Post on 14-Aug-2020
transcript
February 27, 2012 Copyright 2012 Trusted Computing Group 1
Making BYOD a Security Plus
Steve Hanna
Trusted Network Connect WG Co-Chair
Distinguished Engineer, Juniper Networks
BYOD = Bring Your Own Device
February 27, 2012 Copyright 2012 Trusted Computing Group 2
BYOD = User-Owned Equipment That’s Used for Work
February 27, 2012 Copyright 2012 Trusted Computing Group 3
February 27, 2012 Copyright 2012 Trusted Computing Group 4
0%
5%
10%
15%
20%
25%
30%
35%
40%
Sep-09 Nov-10 Dec-11 Jan-12
Tablet Ownership among US Adults
Source: Pew Internet Project
Income
>$75K
72
4
15
9
Support for Non-Managed Devices Accessing Corporate Resources
Yes
Planning
Considering
Not Planning
February 27, 2012 Copyright 2012 Trusted Computing Group 5
Source: Good Technology
Pros
• Higher Productivity
• Convenience
• Ease of Use
• Better Morale
• Corporate Cost Reduction
Cons
• Security and Risk Concerns
• Regulatory and Policy Issues
• Support Costs
• Subsidy Costs
• Interoperability
February 27, 2012 Copyright 2012 Trusted Computing Group 6
• Uncontrolled Environment
• Higher Risk of Compromise
• Legal and Regulatory Issues
• Shared Equipment with Family
• Handling Equipment Loss
• Handling End of Employment
February 27, 2012 Copyright 2012 Trusted Computing Group 7
Control Access Based on Trust
February 27, 2012 Copyright 2012 Trusted Computing Group 8
Source: TCG Mobile Security Architect’s Guide
February 27, 2012 Copyright 2012 Trusted Computing Group 9
Users Corporate Data
Access
Corporate Data
Storage
Guests Any None None
Uncontrolled
BYOD Employee Only
(During Session)
Limited None
Controlled
BYOD Employee Only
(Permanent)
Broad But
Sandboxed
Limited With
Remote Wipe
Broad With Data Controlled
Corporate Employee Only
(Permanent)
Broad With Data
Leak Prevention Encryption
• Problem
• Support BYOD and mission-critical services on one network
• Tablets, laptops, PCs, wireless projectors, interactive whiteboards,
administrative applications, phones, physical security, etc.
• Solution
• TCG’s Trusted Network Connect architecture and standards
• Authenticate users, identify and assess devices
• Provide appropriate access based on all factors
• Separate mission-critical services
February 27, 2012 Copyright 2012 Trusted Computing Group 10
February 27, 2012 Copyright 2012 Trusted Computing Group 11
Source: TCG Mobile Security Architect’s Guide
• BYOD is here to stay!
• BYOD brings significant benefits and risks
• BYOD risks can be managed with proper tools and policies
• More Trust = More Access
• Sandboxing and Mobile Device Management for Device Security
• Trusted Network Connect (TNC) for Differentiated Access
• BYOD is an executive-level priority
February 27, 2012 Copyright 2012 Trusted Computing Group 12
• TCG Mobile Security Architect’s Guide
• Naperville School District Case Study
• TNC Operations Solutions Guides
• All Available from TCG Web Site
https://www.trustedcomputinggroup.org
February 27, 2012 Copyright 2012 Trusted Computing Group 13