Presentation is loading. Please wait.

Presentation is loading. Please wait.

Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?

Published byRhett Biglin Modified over 10 years ago

Similar presentations

Presentation on theme: "Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?"— Presentation transcript:

1 Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?

2 The way we were Hardware, software, and not much more. 2

3 Change began in 2007 Business risk increased significantly Social Media encouraged sharing of confidential information The way we are Mobile technology and social media have changed everything. 3

4 4 The love affair employees have with mobile devices assures that they are here to stay. Blurring of the lines Work anytime, anywhere.

5 40% of devices are consumer owned 80% of professionals will use 2 or more devices Corporate systems and data are more accessible than ever Do the benefits of BYOD outweigh the risks? More security challenges and less control. 5 2008 2009 2010 2013 2007 2006 2011 2012 2005 2004

6 The benefits of adopting a BYOD strategy Do the pluses outweigh the minuses? Mobile devices are less expensive than old-school IT assets Less provisioning and managing means less cost Increased productivity 6

7 BYOD Challenges !

8 You cant protect what you dont know Understanding and managing risks associated with BYOD. ! 8

9 9 ! Risking data loss The consequences can be extreme. One office data breach can incur – legal fees – disclosure expenses – consulting fees – remediation expenses One retail data breach can incur – credit monitoring expenses – legal settlements – information control audits

10 Risky viruses & malware Mobile devices offer little protection. 10 !

11 Uninvited guests Enter workplace via consumer devices Access to other devices and data Potential for company-wide infections The risk from hackers and intrusions. 11 !

12 12 ! The arrival of browser zombies Trouble at every turn. Man-in-the-Browser (MitB) attacks will escalate Traditional malware runs every time a computing device is turned on Browser malware only takes control of the web browser

13 13 ! Policy enforcement IT is challenged by a BYOD workplace. Creating device-specific policies is difficult Weve given up some direct control Solutions for these mobile platforms are immature

14 Challenges to productivity Adopting & enforcing a BYOD strategy. Younger employees collaborate in new ways Employees want freedom to use mobile devices at work Secure access solutions are necessary for empowering employees to work anywhere 14 !

15 BYOD Missteps 15

16 Failure to know what employees are doing on the network prevents successful planning 1. Not knowing what devices and applications are being used. BYOD missteps 16

17 Employees accessing social networks and social applications are not always wasting time 2. Not knowing how your social media strategy works with your BYOD policies. BYOD missteps 17

18 passwor User-generated passwords are often weak and can compromise IT systems 3. Weak password management. BYOD missteps 18

19 BYOD Strategies

20 Determine which devices are allowed to access the network Determine which devices you will support Focusing on policy is the first step. Policy = Simplicity 20

21 Separate work from fun Make sure employees understand the rules and the risks. Work life and personal life should be kept separate To get network access, employees must agree to acceptable use policies IT should monitor activity 21

22 Enforce minimal access controls Access only for approved devices, applications, and users One size doesnt fit all What is acceptable use? Clear security policies 22

23 Protect corporate data For high-level protection, limit access to devices that support VPN connectivity and require a secure connection Limit access using VPN. 23

24 Application control strategies make BYOD policies more secure Decide which applications are acceptable, and which are not Segment networks for additional protection Applications should not be ignored. Controls that go beyond mobile devices 24

25 Consider additional risks Are you subject to controls such as HIPAA or PCI DSS? If a device is lost, can you wipe the data? Do employees know what rights they give up when using a mobile device? Best practices and policy enforcement are essential 25

26 BYOD & WatchGuard

27 Manage BYOD with WatchGuard WatchGuard makes managing BYOD easy by designing all products with easy-to-use policy tools. Administrators can enforce policies for small businesses or large enterprises Easy-to-use security services for IT administrators. 27

28 Control the network and the applications Easily and quickly set up network segments Maintain compliance and high-security Monitor over 1,800 types of applications WatchGuard products give you control over how devices are used. 28

29 Protect all connected devices from mobile malware. WatchGuard utilizes a best-in-class approach, ensuring network connected devices are shielded with an antivirus umbrella. The network perimeter is the first line of defense. 29 d

30 Safe surfing solution Resides at the gateway Device agnostic Easy for IT to set up WatchGuards WebBlocker protects users in hostile environments. 30

31 Protect corporate data For high-level protection, limit access to devices that support VPN connectivity and require a secure connection Limit access using VPN. 31

32 Whats connected? Whats being used? Logging and reporting are one of the most valuable resources that IT can leverage for a BYOD strategy. This insight helps protect resources and address areas of concern WatchGuard illuminates trouble spots and potential 32

33 Summary

34 34 A major trend that is changing IT. BYOD is here to stay Will grow in size and scope Presents new challenges and opportunities A BYOD strategy is critical for data security

35 Thank You 35

Download ppt "Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?"

Similar presentations

© 2008 Pearson Addison Wesley. All rights reserved Chapter Seven Costs.

© 2008 Pearson Addison Wesley. All rights reserved Chapter Seven Costs.
Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.

Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.
Chapter 1 The Study of Body Function Image PowerPoint

Chapter 1 The Study of Body Function Image PowerPoint
Copyright © 2011, Elsevier Inc. All rights reserved. Chapter 6 Author: Julia Richards and R. Scott Hawley.

Copyright © 2011, Elsevier Inc. All rights reserved. Chapter 6 Author: Julia Richards and R. Scott Hawley.
Author: Julia Richards and R. Scott Hawley

Author: Julia Richards and R. Scott Hawley
1 Copyright © 2013 Elsevier Inc. All rights reserved. Appendix 01.

1 Copyright © 2013 Elsevier Inc. All rights reserved. Appendix 01.
Properties Use, share, or modify this drill on mathematic properties. There is too much material for a single class, so you’ll have to select for your.

Properties Use, share, or modify this drill on mathematic properties. There is too much material for a single class, so you’ll have to select for your.
NCATS REDESIGN METHODOLOGY A Menu of Redesign Options Six Models for Course Redesign Five Principles of Successful Course Redesign Four Models for Assessing.

NCATS REDESIGN METHODOLOGY A Menu of Redesign Options Six Models for Course Redesign Five Principles of Successful Course Redesign Four Models for Assessing.
UNITED NATIONS Shipment Details Report – January 2006.

UNITED NATIONS Shipment Details Report – January 2006.
The Managing Authority –Keystone of the Control System

The Managing Authority –Keystone of the Control System
1 RA I Sub-Regional Training Seminar on CLIMAT&CLIMAT TEMP Reporting Casablanca, Morocco, 20 – 22 December 2005 Status of observing programmes in RA I.

1 RA I Sub-Regional Training Seminar on CLIMAT&CLIMAT TEMP Reporting Casablanca, Morocco, 20 – 22 December 2005 Status of observing programmes in RA I.
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
STUDENT MANAGEMENT 1 2013-14 School Bus Driver Inservice.

STUDENT MANAGEMENT School Bus Driver Inservice.
Exit a Customer Chapter 8. Exit a Customer 8-2 Objectives Perform exit summary process consisting of the following steps: Review service records Close.

Exit a Customer Chapter 8. Exit a Customer 8-2 Objectives Perform exit summary process consisting of the following steps: Review service records Close.
Create an Application Title 1A - Adult Chapter 3.

Create an Application Title 1A - Adult Chapter 3.
FACTORING ax2 + bx + c Think “unfoil” Work down, Show all steps.

FACTORING ax2 + bx + c Think “unfoil” Work down, Show all steps.
Year 6 mental test 10 second questions

Year 6 mental test 10 second questions
1 Click here to End Presentation Software: Installation and Updates Internet Download CD release NACIS Updates.

1 Click here to End Presentation Software: Installation and Updates Internet Download CD release NACIS Updates.
Embrace Mobility. Without Compromise. The apps they need. On the devices they want. Without sacrificing compliance. Strategic Approach to Mobile Security.

Embrace Mobility. Without Compromise. The apps they need. On the devices they want. Without sacrificing compliance. Strategic Approach to Mobile Security.

Similar presentations

Ads by Google