Securing Mobile Devices for BYOD Environments Nate Kaminski [email protected] Thank you for...
-
Upload
dwayne-pyburn -
Category
Documents
-
view
214 -
download
1
Transcript of Securing Mobile Devices for BYOD Environments Nate Kaminski [email protected] Thank you for...
Securing Mobile Devices for BYOD Environments
Nate [email protected]
Thank you for joining. We will begin shortly.
Can you hear me?
NO…
1. Turn on/up the volume on your computer speakers
- or -
2. Teleconference into the webcasta. Tick the ‘Request’ box under the
‘Participants’ panel on the right hand side of your screen
Participant
Agenda
Introduction Mobile Device Fast Facts The BYOD Problem “Solutions” to BYOD Lancope Solution to BYOD Conclusion
3
4
What is BYOD?
According to IDC estimates, mobile devices will outship PC’s in 2012 by more than 2 to 1 and mobile device spending will exceed PC spending, growing 4 times as fast. 1
Aberdeen estimates nearly 75 percent of companies currently allow employee-owned smartphones and/or tablets to be used at work. 2
Garter finds that 90 percent of organizations will support corporate applications on personal devices by 2014. 3
Mobile Device are Here to Stay
2:1 90
%75%
4XShipping Spending
Work Use Corp Apps
1: http://events.idc-cema.com/dwn/SF_52232_top_10_preditions_2012.pdf2: http://www.itworld.com/mobile-wireless/151839/75-enterprises-have-byod-policies-53-support-ipads3: http://www.gartner.com/it/page.jsp?id=1480514
5
Organizations should embrace BYOD
According to the Cisco Connected World Technology Report, 1
– 40% of college students would accept a lower-paying job that had flexible IT
– 70% of young workers ignore IT rules
ISACA has found through surveys that– Almost half of young professionals use their own
personal device at work. 2
– Over half of all IT leaders in the U.S. say that employee-owned mobile devices pose a greater risk to the enterprise than mobile devices supplied by the company. 3
1: http://www.cisco.com/en/US/netsol/ns1120/index.html 2: http://www.isaca.org/Pages/Survey-Online-Shopping-Risks-2011.aspx 3: http://www.isaca.org/Pages/Survey-Risk-Reward-Barometer.aspx
6
7
The “BYOD Problem”
Most organizations have… Scarce knowledge of what the device, operating system, or patch
level is Limited control over policy for what resources device can and
cannot access Incomplete information about whose device it is Lack of visibility into what the device is doing on the internal
network and how confidential data is moving around Little understanding of the impact of the device on the network
BYOD: Proposed Solutions by the Security Industry
8
Say No to BYOD BYOD is here whether you embrace it or not
Install agents on the devices You have limited control over the employee’s device
Convert the device to a corporate one
Don’t forget the Your Own part of BYOD
Install more network probes Not a cost-effective nor scalable solution
BYOD REQUIRESA DIFFERENTAPPROACH
Network Security Monitoring Using the Network
9
InternetAtlanta
San Jose
New York
ASR-1000
Cat6k
UCS withNexus 1000v
ASACat6k
3925 ISR
3560-X
3750-XStack(s)
Cat4kDatacenter
WAN
DMZ
Access
9
Cisco Infrastructure Provides the Intelligence...
10
InternetAtlanta
San Jose
New York
ASR-1000
Cat6k
UCS withNexus 1000v
ASACat6k
3925 ISR
3560-X
3750-XStack(s)
Cat4kDatacenter
WAN
DMZ
Access
NetFlowNetFlow
NetFlow
NetFlow
NetFlow
NetFlow
NetFlow
NetFlow
NetFlow
NetFlow
NetFlow
NetFlow
NetFlow
NetFlow
NetFlowNetFlow
10
Internal Visibility from Edge to Access...
InternetAtlanta
San Jose
New York
ASR-1000
Cat6k
UCS withNexus 1000v
ASACat6k
3925 ISR
3560-X
3750-XStack(s)
Cat4kDatacenter
WAN
DMZ
Access
Lancope NetFlow Collector
StealthWatch – A Complete, Integrated Family of Products
Behavior-based flow monitoring
Contextual awareness– Identity– Device– Application– Virtual
The Concern IndexTM
Relational Flow MappingTM
Point of ViewTM
Advanced Querying & Reporting
12
Management Reporting
Custom Dashboards
RelationalFlow Maps
Security Monitoring
Forensics Anomaly Detection
Compliance Mitigation
Network Performance Monitoring
Trouble-shooting
Service Delivery
WAN Optimization
Capacity Planning
APPLICATION AWARENESS
IDENTITY AWARENESS
VIRTUAL AWARENESS
Behavioral Analysis
Flow Collection
StealthWatch
DEVICE AWARENESS
13
StealthWatch Answers The Tough Questions
Who
What
Where
When
How
owns the device
the device is doing
the device is on the network
the device is impacting the network
the device was on the network
StealthWatch can show you…
StealthWatch Monitors BYOD Environments
Monitors the entire internal network by passively collecting data from existing infrastructure and does not use agents, install software, or in any way modify the employee’s device.
StealthWatch monitors and records everything that every user on any device running any operating system is doing on the network and how the network is affected by the user’s actions.
Utilizing patented behavioral analysis techniques, StealthWatch determines whether any device is acting suspiciously, is accessing privileged resources outside of its policy.
14
Behavior-based Analysis
15
Critical Servers Tablet computersMobile phones Marketing
Company with StealthWatch
Company with Legacy Monitoring
Tools
To Enable Early Interjection BEFORE CrisisIm
pact
to th
e Bu
sine
ss (
$ )
Time
credit card data compromised
*
attack identified*
vulnerability closed
*CRISIS REGION
*attackthwarted*early
warning
*attackidentified
*vulnerability closed
attackonset
*
StealthWatchReduces MTTK
Network activity is correlated with user and device information along with physical location on the network And you can also start with the user or device you are looking for and look at its network activity
WHAT
WHO
WHEN
StealthWatch: The Solution for BYOD Environments
18
StealthWatch: The Solution for BYOD Environments
And can drill down to the exact flow:WHEN
HOW BAD
WHO
WHAT
19
StealthWatch: The Solution for BYOD Environments
Including which devices in the network it crossed:
WHY
WHERE
Quick Recap
• BYOD is already hereEmbrace it
• Other solutions do not meet the needs of BYODPrevent BYODInstall agentsChange the deviceInstall more network probes
• With StealthWatch you can gain visibility into every device on your networkUsing your existing infrastructureAnswer the tough who, what, where, when, why, and how questions
• Once you’ve enabled flow collection you can...Gain deep traffic analysis and network visibilityDetect attacks and network anomalies
20
Next Steps
Contact Lancope:
Lancope [email protected]
Visit Lancope @ Blackhatfor a live demo of the StealthWatch System & pick-up your free copy of “NetFlow Security Monitoring for Dummies” book.
21
Questions
Webhttp://www.lancope.com
Blog
http://netflowninjas.lancope.com
Twitter@netflowninjas
LinkedIn : NetFlow Ninjashttp://www.linkedin.com/groups?about=&gid=2261596&trk=anet_ug_grppro
NetFlow Ninjas Challenge http://www.lancope.com/netflow-ninja-quiz
22
Webinar with Forrester Research
23 ©2012 Lancope , Inc. All Rights Reserved.