Date post: | 16-Apr-2017 |
Category: |
Mobile |
Upload: | ibm-maas360 |
View: | 503 times |
Download: | 4 times |
© 2015 IBM Corporation
Vaporstream and IBM
Kaushik Srinivas, IBM
Galina Datskovsky, Vaporstream
Avi Elkoni, Vaporstream
December 8, 2015
Making Mobile Messaging Manageable and Secure
2 © 2015 IBM Corporation
Housekeeping items
Duration – 60 minutes
Submit your questions to all
panelists in the Q&A box located
in the bottom right corner of your
screen
Recording and slides will be
emailed to you
3 © 2015 IBM Corporation
Agenda
• Mobile Application and Data Security • Drivers for separation of work data on mobile devices
• App containerization
• SDK and App Wrapping
• Need for Secure Messaging
• Secure Messaging • Introduction to Vaporstream
• Enhance security with MaaS360
• Integration walkthrough
• Q&A
© 2015 IBM Corporation
Mobile Application & Data Security Kaushik Srinivas, IBM
5 © 2015 IBM Corporation
Protect sensitive corporate data
Deploy public and enterprise apps
Provide access to work content
Top enterprise mobility initiatives
5
Embrace Bring Your Own Device (BYOD)
Migrate from BlackBerry to multi-OS
6 © 2015 IBM Corporation
Dual Persona to Separate Work and Personal
Secure Mail
Application Security
Secure Browser
Secure Document Sharing
6
WorkPlace Container for Mobile Collaboration
7 © 2015 IBM Corporation
Enterprises need ability to secure corporate data on any smartphone or tablet
First phase - Email, Calendar, Contacts and
Browser
The next stage of EMM evolution is securing other
work apps and providing easy access to back end
resources
Application Security SDK or wrapping can achieve
this for both in-house Enterprise apps and Public
apps
7
8 © 2015 IBM Corporation
Incorporate security right from the beginning
App Wrapping
Post-development
code injection
Zero coding required
Software Dev. Kit (SDK)
Use libraries as part of
development
• Authentication & Single Sign On
• Data Loss Prevention (DLP) - Restrict copy-paste
- Open-in controls
• Per-app VPN
• Block usage on non-compliance
• Data encryption
9 © 2015 IBM Corporation
Many regulated industries need additional capabilities to control
data flow via messages
– Healthcare
– Finance, Banking & Insurance
– Federal, State & Local Government
Sought after messaging features
– Auditing
– Track and trace
– Encryption
Importance of Secure Messaging
10 © 2015 IBM Corporation
Deploy using the Enterprise App Store
• Consolidated Management
interface independent of OS
• Deploy and update apps without
delay
• Integrate with existing
infrastructure (Ex: Active
Directory)
• Control app security through
policies
• Version control of apps
11 © 2015 IBM Corporation
Manage - App Discovery and Collaboration
Web-based App Catalog for
Mobile Apps
Discovery portal for all
platforms
User sharing and linking of
apps
User application review and
rating system
Secure, Compliant, Mobility
Messaging and Management with
MaaS360 and Vaporstream
Galina Datskovsky, Ph.D., CRM
CEO, Vaporstream
Text Messaging and Mobile Chatting:
The Next Wave
Worldwide, over 350 billion text messages are
sent each month.1
Instant messaging dwarfs this number, at 50
billion per day, or 1.5 trillion per month.2
1 2014 Text Messaging Usage Statistics. (n.d.). Retrieved August 19, 2015. 2 "50 Billion Instant Messages Expected to Be Sent Each Day in 2014." Business ETC.
Accessed August 25, 2015.
13
13
Privacy and Security Issues in Enabling
Mobile Communication
Assuring Corporate Data is Separate from Private Data
Handling potential data breach if phones are lost or stolen
Protecting information once it leaves the device
Sender control is lost
14
Vaporstream:
The Ephemeral Messaging Platform
Provides a simple yet highly secure messaging solution
Prevents unintended proliferation of content
Ensures the sender retains complete control
15
Why Should a Secure, Compliant
Messaging Solution be a Part of Mobility
Management?
Video
16
Patented Secure Messaging
Truly ephemeral communications – encrypted in transit and on devices – no residual information – data is cleared from all devices and servers, sender
controlled or scheduled basis
Message header / body separation
Image obfuscation to block screenshots
Application on devices prevents copy, forward, print and save
17
Integrated Business Controls
and Compliance
Corporate Security Model
– Address Book integration with Active Directory & LDAP
– Synchronize Security Groups and Admin Consoles
– SSO and Dual Factor authentication
– Mobile Device Management (MDM) containerization
Corporate Governance and Compliance
– Information Governance Module Secure copy stored to organization’s system of record
No propagation risk, no additional copies, anywhere
Tagging and identification allow for specific retention and audit/discovery, legal hold policies
18
Secure Messaging in Action
Managed in the
MaaS360
Catalog and
Container
20
VS2 for
MaaS360
ICON
21
Common login
and pin
integration with
other MaaS360
Corporate Apps
22
23
Integrated
Contacts with
Phone and
Corporate
Directories
24
Simple to use
mixed text and
image chat
25
Unique Patent Pending Image Obfuscation
26
Sender controlled
27
28
Decades + Security, Compliance & IG Expertise
Truly Ephemeral Messaging Platform
Compliant Messaging via IG
Sender Control with Image Obfuscation
Hardened Security & Data Encryption
Scalable, Available Hosted Solution
The Ephemeral
Secure Messaging
Platform
Uniquely Addressing Secure Messaging
Key Takeaways
1. Mobile Workforce Enablement and efficiencies
can can be accomplished without sacrificing security,
privacy and compliance.
2. Understand organization and industry compliance requirements
and help ensure that they are met for all content, including
messaging/ texts.
3. Ensure that confidential and private information is protected and
accessible only by those who require access.
4. Ensure technologies like encryption, secure ephemeral messaging
and mobile device management are implemented for protection.
5. MaaS360 and Vaporstream provide a unique combination that
enables organizations to easily deploy a secure and compliant
messaging platform
31 © 2015 IBM Corporation
Q&A
© Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any
kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor
shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use
of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or
capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product
or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries
or both. Other company, product, or service names may be trademarks or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside
your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks
on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access.
IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other
systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE
IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.
THANK YOU www.ibm.com/security