More from MaaS360: The Mass Malware to Mobile Migration

© 2015 IBM Corporation

IBM Security

1 © 2015 IBM Corporation

The Mass Malware to Mobile Migration IBM MobileFirst Protect (MaaS360) Threat Management

Matt Shaver | Jimmy Tsang IBM Security June 11, 2015


IBM Security

2

Housekeeping items

Duration – 60 minutes Submit your questions to all

panelists in the Q&A box located in the bottom right corner of your screen

Recording and slides will be emailed to you tomorrow


IBM Security

3

Introductions

Jimmy Tsang Dir of Product Marketing

IBM

Matt Shaver Customer Engineer

IBM


IBM Security

4

Agenda

State of Mobile Threats in the Enterprise

IBM MobileFirst Protect (MaaS360) Threat Management

How It Works

Demo

Q&A


IBM Security

5

Poll question

Has your organization experienced any of the following vulnerabilities in the past 12 months with your mobile devices? Select all that apply.

A. Mobile malware

B. Jailbroken / rooted devices used for work

C. Lost or stolen devices

D. Don’t know

E. None


IBM Security

6

Mobile is how we work today

Savings Lives

Speeding Service

Busting Lines Delivering Manuals

Heading Home Learning in the Classroom


IBM Security

7

Mobile changes the way

people work

Mobile provides a better

experience

Mobile creates risk of company data

Mobile is strategic for business


IBM Security

8

As mobile grows, threats grow

In 2014 the number of mobile phones

(7.3 billion) exceeded the

number of people on the planet (7

billion)

Mobile malware is growing.

Malicious code is infecting

over 11.6 million mobile devices at any given time.

138 billion apps were downloaded

in 2014. By 2017 50% of employers will require

BYOD.

Mobile devices and the apps we rely on

are under attack. 97% and 87% of top paid Android

and iOS apps have been hacked.


IBM Security

9

What is mobile malware?

Malicious software specifically built to attack mobile devices

Relies on exploits of particular operating systems and mobile device software technology

Types of mobile malware: • Device data thieves and device spies that take

certain kinds of data and deliver it to hackers for profit

• Jailbreak or root malware, which gives hackers certain administrative privileges and file access

• Malware that performs automatic transactions or communications without the users knowledge


IBM Security

10

Mobile malware even on iOS devices

WireLurker Masque Attack


IBM Security

11

Criminals attack the weakest link


IBM Security

12

IBM MobileFirst Protect Threat Management

Detects, analyzes and remediates mobile risks delivering a new layer of security for Enterprise Mobility Management (EMM) with the integration of IBM Security Trusteer® to protect against:

Mobile malware

Suspicious system configurations

Compromised devices


IBM Security

13

IBM Security Trusteer

A leading provider of advanced malware & fraud protection solutions

Hundreds of millions of end users and many large financial firms rely on Trusteer’s holistic cybercrime prevention platform

Delivers risk-awareness and security intelligence


IBM Security

14

Mobile malware detection, analysis and remediation

IBM MobileFirst Protect helps stop mobile apps with malware signatures and behaviors on devices from a continually updated database Set granular policy controls & app exceptions

Automate remediation with compliance engine

Alert user & admins when malware is found

Uninstall apps with malware automatically*

Block access, selectively or fully wipe

Restrict use of container solutions

View device threat attributes in portal

Review history of malware detection events

*select Samsung SAFE Android devices


IBM Security

15

Enhanced jailbreak and root device detection

IBM MobileFirst Protect discovers & remediates compromised or vulnerable devices with detection logic that’s updated over-the-air Protect against jailbroken iOS & rooted

Android devices that can provide attackers with additional privileges on the operating system, enabling various attack vectors

Seek out hiders & active hiding techniques that try to mask detection of jailbroken & rooted devices

Leverage detection logic updated over-the-air without any app updates to be more responsive to fast-moving hackers

Set security policies & compliance rules to automate remediation

Block access, selectively or fully wipe devices or remove device control


IBM Security

16

Device risk data: • Malware found • Jailbreak or Root status • Suspicious system config

How it works

Install MaaS360 app with Trusteer, policies

& rules embedded

Policy & rules enforcement &

remediation

MaaS360 portal Trusteer Mobile Risk Engine

Over-the-air updates: • Malware definitions • Jailbreak & Root checks • Suspicious apps list


IBM Security

17

Key benefits


IBM Security

18

Poll question

Does your organization educate its employees on mobile security best practices?

A. Yes

B. No

C. Not sure

19 © 2015 IBM Corporation

Demo IBM MobileFirst Protect Threat Management


IBM Security

20

Poll question

Does your organization currently have a mobile malware solution deployed?

A. Yes

B. No

C. Not sure


IBM Security

21

Enable apps and content with trust on any device, anytime, anywhere

Delivering mobile security for the way people work


IBM Security

22

The IBM mobile security framework

CA, Oracle, RSA

Configure devices & manage security policies

Automate enforcement

Mitigate risks of lost or compromised devices

Distribute & manage enterprise apps

Separate work & personal data

Protect apps & data from vulnerabilities

Enable work content availability & sharing

Create & edit content

Contain sensitive corporate information

Provide secure web & mobile access control

Deliver ease-of-use with SSO & unified identity

management

Extend Security Intelligence

Extend security information & event management (SIEM) to mobile environment

Incorporate log management, anomaly detection, configuration & vulnerability management

Manage Access and Fraud

Secure Content and Collaboration

Safeguard Applications and Data

Protect Devices


IBM Security

23

Complete mobility management and security

Advanced Management Visibility & Control

Secure Productivity Suite Trusted Workplace

Secure Document Sharing Content Collaboration

Mobile Threat Management Malware Protection

Mobile Enterprise Gateway Enterprise Access


IBM Security

24

Robust mobile security platform

Mobile Threat Management

Trusteer Risk & Event

Detection

QRadar

Unified Endpoint Management

BigFix Mobile Identity Access Control

ISAM

Integrated App Security

Worklight Integrated

Data Security

Guardium

o Automated Policy Compliance o Encryption & Data Protection o Authentication & Restrictions o Containerization & App VPN o Device Quarantine & Wipe


IBM Security

25

A Leader again in the 2015 Gartner Magic Quadrant for EMM

A Leader for 4 years in a row

“IBM's mature shared-processing multitenant architecture is the best-in-class cloud among ranked EMM vendors.”

“Reference customers consistently praise MobileFirst Protect for ease of deployment.”

Thank you!


IBM Security

26

Easy to enable IBM MobileFirst Protect Threat Management

Just reach out to your Account Executive and we can turn on it for you in the same day

Mobile Threat Management Malware Protection


IBM Security

27


IBM Security

28

www.ibm.com/security

© Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.

http://www.ibm.com/security

More from MaaS360: The Mass Malware to Mobile Migration

Mobile

Transcript of More from MaaS360: The Mass Malware to Mobile Migration