Embed Size (px)
Citation preview
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 1Cisco Public© 2010 Cisco and/or its affiliates. All rights reserved. 1
BYOD: Security, Policy & Governance
Cisco Distinguished Engineer & Senior Technical Director
Jawahar Sivasankaran
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 2
Improved Employee Satisfaction Cost savings
Increased Productivity
BYOD: Opportunities
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
BYOD: Challenges
Device Proliferation Entitlement Strategy Security
Support Policy Management and Communication
Enterprise Apps, Collaboration, Productivity
Services etc.
*2 year comparison
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
Industry BYOD Spectrum
EnvironmentRequires Tight Controls
Corp Only DeviceManufacturing Environment
Trading FloorClassified Government
NetworksTraditional Enterprise
Focus on Basic Services,
Easy Access
Broader Device Types but Internet Only
Educational EnvironmentsPublic Institutions
Simple Guest
Enable Differentiated Services, On-Boarding
with Security—Onsite/Offsite
Multiple Device Types + Access Methods
Early BYOD Enterprise Adopters
Corp Native Applications, New Services,Full Control
Any Device, Any Ownership
Innovative Enterprises
Retail on Demand
Mobile Sales Services (Video, Collaboration, etc.)
LIMIT ADVANCEDENHANCEDBASIC
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
Enterprise Example: Cisco IT, Service Strategy
• Any Trusted Device
• Industry Standard Platforms
• Cisco AnyConnect and MDM
Scaled Architecture
• Employee Purchased Devices
• Corporate and Personal Service
• Strong Rules of Use
Flexible Liability
• Circular Business
• Client Choice• Any Device
Plans• Competitive
Market• Spend
Management
SP Choice
• Self-Service Content
• One to Many Interactive
• Traditional One to One
Tailored Support
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
Trusted Device Concept:
Architectural PrinciplesDevice security posture assurance
User authentication and authorization
Secure storage of corporate data at rest
Execution Elements
Policy Enforcement Local Access ControlDevice EncryptionRemote Wipe *Inventory Tracking
Asset Management Device Registration
Device Identification
User Audit Trail
Forensic Capabilities
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
BYOD : Centralized Policy Enforcement
• Identity of a device on the network• Quantify the risk
1. Profiling
time
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
BYOD: Tiered Policy and Security
Register
Profile Posture
Enforcement
Internet Only
Networking (ION)
Core Network
(Corporate Wifi)
Guest Network
Cloud Services
Management
4 Digit PIN 10 Minute
TimeoutRemote
Wipe
Encryption
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
Remote Access /VPN(Hardware & Software)
WIRELESSWIRED
Unified Access
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
Thank you.
