Embed Size (px)
Citation preview
Enterprise Mobility Strategy Evan QuinnSymantec Strategic Trend Marketing – MobileMarch, 2012
2015
Apps/DataSaaS / Internet / Cloud
Devices
What Do We Believe About The Future?
Any Device, Any Time
Identity Management & Access Control
Data Is Everywhere
Cloud/Network Access
Growth of new computing platforms: smart phones, devices and tablets
No single sign that enable secure ubiquitous access to applications, data and devices
Coexistence of corporate, personal data and policies
Multiple people accessing data
Unknown network performance, availability, and security
Insecurity in the transport of data
Customer Challenges of the Post PC EraThe evolution of computing platforms introduce risk
Enterprise Mobility Strategy
AV
DLP
..
Company DataPersonal Data
Our Vision . . .
Corporate / Personal App & Data Separation
SaaS Applications
Personal Applications
Data Center Applications
5Enterprise Mobility Strategy
Devices
Corporate-Owned Personally-Owned
Man
aged
Unm
anag
ed
Future Devices
177M Corp PCs300M Smarphones15M Tablets
246M Corp PCs293M Personal PCs819M Smartphones116M Tablets
Consumerization is Driving DisruptionEmbracing the Personally-Owned & Unmanaged – “BYOD”
Enterprise Mobility Strategy 7
Relevent Devices
Today
Full
Cont
rol
Info
/App
Acc
ess O
nly
TraditionalFocus
EvolvingFocus
Data Sources: Gartner, & IDC
Understanding Managed & Unmanaged Mobility Customers need to provide a solution for both the managed and unmanaged use cases within the enterprise
Data separation solutions evolve through APIs
MDM enables device management &
compliance
MDM is a foundation for policy management
Corporate / Personal separation becomes a
non-issue
Applications must be protected individually
Data between applications must be
secure
Enterprise Use Cases
Managed Unmanaged
Secure Apps & DataManage The Device
Enterprise Mobility Strategy
Defining Enterprise Mobility Management5 key areas of investment
Enterprise Mobility ManagementThreat
ProtectionExpense
ManagementDevice/UserManagement
Apps/Data Protection
Enterprise/Cloud Integration
Advancing compliance automation
Secure collaboration
Best in class Mobile security
Enterprise app store & expense
control
DLP for Mobile; service brokering
identity
Managed Devices
Unmanaged Devices
Datacenter/Private-Cloud
Public Cloud Services
Security/protection agents
Security/protection agents
SYMANTEC O3
Enterprise Mobility Strategy 9
Configuration, control and management of mobile devices
Corporate data separation and delivery of IT services
Core security functionality across platforms
Management and control of mobile expenses
Integration across the enterprise, including DLP, PKI, VIP & Cloud
Symantec Mobile ManagementComprehensive Enterprise Mobility Management - MDM
EnableActivate enterprise access, apps and data easily and automatically> iOS, Win Mobile, BB, Symbian
SecureProtect enterprise data and infrastructure from attack and theft> Prevent JB, ensure passcodes, …
ManageControl inventory and configuration with massive scalability> Integrated with an overall endpoint management strategy
Enterprise Mobility Strategy 11
Clean Traffic
Enterprise Integration: DLP for Mobile
DLP for Tablets• Monitor and protect confidential content flow across PIM and web traffic• MDM managed traffic routing/backhaul from tablets to network DLP• Enforce all DLP policies against all/some mobile trafficJan ‘12
Network DLP
Backhaul; VPN OnDemand
InternetInternet Local Allowed Trafic
ProtectedDomain Realms
Optional
Enterprise Mobility Strategy 12
Mobile Security for Smartphones & Tablets
Mobile Security for Android
• Integrated into win/symbian protection console
• Scheduled /Manual Anti-malware scanning
• App blacklist/whitelist enforcement• Uninstall protection, resilience• Basic locate/lock/passcode reset/wipe and
anti-theft • Single console mgmt/licensing/reporting
Jun ‘12
Enterprise Mobility Strategy 13
Mobile Security for WP7/8 - iOS
But What About Solving The Challenges BYOD?
Enterprise Mobility Strategy 14
Key Challenges in Securing Mobile Apps
Limited ability to deploy apps across platforms
No way to manage app authentication
No native way to prevent “cut & paste”
No corporate / personal data separation
Lack of app-specific security controls
Symantec Apps
Internal Apps
App Store Apps
FORD JPMCKaiser
Personal
Mexico iO-Zone
Our Approach to Protecting Mobile Apps
Enterprise Mobility Strategy 15
Personal
Mexico
FORD JPMCKaiser
Enterprise Mobility Console
iO-Zone
Symantec Apps
Internal Apps
App Store Apps
Secure App CenterFeature-set
App deployment & provisioning User authentication across apps Copy & paste prevention Per app file encryption Remote data/app wipe iOS & Android support
App
Symantec O3TM: The New Cloud Control Point
Symantec Advances Enterprise Mobility Strategy
Extend internal security policies to public and private cloud services accessed from mobile devices
Symantec O3™
Private Cloud
Information Protection Control Security ComplianceAccess
ControlCloud Visibility
Enterprise Mobility Strategy
17
Strong Authentication to Enterprise Resources
• Protects the front door• Delivers best practice, 2 factor
authentication• What you know: Username and
password• What you have: a device that
delivers dynamic passcodes or stores a digital certificate
Account Logon Protection Transaction Protection
• Secures higher risk transactions• Utilized for transaction
authentication
Secure Access to B2B and B2C web applications– Can be supported with either one time password or PKI credentials
Enterprise Mobility Strategy
Controlled Access to ANY Web Apps (intranet & Cloud)
Login using corporate ID App embedded OTP (silent)
1-click access with DLP policy to control confidential content
O3 gateway acts as SSL VPN and returns list of authorized apps for user and device (context based policy)
Enterprise Mobility Strategy
Symantec Enterprise Mobility - Big Picture
Corporate Persona
Enterprise Management ConsoleSymantec Mobile Management
• Device enrollment, provisioning,…
• Platform for providing MDM capabilities
• Enterprise App Store, app deployment
• Corporate Document / Media Library
• VPN Configuration & Compliance
• Compliance (of all device settings/policies)
• Locate, Lock, Reset, Selective Wipe, Full Wipe
MDM
AdvancedMDM
DLP
Anti-theft
• Native Email, Calendar, Contacts
• Native apps, management deployment in Mobile Management
• App data encryption
• Secure interaction between apps, cloud; remediation controlled by policy
Symantec Mobile App Management*
Email / PIM,MEAP, & Strong
Security forNative Apps
• Anti-malware, Web Protection
• Basic Anti-theft
• App Reputation (performance, battery, etc)
Protection where needed
Symantec Mobile Security
Personal Apps & Data
Unmanaged Persona
Mobile File Sharing
• SaaS based console
• Sync / Share documents & media
• Available across PC, Mac, iOS, Android
Secure Collaboration
* Forward looking statement; subject to change at any time
Symantec ioZone*
• Internal Corporate Web Apps, SSO
• External Corporate Web Apps, SSO
• Data from Web Apps on device
• Office/PDF files Sync’n’Shared on device
• Traffic to/from Corporate Web Apps
• From Symantec Mobile Management
• Office/PDF files Sync’n’Shared on device
MIAM
Encryption
DLP
Doc Viewer
+ O3
Reverse Proxy MobileWeb App Authentications
Enterprise Mobility Strategy
Symantec Enterprise Mobility - Big Picture
Personal Apps & Data
Unmanaged Persona
Corporate Persona
Symantec Mobile Management
Symantec ioZone*
• Internal Corporate Web Apps, SSO
• External Corporate Web Apps, SSO
• Data from Web Apps on device
• Office/PDF files Sync’n’Shared on device
• Traffic to/from Corporate Web Apps
• From Symantec Mobile Management
• Office/PDF files Sync’n’Shared on device
MIAM
Encryption
DLP
Doc Viewer
• Device enrollment, provisioning,…
• Platform for providing MDM capabilities
• Enterprise App Store, app deployment
• Corporate Document / Media Library
• VPN Configuration & Compliance
• Compliance (of all device settings/policies)
• Locate, Lock, Reset, Selective Wipe, Full Wipe
MDM Basic
AdvancedMDM
DLP
Anti-theft
• Anti-malware, Web Protection
• Basic Anti-theft
• App Reputation (performance, battery, etc)
• Android 1st
Symantec Mobile Security
Enterprise Management Console
• Native Email, Calendar, Contacts
• Native apps, management deployment in Mobile Management
• App data encryption
• Secure interaction between apps, cloud; remediation controlled by policy
Symantec Mobile App Management*
Email / PIM,MEAP, & Strong
Security forNative Apps
+ O3
Reverse Proxy MobileWeb App Authentications
Mobile File Sharing
• SaaS based console
• Sync / Share documents & media
• Available on PC, Mac, iOS, Android
Secure Collaboration
* Forward looking statement; subject to change at any time
Protection where needed
Enterprise Mobility Strategy
Thank you!
Copyright © 2011 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.
This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.
Thank you!
22
Symantec Confidential and Proprietary
