Upload
erepublic
View
221
Download
0
Embed Size (px)
Citation preview
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
1/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.1
Mobile Device Management
David Roundtree, CISSPIdentity & Security
Public Sector | State & Local
Date: April 23, 2013
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
2/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.2
This document is for informational purposes. It is not a commi
deliver any material, code, or functionality, and should not be r
making purchasing decisions. The development, release, and
features or functionality described in this document remains at discretion of Oracle. This document in any form, software or p
contains proprietary information that is the exclusive property o
Oracle. This document and information contained herein may
disclosed, copied, reproduced or distributed to anyone outside
without prior written consent of Oracle. This document is not plicense agreement nor can it be incorporated into any contractu
agreement with Oracle or its subsidiaries or affiliates.
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
3/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.3
Agenda Todays Security Challenges
2012 Data Breaches
Enterprise Mobility Challeng
Mobile Identity Management
Mobile Identity Standards
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
4/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.4
INSIDEOUT
SECURITYSTEP BY STEPAPPROACH
DEDE
Copyright 2012, Oracle and/or its affiliates. All rights reserved.4
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
5/39Copyright 2012, Oracle and/or its affiliates. All rights reserved.5
Student Services
BusinessTransformation
Copyright 2012, Oracle and/or its affiliates. All rights reserved.5
CitizenServices
Remote MobileWorkforce
OnlineHealthcare
SocialIntegration
CloudServices
Most Si
in
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
6/39Copyright 2012, Oracle and/or its affiliates. All rights reserved.6
California Dept
of Child Support
Services
Health&Finance
recordsSTOLEN800k US Bureau of
Justice
Statistics
Sensitive DB
Leaked1.7GB
3.8MSta
Ca
Copyright 2012, Oracle and/or its affiliates. All rights reserved.6
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
7/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.7
Attacks cost $$$$ in State Government (2
State of South Carolina Dept. of Revenue >Approximately 3.8 million Social numbers, 387,000 credit and debit card numbers and 657,000 business tax filings were
a recent cyber-attack at the SC Department of Revenue. Fromhttp://www.sctax.org
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
8/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.8
STATE OF UTAH : DATA BREACH
UTAH CTO TAKES THE FALL.
RESIGNATION SOUGHT BY GOV. HERBERTAFTER BREACH EXPOSES DATA ON280,000 MEDICAID RECIPIENTS!!!!
The state has said it will offer free credit monitoring and
identity theft insurance coverage of up to $1 million forvictims of the breach.
Some analysts have held up the breach as a classic
example of the dangers weak or default passwords
controlling access to critical systems and
applications pose to enterprises.
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
9/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.9
1. Brand Decline = Loss of trust
2. Regulatory Fines
3. Finan
Copyright 2012, Oracle and/or its affiliates. All rights reserved.9
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
10/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.10
Mobile Devices in the Enterp
Employees, Citizens, Students, Vendorusing mobile devices
Evolution of BYOD > Bring your o
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
11/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.11
90%companieswith mobileapps in
2014
62%
will depend on sonetworking to conncustomers and pro
Store passwords76% Store passas10%
Source: Information w
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
12/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.12
Mobile Security is Beyond Device Mana
46%Of organizations that all
BYOD reported experie
data or security breach
50%Of helpdesks struggle to
up with mobile apps sup
Source: Mobility Revolution Re
MOBILE SECURITY STARTS FROM INSIDE
Source: Trend Micro Survey, F
58%Building corporate app s
Source: Partnerpedia Survey, A
& C
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
13/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.13
Mobile Identity & Access Challenges
?
Developer
Limited reso
support cha No SSO acr
mobile appli
Challenging
access to da
legacy syste Risky to allo
transactions
devices
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
14/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.14
Guess: The cost of remediating a breach
exceeds the cost of preventing a breach by
10XWe need to start taking a proactive ap
to security!!!
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
15/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.15
SS #s
Credit Card Info
Personal Profile
Denial of Service
Fraud
Collaboration
Privacy
PI
PC
NI
IR
HI
Identity Theft Quality of ServiceData Security
& IntegrityRC
BUSINESS HAVE
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
16/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.16
Demystifying Mobile IdentityManagement and Standards
Shujaat Ali
Principal Security Consultant
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
17/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.17
This document is for informational purposes. It is not a commi
deliver any material, code, or functionality, and should not be r
making purchasing decisions. The development, release, and
features or functionality described in this document remains at discretion of Oracle. This document in any form, software or p
contains proprietary information that is the exclusive property o
Oracle. This document and information contained herein may
disclosed, copied, reproduced or distributed to anyone outside
without prior written consent of Oracle. This document is not p
license agreement nor can it be incorporated into any contractu
agreement with Oracle or its subsidiaries or affiliates.
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
18/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.18
IntegratioInternalUsers Only
Not Scaleable
Propr ie tary
MaintenanceP o i n t 2 P o i n t Fragme
Custom
Inflexible
RigidLegacy
First Generat i
VPN Base
H
St
Slow
C l i e n t S e r v e
E x p e n s i v e
Copyright 2012, Oracle and/or its affiliates. All rights reserved.18
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
19/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.19
EMPLOYEEOWNED DEVICES
LIMITED P& STOR
DESIGNED FORWIRELESS & 3G
CHANGING MOBILE APPLICATION DEMANDS
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
20/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.20
APP
APP
APP
NATIVE
APP
APP
APP
APP
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
21/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.21
APP APP APP
APP APP APP
RESTVPNDOES NOT SCALE
Lower
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
22/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.22
State-full
Cross-network
Devi
Inde
SIMPLIFIES MOBILE APP
REST INTERFACES
Lower
Energy Usage
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
23/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.23
Corporate DMZ Corporate
Mobile and Social
Webgate
Data Interfaces /
Oracle Entitlements Server
API Gateway
Mobile Browser
Native Application
OAM Protected Resource
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
24/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.24
CONTEXTAWARE AUTHENTICATION
?
Device Aware !
Time Aware !
Location Aware !
D
F
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
25/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.25
PATIENTRECORD
xxx xx x
PATIENTRECORD
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
26/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.26
Select Login Authorize
REAL EXAMPLE CONN
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
27/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.27
Login with Facebo
or
Name:
College:
Major:
Minor:
Graduation Date:
Student Advisor:
High School:
Test Date:
Submit
REAL EXAMPLE CONN
COLLEGE TEST PREP S
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
28/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.28
Better Experience
Single Point of Revocation
Blacklist Devices
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
29/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.29
MONITORING &REPORTING
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
30/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.30
Browser & OS statistics
Alerts Location R
Access Trend
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
31/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.31
White Pages
GPS & WIFI Location
Device Registration
Device Tracking
KBA & OTP
User Registration
White\Black List
AccessManagement
PlatformSecurity Services
DirectoryServices
MobileInterfaces
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
32/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.32
Pi
I ns tagram
G o o g l e +
Advertisements
GamesCuration
MixiSocial Mark
U R L S h o
Search Engine Optimization
S o c i a l P u
G a d g e t s
Renren
Promotions
kedIn
u m b l r
TwitterCopyright 2012, Oracle and/or its affiliates. All rights reserved.32
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
33/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.33
Pi
I ns tagram G o o g l e
FacebookYahoo!
Mixi flikr
V e r i s i g n
WordPress
M y O
Copyright 2012, Oracle and/or its affiliates. All rights reserved.33
MySpace
Yahoo!
AO
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
34/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.34
Pi
I ns tagram
G o o g l e +
Advertisements
GamesCuration
MixiSocial Mark
U R L S h o
Search Engine Optimization
S o c i a l P u
G a d g e t s
Renren
Promotions
kedIn
u m b l r
TwitterCopyright 2012, Oracle and/or its affiliates. All rights reserved.34
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
35/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.35
Dro
Evernote
G o o g l e
MySpace
TripIt
Yahoo!
OpenSo
N e t f l i x
Photobucket
Y a m m
Copyright 2012, Oracle and/or its affiliates. All rights reserved.35
SmugMu
VLinkedIn
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
36/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.36
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
37/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.37
Questions?
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
38/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.38
FOR YOUR ATTENTIOTHANK YOUFeel free to contact us at
[email protected]@oracle.com
7/27/2019 KYDGS13 Mobile Device Management - David Roundtree
39/39
Copyright 2012, Oracle and/or its affiliates. All rights reserved.39