofer & SAP
2000 SAP partnership (world-wide deployment of SECUDE SNC-SW)
2001 Market entry file/folder encryption
2002 Market entry Smartcard Management and E-SSO
2004 Startup of SECUDE USA
2005 Market entry Full Disc Encryption (FDE)
2006 Launch of FinallySecure Enterprise with Seagate (HW-based FDE)
2011 Spin-off of SECUDE’s SAP Security products to SAP AG
2011 Re-focus on endpoint protection & later SAP NetWeaver Single Sign-On
2012 Halocore initiative to bridge MS AD RMS with SAP
© 2014 SECUDE AG |
! 83% of people sleep next to their cell phones (Pew Research Center)
! 29% of Americans say their phone is the first and last thing they look at every day (Qualcomm)
Mobility Goes Boom
St. Peter's Square in 2005 and 2013
© 2014 SECUDE AG |
4.38%
14.79%
24.02%
27.21%
29.59%
Mobility Landscape
Other
NO CONSENSUS ON OPERATING SYSTEM
DEVICE OBSESSION
86% are device obsessed or “always on”
44% use their devices to work during meals
20% consider themselves workaholics
15% bring their devices on vacation
Source: Varonis Systems
© 2014 SECUDE AG |
What is “Bring Your Own Device”?
! Bring Your Own Devices enables users to bring devices they choose to perform company work activities
! Employees want BYOD for choice of device, applications, and ability to combine personal and work lives
BYOD means any device
with any ownership, used anywhere.
© 2014 SECUDE AG |
There is No Stopping BYOD
! The BYOD market will increase to $181 billion by 2017 (MarketsandMarkets)
! 95% of organizations permit employee-owned devices (Cisco IBSG)
! 71% require technology that enables their staff to work anywhere at any time (Microsoft)
! 70% of employees use personal devices for business use (Forrester)
© 2014 SECUDE AG |
Why They BYOD: Benefits to Employees
Flexibility: No hassle with one device to combine work and personal activities
Efficiency: Can get more done with my own device Control: Can have greater control of my work experience
through choice of device
© 2014 SECUDE AG |
Why They BYOD: Benefits to Enterprises
Cost reduction: Annual benefits from BYOD range from $300 to $1300 per employee (Cisco IBSG) Productivity: 53% have raised work productivity through innovative practices enabled by their devices (Cisco IBSG)
Employee satisfaction: Employees feel more comfortable while working on personal devices, which improves their job satisfaction levels.
© 2014 SECUDE AG |
This is What We are Facing
End-User Behavior
• Over 15 billion devices by 2015, with average worker with 3 devices
• New workspace: anywhere, anytime
• 60% will download sensitive
corporate data on a personal device
• 71% of Gen Y workforce don’t obey policies
IT Trends
• Must control multiple devices and guests
• Security: top concern for BYOD
• 75% of IT professionals believe their organization’s sensitive data is at risk due to mobile devices
• IT consumed with fragmentation
Source: Logicalis
© 2014 SECUDE AG |
Issues in BYOD
! Security issues
! Privacy issues
! Support issues
! Infrastructure issues
! Device control issues
© 2014 SECUDE AG |
Bring Your Own DISASTER
9 out of 10 employees don’t use password
security on their devices
(Osterman Research)
51% have had data
loss due to insecure devices
(Websense)
81% admit
accessing their employer’s
network without their employer’s
knowledge or permission (Juniper
Network)
46%
who use a personal
device for work have let someone else
use It (Harris Poll of US Adults)
66%
who use a personal
device for work say that
their organization
doesn’t have a BYOD policy
(Harris Poll of US Adults)
© 2014 SECUDE AG |
Main BYOD Security Concerns
7%
23%
29%
37%
44%
47%
65%
75%
0% 10% 20% 30% 40% 50% 60% 70% 80%
Other
Support & Maintenance
Compliance with industry regulations
Device management
Lost or stolen devices
Malware infections
Unauthorized access to company data and systems
Loss of company or client data
Source: Lumension
© 2014 SECUDE AG |
Data is Most Valuable Resource
Apps $ Devices $$ Data $$$$$$$$$
Secure your data, not apps or devices 3 key factors
© 2014 SECUDE AG |
Storing Data
37%
12% 8%
51%
42%
11%
0%
10%
20%
30%
40%
50%
60%
Keep work files on personal laptops
Store work files on personal smartphones
Keep enterprise documents on personal
tablets
All Workers Millenials
© 2014 SECUDE AG |
! Corporate perimeter is eroding/has eroded
! Knowing where your data has become a challenge
! Keeping track is next to impossible ! Let’s not forget: data exists to be
consumed ● So locking everything down and
disallowing employees to productively use data is counter-productive
The IT Challenge
File Server
Employees
Partner
© 2014 SECUDE AG |
Questions?
© 2014 SECUDE AG |
Existing Security Technologies
19
© 2014 SECUDE AG |
! Firewall ● Protects the (eroded) perimeter
! DLP ● Monitoring
§ Good to understand where data is going
§ Problem is wealth of information it produces
● Prevention § Too far away from where data is born § Doesn’t know the context § Frustrates users § Often switched off
! VPN ● Protects data in transit only
Network-centric Solutions
© 2014 SECUDE AG |
! FDE ● Power-off protection ● Good if you lose device or it’s stolen ● No protection for data-in-use
! Database encryption ● Good to protect against unauthorized users ● Complex and high maintenance
! Mobile device encryption ● Why that’s not possible
§ iOS devices come with built-in HW-based encryption
§ App sandboxes prevents encryption of app data
Storage-centric Solutions
© 2014 SECUDE AG |
! File-encryption (PGP…) ● Key/password management issues ● Protection is gone once file is
unlocked/decrypted ! Rights Management (DRM, IRM
à RMS) ● Capabilities of IRM
§ Protection = encryption + policy § Control who can open, edit, print,
copy/paste… § Expiration date
● Established IRM solutions § Adobe § Oracle (SealedMedia) § Microsoft
Data-centric Solutions
© 2014 SECUDE AG |
Data-centric protection
Industry leading Microsoft Rights Management technology
Access Control Encryption Policy Enforcement
Unauthorized User
Trusted Partner
23
© 2014 SECUDE AG |
Data is Protected
! Inside and outside the organization
! At a single location
u And when moving amongst various locations
Partner
On premise Shared
© 2014 SECUDE AG |
Fine-grained Control
! Content owners can define who can ● Open the document ● Edit the contents ● Print the document ● Forward to anyone, internal or external ● Take other actions with the information
© 2014 SECUDE AG |
Questions?
© 2014 SECUDE AG |
Halocore for SAP NetWeaver
! Innovative: Enforces RMS protection on all data leaving SAP
! Secure: Determines what users are authorized to access sensitive data
! Customizable: Offers fine-tuned control over who can do what with information (view, edit, print, forward, etc.)
! Flexible: Works for any file type
! Powerful: Protection persists beyond SAP, including mobile platforms
© 2014 SECUDE AG |
Comprehensive Approach
1. Protection
2. Compliance
3. Audit
© 2014 SECUDE AG |
Demo
© 2014 SECUDE AG |
Where to Start?
! Data Export Auditor for SAP ● Free tool to monitor all data leaving SAP ● Each and every download is tracked ● Intelligent classification ● Request download at www.secude.com
30
© 2014 SECUDE AG |
Auditing Capabilities - Customizing your view
© 2014 SECUDE AG |
Auditing Capabilities - The Log File
© 2014 SECUDE AG |
Questions?
© 2014 SECUDE AG |
Visit us at www.SECUDE.com Tweet us @SECUDE
6/27/14 34
© 2014 SECUDE AG |
Aparna Jue Technical Product Manager
www.secude.com
SECUDE IT Security, LLC Alpharetta, GA USA
© 2014 SECUDE AG |
Copyright
SECUDE AG © 2014 All rights reserved. All product and service names mentioned are the trademarks of their respective companies. No part of this publication may be reproduced or transmitted in any form or for any purpose without the express written permission of SECUDE AG. The information contained herein may be changed without prior notice.
Microsoft, Windows, and Active Directory are the brand names or registered trademarks of Microsoft Corporation in the United States.
6/27/14 36