Deploying Mobility Securely. The Risks It’s just my calendar! Theft and loss Personal device ownership Malicious software Cracking and hacking.

Slides:



Advertisements
Similar presentations
Network Security.
Advertisements

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.
© 2012 All rights reserved to Ceedo. Enhanced Mobility with Tighter Security.
Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.
Lee Hang Lam Wong Kwun Yam Chan Sin Ping Wong Cecilia Kei Ka Mobile Phone OS.
1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Remote Access Network Management Kelly Given Allison Traina.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
802.1x EAP Authentication Protocols
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Remote Networking Architectures
Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.
CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
Copyright Microsoft Corp Ramnish Singh IT Advisor Microsoft Corporation Secure Remote Access Challenges, Choices, Best Practices.
PKI Network Authentication Dartmouth Applications Robert Brentrup Educause/Dartmouth PKI Summit July 27, 2005.
Module 11: Supporting Remote Users. Overview Establishing Remote Access Connections Connecting to Virtual Private Networks Configuring Authentication.
Public Key Infrastructure Ammar Hasayen ….
1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft.
Windows 2003 and 802.1x Secure Wireless Deployments.
Using Mobile Computers Lesson 12. Objectives Understand wireless security Configure wireless networking Use Windows mobility controls Synchronize data.
Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.
Course 201 – Administration, Content Inspection and SSL VPN
OV Copyright © 2011 Element K Content LLC. All rights reserved. System Security  Computer Security Basics  System Security Tools  Authentication.
1 Chapter 8 Securing Information Systems. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam
LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.
PROJECT PAPER ON BLUEFIRE MOBILE SECURITY. BY PONNURU VENKATA DINESH KUMAR STUDENT ID # A0815 PROFESSOR – VICKY HSU CS-426.
WIRELESS LAN SECURITY Using
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
© NeoAccel, Inc. TWO FACTOR AUTHENTICATION Corporate Presentation.
Technology Overview. Agenda What’s New and Better in Windows Server 2003? Why Upgrade to Windows Server 2003 ?  From Windows NT 4.0  From Windows 2000.
The Windows NT ® 5.0 Public Key Infrastructure Charlie Chase Program Manager Windows NT Security Microsoft Corporation.
Deploying and Managing Mobile Devices in the Enterprise.
Solutions for Secure and Trustworthy Authentication Ramesh Kesanupalli
Module 8 Configuring Mobile Computing and Remote Access in Windows® 7.
TNQ How To Implement Secure, Web-Based Business Solutions Based On Windows ® 2000 Server And Internet Information Server 5.0 Name Title Microsoft.
1 Chapter 8 Copyright 2003 Prentice-Hall Cryptographic Systems: SSL/TLS, VPNs, and Kerberos.
George L. Heron Technology Officer, SafeNet, Inc..
Module 8: Designing Network Access Solutions. Module Overview Securing and Controlling Network Access Designing Remote Access Services Designing RADIUS.
May 30 th – 31 st, 2006 Sheraton Ottawa. Mobile Security Windows Mobile 5 Rick Claus IT Pro Advisor Microsoft Canada
Passwords are not able to keep user safe.
Abdullah Alshalan Garrett Drown Team 3 CSE591: Virtualization and Cloud Computing.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Module 9: Fundamentals of Securing Network Communication.
May 30 th – 31 st, 2007 Chateau Laurier Ottawa. Helping to Secure Data while on the Run Greg Milligan Mobility Solutions Manager Microsoft Canada Co.
Maintaining Network Health. Active Directory Certificate Services Public Key Infrastructure (PKI) Provides assurance that you are communicating with the.
One Platform, One Solution: eToken TMS 5.1 Customer Presentation November 2009.
Module 8: Designing Security for Authentication. Overview Creating a Security Plan for Authentication Creating a Design for Security of Authentication.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Mobile enabling existing applications. BMIST DD 1380 ReadinessSF 600.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
2 nd September Mobile Device Security Jason Langridge Mobile and Embedded Device Division 2 nd September, 2004.
©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. Securing Your Data in Endpoint and Mobile Environments Frank Suijten Security.
This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Using Mobile Computers Lesson 12. Objectives Understand wireless security Configure wireless networking Use Windows mobility controls Synchronize data.
Deploying and Managing Mobility Securely Jason Langridge UK Mobility Business Manager.
Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Remote Authentication Dial-In User Service (RADIUS)
Mobile Security for QlikView
Mobile Security for QlikView
Server-to-Client Remote Access and DirectAccess
Goals Introduce the Windows Server 2003 family of operating systems
Public Key Infrastructure from the Most Trusted Name in e-Security
Implementing Client Security on Windows 2000 and Windows XP Level 150
Presentation transcript:

Deploying Mobility Securely

The Risks It’s just my calendar! Theft and loss Personal device ownership Malicious software Cracking and hacking

Attack surfaces 1. Secure the device 2. Secure the data 3. Secure the communications

Security Practises Perform Risk Assessment Establish Policy for: 1.Authentication 2.Encrypted Connectivity 3.Encrypted Data 4.Anti-Virus 5.Execution Control Automate enforcement Recovery

1. Authentication Device Password Network/Internet Access Certificates

Device Password - Microsoft 4-digit PIN (Pocket PC) Strong password (Pocket PC & SmartPhone) >4 digit PIN (Smartphone) Exponential delay with incorrect password Password protected ActiveSync partnership

Device Password – OEM Fingerprint reader HP iPAQ 5400 Series

Device Password – 3 rd Party Picture sequence –Tells a story –Easy to remember Picture order changes –Avoid pattern recognition –Balances screen scratches Short and long sequence –Quick access short PIN –Incorrect PIN reverts to long PIN Pointsec Software

Device Password – 3 rd Party Password Replacement Secures PDA access –Uses secret sign biometric –Sandia Laboratories Tested Scenarios –Information warfare –Homeland defense –HIPPA compliance –Enterprise security Crypto-Sign Crypto-Sign TM

Network/Internet Access NTLM Authentication Challenge Handshake Authentication Protocol (CHAP and MS-CHAP versions 1 and 2) Password Authentication Protocol (PAP)

Certificates Support for x.509 certificates Can authenticate users, operators, and servers Securely stored, managed and deleted on the device

2. Encrypted Connectivity VPN protocol support –PPTP and IPSec/L2TP Encryption for secure web sites –128 bit SSL –WTLS class 2 Encryption for LAN connectivity –VPN –802.1x – EAP-TLS and PEAP

3. Data Protection Limit the data to just what is needed…. Data resident on storage cards Cryptographic services for applications are built-in (Crypto API v2) SQL-CE provides 128-bit encryption (PPC only) Data that’s never on the device can never be lost. –Web-based applications –Terminal Services

4. Anti-Virus Software Built-in APIs for Anti-virus solutions –Computer Associates –F-Secure –McAfee –SOFTWIN Personal Firewall –Bluefire Security Technologies –Check Point VPN-1 SecureClient

5. Execution Control Smartphone now - Pocket PC in future release. Based on application signing and protects in two ways: –Installation –Execution Modes of operation –All apps allowed –Prompt user when un-signed app is trying to install or execute –Only signed applications (chaining to a trusted root certificate) are allowed Can revoke applications –By author (revoke a signing cert) –By executable (revoke a hash) Windows Mobile: Mobile-2-Market program –Run registered applications as unprivileged

Automated Enforcement Odyssey Software –Policy management facility that limits which applications a user can access at specific time periods of the day Trust Digital LLC –PDASecure Policy Editor provides centralized management to push security policies to all your PDA users Symbol Technologies, Inc. –Policy management facility that limits which applications a user can access

Recovery Replacement devices Backup file Data on PC Data on network server Restore process on secure web server

Perimeter protection –Device lock: PIN, Strong, exponential delay –Authentication protocols: PAP, CHAP, MS-CHAP, NTLM, TLS Data protection –128-bit Cryptographic services: CAPIv2 –Code signing (Smartphone only) –Anti-virus API Network protection –OTA device management security –Secure Browsing: HTTP (SSL), WAP (WTLS) –Virtual Private Networking (PPTP, L2TP IPSec) –Wireless network protection (WEP, 802.1x, WPA) Summary of Windows Mobile Security Features

Signature authentication –Certicom Corporation –Communication Intelligence Corporation –TSI/Crypto-Sign –VASCO Enhanced password protection –Hewlett-Packard Pictograph authentication –Pointsec Mobile Technologies Fingerprint authentication –Biocentric Solutions Inc. –HP iPAQ 5400 Card-based authentication –RSA Security –Schlumberger Sema Certificate Authentication on a Storage Card –JGUI Software Storage Encryption –F-Secure –Pointsec Mobile Technologies –Trust Digital LLC Encrypt Application Data –Certicom Corporation –Glück & Kanja Group –Ntrū Cryptosystems, Inc. Virtual Private Networking –Certicom Corporation –Check Point Software Technologies Ltd. –Columbitech –Entrust, Inc. –Epiphan Consulting Inc. Disable Applications –Trust Digital LLC Device Wipe –Asynchrony.com Public Key Infrastructure (PKI) –Certicom Corporation –Diversinet Corp. –Dreamsecurity Co., Ltd. –Glück & Kanja Group Thin Client Technology –Citrix –FinTech Solutions Ltd. –Microsoft 3rd Party Solution Providers

References Windows Mobile Security White paper – urces/whitepapers/security.mspxhttp:// urces/whitepapers/security.mspx Security Product Solutions – mation/businesssolutions/security/secsearch. aspxhttp:// mation/businesssolutions/security/secsearch. aspx

Headline Text

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.