Upload
others
View
8
Download
0
Embed Size (px)
Citation preview
主題:行動應用改變整個世界:您做好迎接巔覆終
端使用者運算的準備了嗎?
公司名稱:MobileIron
主講人: Brain Shen, 亞太暨日本資深產品經理
MobileIron Confidential
Security Scale Simplicity
MobileIron Confidential
11,000 Customers
500,000 devices Largest deployment
>70% Enterprise billings
>500 Global 2000 Customers
Large, global customers
MobileIron Confidential
MobileIron
Security Labs
MobileIron Confidential
Mobile Threat Vectors
Malware and Risky Apps
• Stolen credentials
• Data exfiltration
• PII exposure
Device
• Device/ OS vulnerabilities
• Device/ OS compromise (e.g.
“jailbreaking/ rooting”, USB
debug, custom ROMs)
• OS updates not applied
• Violation(s) of corporate
security policies
User Data Leakage
• Copy/paste
• Screenshot
• Open-in
• Personal cloud storage and sync
Unprotected Networks
• Open Wi-Fi
• Man-in-the-middle attacks
MobileIron Confidential
Exploits reinforce new threat and remediation approach
Notified: Jul 27, 2015 Attacks through overflow vulnerability in old versions of Android Mitigate: Quarantine by OS version until affected devices upgraded EMM required
Notified: Aug 30, 2015 Exposes owner’s iTunes credentials on jailbroken iOS devices Mitigate: Identify and selectively wipe jailbroken devices EMM required
Notified: Sept 17, 2015 Hacked dev tool library allows phishing and information collection Mitigate: Identify and quarantine devices with compromised apps EMM required
Notified: Oct 4, 2015 Abuses private APIs to compromise, replace, and launch apps Mitigate: Quarantine by OS version until affected devices upgraded EMM required
EMM provides data protection and incident response
MobileIron analysis based on public security notifications
MobileIron Confidential
The first company in the world to
receive Common Criteria
certification for Mobile Device
Management Protection Profile V2.”
MobileIron Confidential
OneTouch
MobileIron Confidential
appconfig.org
Best practices and tools for using native app frameworks
Feb launch of AppConfig Community EMM-neutral and app-neutral educational community
MobileIron Confidential
MobileIron Confidential
Android has 78% market share in WW smart phone market and enterprise adoption is
accelerating
Android adoption is accelerating
*Q42015 VPON Report
MobileIron Confidential
Your enemy is anything that limits your ability to take advantage of innovation
MobileIron Confidential
34 EMM patents granted
28 for security
Management of certificates for mobile devices Proxy-based access, transmission, and installation of mobile certificates
US8494485, US9300476
App security Management of mobile applications Distribution of mobile applications through an enterprise app store
Analytics Mobile activity intelligence Collecting and analyzing mobile usage data US8340633, US9042862
BYOD Selective management of mobile device data Privacy policy and management of business data on personal devices US8695058
US8359016, US8731529, US8862105
Data security Auto-insertion of information classification Classification of enterprise information with minimal user interaction
US8813242
Mobile posture-based policy, remediation and access control Security state of mobile device to determine level of access to enterprise resources
Secure virtual file management system Encryption, key management, and policy for distributed content systems
US8869307
US8863297, US8863298, US8863299 US9213858
Remote verification for configuration updates Method for confirmation of appropriate configurations on device
Messaging gateway Message-based communication across applications US8918529
Self-removal of enterprise app data Ability of an app to remove its own data based on policy
US8949201, US9235584
Architecture Virtual instance architecture for mobile device management systems Underlying systems architecture
US8060074, US8396465, US8626147, US8811970
Secure mobile app connection bus Secure app-to-app communication on device
US9059974
Distributed management with embedded agents in enterprise apps Management of applications independent of operating system
US9043460
User interface for secure virtual document management system Policies for managed content
US9122887
Secure access to mobile applications Policy-based authentication and access to apps in an enterprise zone
US9210157, US9210170
Secure copy and paste of mobile app data Ability to secure transfer of data across apps
US9235717
Rule based mobile device management delegation Rules dynamically assign device to management partition with associated policies
US9271142
Adaptive encryption optimization Optimization for secure tunneling of applications
US9306913
Partitioned application environment Partition-based separation of app data and requests
US9348678
US8898748, US9203698
Preventing content data leak on mobile devices Data protection to prevent untrusted apps from accessing trusted data
US9349018
MobileIron Confidential
Growth trends
Apps
Desktop
Cloud
Internet of Things
MobileIron Confidential
Broad ecosystem partners deliver choice
TeamViewer
Workday
Syncplicity
Xamarin
GoFormz Element55
AirWatch Box Cisco Jabber Bigtincan
Deputy Docusign Dropbox
Kinvey
Telogis Webalo
HipaaChat
BlueJeans Boxer
Wandera
ScrollMotion Showpad ServiceMax
Salesforce SDK Roambi
StarMobile Socialcast
TeamWire
Cotap
Keeper Security Kony Microstrategy
OnBase
MightyMeeting
Nachocove Replicon Movius
Fotonotes
X1 Telemessage
Acacus
SkyGiraffe
Concur
IBM MaaS360
Cellcrypt Cortext
Fliplet Ink Screen JAMF
Lua M-Files MobileDay MobileReach Mobisystems
Oracle PatientSafe ProntoForm Qlik qliqsoft
Salesforce1 SeeCrypt SuccessFactors
Telerik Vaporstream Vigilant Apps
MobileIron 60+ ISVs
MobileIron Confidential
Rethink IT operations model: • More secure • More agile • More cost-effective
“EMM is critical to the success of our enterprise customers.” Microsoft keynote (2015 MobileIron user conference)
MobileIron Confidential
By 2018, 40% of organizations
will manage a portion of their
PCs/Macs with an EMM system,
up from fewer than 5% today.”
MobileIron Confidential
Standard Authentication
App-to-Cloud Security in Action
CASB
Identity/IDP (SAML) User ID?
Secure Device?
Secure App?
Salesforce Office365 Workday
SAP Oracle Concur
Google Drive box Dropbox
Biz Apps (secured)
Conditional Access Approved
Conditional Access Denied
Sloppy Apps (not secured)
Personal Apps & Cloud Services
No special App or Identity coding
Customized Block Alert
Your access to this Cloud Application is blocked for security reasons. In order to securely access this Cloud Application, please use a properly secured mobile device and download
apps from [Company Name] enterprise app store.
Go to the [Help Center Link] for more information or contact the helpdesk at
[Help Center Email]
Optional: Steer mobile app traffic to CASB for further
inspection
MobileIron Confidential
Mobile technology adoption Attendees from Mobile First Conference May 2016
Attendee profile
70% have a BYOD program
81% use identity certificates
79% have an enterprise app store
72% have deployed Android
40% use API for integration
83% will EOL BlackBerry in less than 1 year
22% do all five
MobileIron Confidential
MobileIron EMM Solution
Apps@Work Enterprise app store
Docs@Work Secure content
Web@Work Secure browsing
Help@Work Troubleshooting
Tunnel Per app VPN
Enablement
Email+ Secure email
Cloud Security Enforcement Policy and Identity
Conditional Access Integration
Note: Some features will vary by device and deployment model
MobileIron Confidential
Secure Mobile Apps
Developed various in-
house mobile apps using
MobileIron AppConnect
SDK
Improved User Experience
Using iPad to
Provide the latest
promotion to customers;
Provide the most up-to-date fund performance;
Apply credit card for
customers
Mobilized Work Force
Secure way to access intranet
Secure email
Use Cases – Hong Kong Financial Customer
MobileIron Confidential
Challenge Need to increase ASPs Training cost of 33,000 employees across 120 countries Need to create a differentiated and improved customer experience
Solution Manage 11,000+ iPad Deploy and Manage POS apps Paperless product catalogues and training materials
Benefit
10+ NPS - customer communication and collaboration improved Lower training cost 7% increase in retail sales ASP
MobileIron Confidential
Queensland Police
Challenge Police officers accessing person and vehicle checks over radio was time consuming
Solution
Provide 24/7/365 access to protected data instantly to 9,000 Devices Audit privileged access to data Provide email & Intranet access
Benefit Improved policing Increased productivity, saved almost 700K person hours a year Intuitive & native end user experience Work instruction manuals provided on device Access to other information like CCTV cameras can be added to the platform