31
webinars.plantemoran.com Enterprise Mobility Management

Enterprise Mobility Management

Embed Size (px)

DESCRIPTION

 

Citation preview

Page 1: Enterprise Mobility Management

webinars.plantemoran.com

Enterprise Mobility Management

Page 2: Enterprise Mobility Management

webinars.plantemoran.com

Presenters

Karl Zager, Consulting Manager- Plante Moran, Technology Consulting & SolutionsKarl specializes in the transition of IT for mergers and acquisitions. His work with both U.S. and non U.S. investors has included IT due diligence prior to the acquisition and post-acquisition, the development of a new IT organization structure, global infrastructure design, and project management of the entire IT transition. Karl has spent more than 25 years designing, implementing, and supporting IT infrastructure from the high level global network planning to router configuration and packet analysis. His projects have included Michigan’s two largest counties, school districts, leading hospitals, and the U.S. Military. Karl has received a Network Architect certification from Pine Mountain Group. Karl has a Bachelor of Science in Electronic Engineering Technology from Lawrence Technological University.

Marv Sauer, Consulting Manager – Plante Moran, Technology Consulting & SolutionsMarv has more than 25 years taking clients from initial strategic planning through the successful implementation of a variety of proven and leading edge technologies. He is a talented facilitator of small to large groups working with personnel ranging from end users to executive management. Marv has given presentations at local and national conferences on topics such as Building the Network of Tomorrow, Today and With Strategic Planning First, Successful Implementation Follows. Marv holds a Master of Business Administration in Finance from the University of Michigan and a Bachelor of Science in Math and Computer Science from the University of California, Los Angeles (UCLA).

Kurt VanderWal, Senior Consultant – Plante Moran, Technology Consulting & SolutionsKurt has spent more than 16 years in the information technology field specializing in PCI compliance, network security, local area networks, and file servers. Over the past seven years, Kurt has been performing PCI DSS assessments and network security assessments for financial, education, and government institutions. Kurt holds a Bachelor of Science in Information Systems and has acquired multiple certifications over his tenure.

Page 3: Enterprise Mobility Management

webinars.plantemoran.com

Administration

Slides are available for download from your webcast console. A recording of today’s webinar will be added to our website in a few days.

We will allow time at the end of the presentation to respond to your questions, but please feel free to submit questions at any time.

This is a CPE-eligible webinar. Throughout the webcast, participation pop-ups will appear.

Participants must respond to at least 75% of these pop-ups in order to receive CPE credit.

Page 4: Enterprise Mobility Management

webinars.plantemoran.com

Overview

Organizations adopting an enterprise mobility management mindset and strategic approach to their mobile environments are transforming the way they do business, leading to innovation and growth. In today's competitive marketplace, achieving greater information access, enhanced collaboration, increased productivity, improved customer service, and lower TCO (total cost of ownership) can put you miles ahead of your competition.

At the completion of this webinar, participants will understand: The mobility environment and transformational impact The importance of mobilization planning and strategy Key factors to consider in managing devices, applications, and

services Security and compliance best practices

Page 5: Enterprise Mobility Management

webinars.plantemoran.com

Proliferation of mobile devices including tablets and smartphones

Innovative designs, intuitive, and better access to high speed networks

Integral to staying competitive

Web based applications and services are moving people to the cloud

Dealing with a younger generation of workers

Provides a ‘role model’ for innovation

Greater connection to and engagement with the customer

Improves integration with social networking/media sites

5

Mobility background

Page 6: Enterprise Mobility Management

webinars.plantemoran.com

Increased information access and sharing

Better response times

Improved customer service

Increased productivity and satisfaction

Enhanced collaboration

Increased efficiencies

Reduced costs

Better recruitment of top talent

Greater innovation

6

Reasons to go mobile

Page 7: Enterprise Mobility Management

webinars.plantemoran.com7

Industry applications

Banking

RetailGovernment

HealthcareManufacturing

Page 8: Enterprise Mobility Management

webinars.plantemoran.com

Key considerations Device ownership Applications Platforms

Cloud is about enabling and leveraging technology, but mobility is about enabling and leveraging the business

Focus on the business aspects centered around: Access Management Balance

8

Strategy is key

Page 9: Enterprise Mobility Management

webinars.plantemoran.com

A sound strategy Increases the impact and results Ensures that delivery is cost effective and efficient Provides a means to stay competitive

9

Advantages of a sound strategy

Page 10: Enterprise Mobility Management

webinars.plantemoran.com

How do we support the devices?

What if the user jailbreaks the device?

Do we need to develop apps?

How do we secure the device and data?

Do we need to support every device?

10

How do we stop data leakage?

Do they want it for more than email?

Who gets them and how do we pay for them?

How do we maintain the service expectation?

What about compatibility?

IT concerns

Page 11: Enterprise Mobility Management

webinars.plantemoran.com

The process may take multiple iterations to resolve.

11

Strategy Policy Architecture Tools Procedure

Make nothing public until the process is complete.

Process

Page 12: Enterprise Mobility Management

webinars.plantemoran.com

Decisions are interrelated and can have a huge impact.

12

DeviceOwnership

Plan Coverage

Device Types

Email Apps

Depth of Control

Business Apps

File Exchange

Business –Employee

Relationship,Cost, Productivity

Support

Strategy

Page 13: Enterprise Mobility Management

webinars.plantemoran.com13

Email Only

Data ownership Data leakage Device ownership /

cost Inventory Account

Management Communications

Management

+ Web Applications

Internal Wi-Fi Purpose Specific

+ Internal Business

Applications

Device Compatibility

Inventory Software updates Access control

Data ownership Data leakage Device ownership /

cost Inventory Account

Management Communications

Management Device

Compatibility

Data ownership Data leakage Device ownership /

cost Inventory Account

Management Communications

Management Device

Compatibility Communications

Security Access Control Support Training

Leading Management Concerns by Strategy

Page 14: Enterprise Mobility Management

webinars.plantemoran.com

Device ownership, service provider, coverage, communication costs

Data ownership

Privacy – personal data, device use, location, applications

Device care - damage and loss

User separation

Security – features and user actions

Support – depth vs. cost

14

Policy

Page 15: Enterprise Mobility Management

webinars.plantemoran.com

Device type considerations – environment, capabilities

Access to data – messages (includes calendar and contacts) only apps, synchronization, remote VPN, remote desktop

Data storage and backup

Policy enforcement – security, application restrictions, data leakage

Lockdown – recovery, wipe

Software and configuration distribution

Support – recovery, configuration, backups, updates, applications

Administration – inventory, IDs, rights, monitoring

Device management depth – light, heavy, containerized15

Architecture Components

Page 16: Enterprise Mobility Management

webinars.plantemoran.com

Mail Synchronization Servers (BES, MS Sync, Notes Traveler)

Mobile Device Management Software (Airwatch, Fiberlink, Zenprise, Excitor, MobileIron, Sybase, Good)

Antivirus software (AVG, Kaspersky, ESET)

Mobile VPN clients (most major firewall vendors)

Remote control / Virtual PC (Citrix, VMware, Microsoft, VNC)

Training

16

Management Tools

Page 17: Enterprise Mobility Management

webinars.plantemoran.com

Request process Policy acceptance

Acquisition

Initial setup Apps Accounts Configuration Training

Management

Updates

Enforcement

17

Procedures

Page 18: Enterprise Mobility Management

webinars.plantemoran.com

Why we need to secure the devices

Types of mobile access

Remote wipes

Managing the security of mobile devices

Additional security points

18

Security

Page 19: Enterprise Mobility Management

webinars.plantemoran.com

It is estimated that by 2013 There will be 1.2 billion mobile workers worldwide 75% of all U.S. workers will be mobile at least 20% of the time

Another estimate shows that 36% of cell phone owners have lost a phone or had one stolen

• Of these, almost 90% had no way to remotely lock or wipe the data from them

• Over 50% did not use password protection on their phones

In the U.S., 113 cell phones are lost every minute

19

Why we need to secure the devices

Page 20: Enterprise Mobility Management

webinars.plantemoran.com

While mobility is a top security concern to business, few have addressed these concerns. Why? Businesses and employees are seeing the advantages and pushing

IT to “make it work” There are many different types of mobile devices These devices can be both business owned or employee owned Ability for users to install new, untested applications is too easy

Too many variables

20

Why we need to secure the devices

Page 21: Enterprise Mobility Management

webinars.plantemoran.com

Multiple ways mobile devices attach to the corporate network Internet Access Only (Internal) Remote Access to Email Remote Access to Network Resources and Data

Regardless of the method, both the mobile device and the corporate network need to be protected

21

Types of mobile access

Page 22: Enterprise Mobility Management

webinars.plantemoran.com

Description Staff members bring mobile device (BYOD or Corporate owned) to the office Only want to access Internet

Security Risk Potentially infected devices accessing your corporate network

Solutions Setup a separate Internet-only connection with wireless access

(small companies, banks) Segment all mobile wireless traffic from the corporate network

22

Internet access only

Page 23: Enterprise Mobility Management

webinars.plantemoran.com

Description Staff members accessing corporate email from remote locations

Security Risks Data now resides on mobile device

• Lost data due to stolen/lost device• Via OWA or other client software

User credentials are now sent to/from the mobile device to the corporate network• If insecure, credentials could be stolen

Solutions Restrict the download of documents to mobile devices (OWA) Require the use of a SECURE third party application to access the email (Good,

Sync) Ensure remote locking and remote wiping is enabled and configured properly

23

Remote access to corporate email

Page 24: Enterprise Mobility Management

webinars.plantemoran.com

Description Staff members accessing corporate network and resources from remote locations

Security Risks Devices are accessing an internal corporate resource Spread of viruses/malware across corporate network Data now resides on mobile device

• Lost data due to stolen/lost device

User credentials are now sent to/from the mobile device to the corporate network• If insecure, credentials could be stolen

Insecure mobile devices (screen locks, passwords) lead to compromise of corporate network

Ensure remote locking and wipe are enabled

24

Remote access to corporate network

Page 25: Enterprise Mobility Management

webinars.plantemoran.com

Solutions Require all remote devices go through a NAC prior to accessing the

network Require that communications to the corporate network occur through a

secure VPN or secure portal (i.e. Terminal Services) where data is Read-Only

Ensure that the devices/removable cards are encrypted Ensure strong policies are established and adhered to Ensure remote wipe is enabled

25

Remote access to corporate network

Page 26: Enterprise Mobility Management

webinars.plantemoran.com

What is a Remote Wipe? Erasing the contents of the mobile devices from a remote location (full

or partial)

How is it done? Depending on the device and OS, it typically deletes either the

encryption key OR writes a series of 1’s over the entire phone

Is it effective? Yes

Notes Must be setup and configured prior to device being ‘lost’ If device is being sent in for repairs, a backup should be performed

and then a wipe

26

Remote wipes

Page 27: Enterprise Mobility Management

webinars.plantemoran.com

Managing the security of the mobile devices Implement firewall/NAC technologies which support the mobile

operating systems Limit the types of devices/OS versions allowed to attach Inventory/Manage the devices – Mobile Device Management Ensure that users agree to the corporate policy prior to accessing the

network• Defines ownership of data• Defines required configurations• Prohibits “jail-broken” devices on the network

Security test these devices/apps Provide end user training

27

Managing the security

Page 28: Enterprise Mobility Management

webinars.plantemoran.com

Configuring the devices Enable remote wipes Ensure screen lock passwords are set Ensure screen lock passwords are strong Ensure key pad lock is enabled after a period of inactivity Require Anti-virus and Malware detection software

Act Now!

28

Additional security points

Page 29: Enterprise Mobility Management

webinars.plantemoran.com

Set a short-term and long-term direction

Engage all business units

Get support/buy-in

Include total cost of ownership (TCO) and total cost impact

Include devices, applications, services, security, support, policies, etc. (all facets of mobility)

Establish central governance

29

Best practices

Page 30: Enterprise Mobility Management

webinars.plantemoran.com

Q&A

Q&A

Page 31: Enterprise Mobility Management

webinars.plantemoran.com

Marv [email protected]

Karl [email protected]

Kurt [email protected]

To view a complete calendar of upcoming Plante Moran webinars, visit webinars.plantemoran.com

Thank you for attending