Post on 24-May-2020
transcript
I T S O L U T I O N SMobile Security SolutionS
IT SOLUTIONSn 50
YEARSWBENC Certified Women Owned Business Certificate 2005111735 ISO 9001:2008 Registration #10003304
CRN Tech Elite 250 best-of-breed solution providerCRN Solution Provider 500 #65
PROFESSIONAL SERVICES• CloudComputing• DataCenter• DataStorage• DesktopManagement• Messaging• MicrosoftConsulting + Mobile Security
• Networking• Security• UnifiedCommunications• Virtualization• Wireless
MANAGED SERVICES• SystemsMonitoring• 24/7FullyManagedServices• AfterHoursSupportServices• CustomTools/RegularTools
Mobile endpoints enhance productivity but add risk to infrastructure and intellectual property.
Mobile Security SolutionsSecureCommunicationswithConfidence
Mobile Security Solutions overviewMostenterprisestodayarecomfortablewithsecuringandmanagingcomputingendpointssuchasdesktopandlaptops,butmaynothavethesameprocessesforwhatislikelythefastest-growingcomputingplatform:mobileendpoints.LikeaPC,amobileendpointissusceptibletomalware,spyware,andotherthreats.Someexamplesofmobileendpointdevicesare:
• BlackBerries
• Androids
• iPhones
• iPads
• HPTouchPads
• CiscoCius
Notonlyarethesedevicescapableofenhancingproductivity,buttheyalsoopenpathwaystoyourcorporatesystemsanddata.Ifmanagedincorrectly,thesedevicesinadvertentlyopenupsecurityholesandincreaseunauthorizedaccesstoyourcon-fidentialdata,systemsandinfrastructure.
ContinentalResources(Conres)easesyourconcernsofmobileconsumerizationincludingsecurity,liabilityandmanageabilityissues.
Toprovideaproductiveandsecureenvironment,allmobileendpointsmustbereviewed.Remoteaccessanddatabackupprocessesmustbeevaluated,andmechanismsputinplacetomanagestolenorlostdevices(i.e.encryptionand/orremotedevicedisable).Throughexperience,ConResunderstandshowmobiledevicesworkwithenterpriseenvironments.
ConResworkswithyoutoevaluate/createsecurityprocessestoensureyourmobiledevicesareseamlesslyintegratedwithoutexcessivecostandrisk.
Major concerns in Mobile endpoint Security Thereareseveralsignificanttechnialchallengestoovercomewhenaddressingmobilesecurityonyourcorporateandpersonalmobiledevices.YourITstaffwillwrestlewithbalancingtheneedsofyour
employeewiththeneedtosecureyourcorporatedata.
challenges Associated with Mobile endpoint Security
• Theuser’sexpectationforfull-use(businessandpersonal)ofthedevice.
• Theprevalenceofcompromiseddatadevicesandapplications.
• Thebalancebetweenprivacyandsecurity.
• ConsumerizationofIT:Mobiledevicesaredesigned,soldandusedasconsumerdevices,whilesecurityandmanageabilitybecomesecondaryconcerns.
• Mobility:Datareacheseasilyacrossmultipletrustedanduntrustednetworksexposingthedevicestohighrisks.
• Socialnetworks(hightraffic,real-timenetworks)canbeexploitedforattacksonenterpriseinfrastructureanddataanywhere...instantly.
• Mobile,cloud,andvirtualizationtechnologiesconnectenterprisestotheworld,andtransmitinformationwellbeyondcorporatefirewalls.
I T S O L U T I O N S
Ifsomeofthesechallengesmatchyourcurrentenvironment,leveragetheexpertiseofConRestotaketheburdenoffyourteam.EngageConRestoreviewyourchallenges,proposeasolution...andproposeacourseofactionalignedwithyouracceptableriskthreshold.Weensuresecuremobiledeviceaccessinrelationtoyourcorporatedata.
Mobile Device Management is Key“A well-managed device is a secure device.”
Eachdevicehasuniquefunctionalcapabilitiesaswellasanidentifiablesignature.Alongwithitscorefunctionalcomponents,devicesfeatureentirelayersofenhancements,add-ons,hot-fixes,softwareandfirmwareupdates.Thesheernumberofdevicetypes,combinedwithdisparatefeatures,functionsandapplications,servestomagnifyriskandincreaseadministrationcosts.Thekeyistoconfigureandimplementmobile/endpointsecuritysolutionsconsistentlywithacceptableriskandsecurityparameters.
Asmobiledevicesbecomesmarter,theyprovidegreatercorporateaccessandstoremoredata,therebyincreasingtheurgencyofgreatercontrolandmanagement.ConRessharesyourconcernandworkswithyoutoprotectcorporateinformationwhilepromotingsustainedproductivity.
What is endpoint Security?Endpointsecurityisanapproachtonetworkprotectionthatrequireseachcomputingdevice(endpoint)associatedwithacorporatenetworktocomplywithcertainstandardsbeforenetworkaccessisgranted.
What is a Mobile endpoint?Amobileendpointisawirelesshandhelddevicecapableofroamingfromcelltocellwiththeabilitytogainaccesstodatathatdoesnotresidelocallyonthedevice.Thesedevicesalsohavethecapabilitytostoreinformationlocallyonthedevice.
identifying the threatSeveralmobiledevices,likesmartphones,havemanypotentialentrypointsforacompromise.Acompromisedmobiledevicecanprovideawealthofinformationtoanattacker.Duetotheirultraportability,short-rangedevicessuchasBluetooth,Infra-redandWi-fiaremoreviableavenuesofexploitation.
Potential threats from compromised Mobile Devices• SMSmessagesgiveanattackerthe
abilitytosearchforyourpasswordsand/orperformunauthorizedfinancialtransactions.
• Emailsgiveanattackertheopportunitytoaccessyourprivatecorporateinformationsuchascredentialsandpasswordresetlinks.
• Phones:Low-levelaccesstoyourhardwareallowsanattackertorecordorlistentoyourvoiceconversations.
• SocialNetworking:Attackersposeasyou,allowingtheretrievalofyourpersonalinformationandyoursocialcontacts.
• Operatingsystemvulnerabilities.
• Physicalaccesstolost,stolenand/orunattendeddevices.
• Video/Photo:Low-levelaccesstoyourhardwareprovidesanattackerwiththeabilitytoretrievevideoand/orphotosfromyourphonetoprovidedetailsofitssurroundings.
• Built-inGPSorGSMantennasallowattackerstoidentifythelocationofyourmobiledevice.
• Attackersareabletoaccessdocumentsstoredonyourdevice,includingemailattachmentssuchasPDFfiles,Microsoft®Officefiles,credentials,encryptioncertificates,internalvideosande-books.
“They[ConRes]havesomeofthebestengineersI’veeverworkedwith.They’vebeenveryflexibleandveryhelpful.Atheart,they’restillpeople.Attheendoftheday,they’reabletoworkwithyouasacompany,they’reabletoworkwiththeindividuals.They’lldowhateverhastobedone.Thatis,attheendoftheday,ofutmostimportance.Ifthisprojectneedstowork,they’llfindawaytomakeitworkforyou.” ~ Director, Network Operations, Internet and IT of a provider of healthcare information
I T S O L U T I O N S
considerations for Mobile Security Mobiledevicesworkacrossseveraldifferentenvironments,invirtualizedinfrastructuresandwithremovablemedia.Sowhendeterminingyourcorporateorpersonalneedsformobilesecurity,takethefollowingquestionsintoaccount:
• Whatkindsofdataarestoredonyourmobiledevices?
• Whatkindsofriskdoyoufaceandwhatfinancialimpactdotheseriskspose?
• Whatsecuritymeasuresareyoucurrentlyemployingonyourdevices?
• Doyouhaveanymobileapplicationsthatyourcustomersand/orpartnerscanaccess?
• Doesyourbusinessneedtocomplywithanyregulationthatgovernslossofspecifictypesofdata?
• Doyouknowifyourmobileapplicationshavebeencreatedanddeployedsecurely?
• Didyouutilizethirdpartiesinthedevelopmentofyourmobileapplications?
Addressing Mobile Security Now ConResrecommendsaddressingthesecurityconcernsofyourmobiledevicesassoonaspossible.Attentiontosecuritywhileatechnologyisdevelopingisthekeytoensuringthetechnologygrowsintoareliableresource.ConResrecommendsyou:
1.Addressthesecurityaspectsofcellphonesandsmartphonesusedbyemployeesand/orcontractors.
2.Ensureyourmobiledevicesareconfigured,deployed,andmanagedtomeetyoursecurityrequirements.
3.Employtheappropriatesecuritymanagement.
4.Ensureanongoingprocessofmaintainingthesecurityofyourmobiledevicesthroughouttheirlives.
9 recommended Mobile Security PracticesConResrecommendsthefollowingmobilesecuritypractices(ataminimum):
• Forcingencryptionofdataatrestonyourmobiledevices.
• Forcingsecureconnectivityonunsecuredpublicnetworks.
• ConfirmingunauthorizedmobiledevicesdonothaveaccesstoyourcorporateLAN.
• Confirmingmobileuserspendingalignswiththemobilepolicy.
• Authentication:Settingyourdevicetoauto-lockandlimitsforunauthorizedloginattempts.
• Havingaclearpolicyonremotedatadeletion.
• Classifyingdataaccordingtoitssensitivity.
• Allowingonlydigitallysignedapplications.
• Beingawareandabletoadapttotheever-changingmobilelandscape.
.
Statistically Speaking...• By2017,therewillbecloseto9billionmobilesubscriptionsand85%ofthe
world’spopulationwillhaveInternetcoveragevia3G.
~Traffic and Market Report, 2012
• TheworldwidemobilemessagingmarketwasworthUSD202billionin2011.ThisnumberisforecasttorisetoUSD310.2billionbyend-2016.
~Mobile Factbook, April 2012
• Attheendof2011,therewere6billionmobilesubscriptions.Thatisequivalentto87%oftheworldpopulation.Andisahugeincreasefrom5.4billionin2010and4.7billionmobilesubscriptionsin2009.
~The International Telecommunication Union, 2011
“Asenterprisesstartconsideringhowtheywillbuildtheirmobilesecuritystrategy,theymustbepreparedtoinvestincross-platformsolutionsthatcanprovideprotectionforthedataonthedeviceaswellastheenterprisenetwork.” ~Senior Research Analyst, IDC’s Mobile Enterprise
I T S O L U T I O N S Mobile Security SolutionS
continental resources, inc. | 800.937.4688LocalContacts:Boston|Chicago|Connecticut|NewJersey|NewYorkPhiladelphia|WashingtonD.C.Headquarters:175MiddlesexTurnpike,Ste1|Bedford,MA01730-9137ITsolutions.conres.com© 2012 Continental Resources, Inc. Specifications subject to change without notice. Continental Resources not responsible for typographical errors. All product and manufacturer names are trademarks or registered trademarks of their respective companies. Printed in U.S.A. ConRes 10035-1209 (Replaces 10035-1110)
IT SOLUTIONSn 50
YEARS
1. BUSINESSDISCOVERY2. ASSESSCURRENTSTATE3. GAPANALYSIS4. SOLUTIONDESIGN5. PLAN&TEST6. IMPLEMENT7. SUPPORT/TRANSITION8. MONITOR
PROVEN ENAbLING MEthODOLOGy®
To provide the most secure and useful solutions, ConRes follows a Proven Enabling Methodology, a structured approach and framework to plan, design, implement and optimize unique solutions.
21
3
456
8
links to related online content:• FullResourceLibrary• Partnerships&SolutionsOverview• ProfessionalServicesOverview• SecuritySolutionsOverview
21
3
456
8
benefits of Working with conres TheProfessionalServicesteamatConResconsistsofsolutionarchitects,solutionengineersandprojectmanagementprofessionalswhoaverageovereightyearsofexperience.
Protectingyourcorporatesystemsanddataisthemainfocusofourmobilesecuritypractice.Supportingthisinitiativerequiresdistinctpolicyconformance,encryptionand/ordisablingmethodsanduniquedatabackuppolicies.Havingsecuredatarequirespayingattentiontothesmallestdetail...howarethumbdrivesused?Whatothermethodsofdatatransportareused?
ConResworkswithyoutoprovidethenecessarysolutionsandsupporttoensurepropersecuritymeasuresareinplace.
Mobile Security Services ProvidedTocomplementthesesolutions,ConResprovidesevaluation,analysisandimplementationandmanagementservices.
• SoftwareDistributionforEndpointDevices
• EndpointSecurity• CorporateDataSecurity• RemoteAccess• CustomInventorySolutions• CustomSoftwareDistribution• SecurityPolicyManagement• CustomPackageBuilding• CustomData• Collection/CustomizedReporting• SoftwareLicenseCompliance• DataBackup/Recovery
• Configuration&Implementation• SecurityAudit&RiskAssessment• PolicyReview&Recommendation
• SLAReview&Mediation
About conresBuildabetterITinfrastructureanddatacenter,maximizeyourchoiceofITproductsandservices,andstrengthenyourROI–withthefriendlyprofessionalsatConRes,thehybridVAR™.Asahybrid,ConResbringsyouabroadrangeofproducts,combinedwiththeservicesandsupportyou’dexpectfromatraditionalVAR.
Whetheryou’reanITprofessionalinbusiness,academiaorgovernment,youcanrelyonConResforenterprise-classsolutionsrangingfromvirtualization,disasterrecovery,unifiedcommunications,unifiedcomputing,cloudcomputing,security,andnetworkingtoUNIX®,Linux®,andWindows®.
• 50yearsofexperienceandfinancialstability
• 96%customersatisfactionrating(3rdpartysurvey)
• RankedannuallyinthetopthirdontheVAR500(currently#63)
• ElectedtotheCRNTechElite250,best-of-breedsolutionproviders
Experience,stabilityandthirdpartycredentialsmakeConResareliableandtrustworthyresourceforyourITinfrastructureanddatacentersolutions.