Date post: | 07-Jul-2015 |
Category: |
Mobile |
Upload: | brian-katz |
View: | 359 times |
Download: | 2 times |
Security and Risk in a Mobile World
Who am I?@bmkatz
Day job - Director at Sanofi, Head of End-User Experience and Innovation
Just a nutter with a blog – http://ascrewsloose.com
Host: @themobilecast podcast
3
BYOD is an ownership issue. Nothing more,
nothing less.
4
BYOD is dead! It's all just mobile!
5
Enterprise Security vs Employee Flexibility
6
What it really looks like
7
8
9
10
11
12
13
14
What do all these have in Common?
15
It’s 10am, Do you know where your data is?
16
17
18
19
How do we get started?
Let go of Legacy Thinking
21
Security has to learn to partner with the business
and the users
22
#FUN Principle
Focus on the User Needs!
23
24
25
26
27
Who Crafts the Policy?
• Security
• Legal
• IT
• Business
•Users
29
New Approach to End User Computing
30
31
32
Data
Apps
Device
Netw
ork
IAM
33
34
“Life…finds a way.”
“Users…find a way.”
35
Educate yourselves
36
37
Offer Better alternatives
38
Educate Everyone
39
Everyone is responsible for security…
40
41
Mobile phone users are at least 3x more likely to become victims of phishing
attacks than desktop users
42
There are more than 500 3rd party app stores containing malicious apps
43
Dos and Don’ts
44
M.D.M.
45
Best Practices
• When setting up Data wipe policies, lock phone first, then wipe (reporting skyrockets)
• Invest in IAM and mobile SSO
• Use your tools to figure out what your users are using…
• Involve your users
…….
Best Practices
• Shrink the Perimeter
• Avoid VPN
• Allow app ratings
• Embrace Shadow Innovation
BYOD
• It’s an ownership issue
• Still needs to be addressed in policy
• Who owns the data (international?)
• e-discovery
• People leave…
…….
49
The goal of any technology program is to enable your users to get work done to
achieve business goals
50
Enablement
51
Enablement