Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mobile security in the enterprise Windows Phone 8 answers the call

Published byΦίλων Βασιλικός Modified over 6 years ago

Similar presentations

Presentation on theme: "Mobile security in the enterprise Windows Phone 8 answers the call"— Presentation transcript:

1

2 Mobile security in the enterprise Windows Phone 8 answers the call
TechEd 2013 1/15/2019 5:36 PM WPH-B203 Mobile security in the enterprise Windows Phone 8 answers the call Alan Meeus Windows Phone Division © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

3 Windows the right choice for business
Great, consistent experience across devices Built-in communication and collaboration Robust platform for mobile apps Unified app and device management Common core and security architecture

4 Mobile security in the enterprise
TechEd 2013 1/15/2019 5:36 PM Mobile security in the enterprise Your company is probably allowing employees to use various devices to connect to the corporate network right now. How secure do you feel about your employee’s mobile devices? What kind of threat does this pose? How do you get this mobility trend under control before it becomes a risk, if it hasn’t already? Are you currently doing enough to protect your network, data and applications? Technical level 200 © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

5 Security Goals Support a rich end user experiences
Balance with end user safety Developer trust Business policy & regulatory compliance

6 Secure Boot Secure Boot helps ensure the integrity of the entire Operating System Secure Boot implementation is provided in SoC Two phases: Platform secure boot helps ensures integrity of pre-UEFI boot loaders UEFI secure boot helps ensure integrity of UEFI applications and Windows OS Secure Boot helps prevent malware from being installed on the phone

7 Secure boot process Windows Phone 8 OS boot Firmware boot loaders
Power On Secure UEFI Windows Phone 8 OS boot Firmware boot loaders OEM UEFI applications Windows Phone boot manager Windows Phone 8 update OS boot Boot to flashing mode SoC Vendor OEM MSFT

8 Trusted boot loaders and Secure UEFI Boot
During manufacturing Provisioning of the hash of the public key used to sign the initial boot loaders Blow appropriate fuses Provisioning of the UFEI key databases No secure boot bypass for users Secure Flashing required

9 Code Signing All Windows Phone 8 binaries must have digital signatures signed by Microsoft to run Different from WP7 where only Microsoft and marketplace apps had digital signatures OEM binaries will be signed by Microsoft

10 Chamber security model
TechEd 2011 1/15/2019 Chamber security model Policy system Central repository of rules 3-tuple {Principal, Right, Resource} Chamber Model Chamber boundary is security boundary Chambers defined using policy rules One chamber type defined by capabilities Built on the Windows accounts Capabilities Expressed in application manifest Disclosed on Windows Phone Store Defines app’s security boundary on phone Trusted Computing Base (TCB) Least Privilege Chamber (LPC) Dynamic Permissions (LPC) © 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

11 Capabilities Windows Phone Capabilities examples: Capability classes
Video and Still capture; Microphone; Location Services; Sensors; Push Notification; Place Phone Calls; Owner Identity; Phone Identity; Networking; Contacts; Capability classes Microsoft OEM / MO ISV - Enterprise

12 App certification All apps are certified before upload to the Windows Phone Store App Packages are encrypted until fully downloaded to the phone Windows Phone Store apps can be revoked All Apps are sandboxed (chamber model) Jailbreaks are virtually impossible Secure boot Code signing requirements

13 Device Encryption Windows BitLocker disk encryption technology for device encryption Secure boot is required Encryption is available on all phones Tuned on by IT Pro All internal storage is encrypted No pre-OS user experience for PIN entry No key escrow

14 Information Rights Management
Helps prevent intellectual property from being leaked Protects s and documents on the phone from unauthorized distribution Deploy with Exchange Server and SharePoint

15 Windows Phone Summit_2012 1/15/2019 Internet Explorer 10 SmartScreen anti-phishing filter uses data from millions of Windows PCs to block malicious websites in real-time Locked Down: No Flash or AxtiveX © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

16 Control access to device and applications
Exchange ActiveSync with Exchange Server and Office 365 for and device management Widely used for mobile and access policy management App and device management with native Mobile Device Management For app distribution and access policy management Windows Phone 8 for business comprehensive PowerPoint presentation © 2012 Microsoft Corporation.

17 Native mobile device management
Windows Phone 8 for Business (version 1.0) Native mobile device management Built in, unintimidating and simple user experience Enterprise enrollment and management client built-in One-step user experience to enroll (or un-enroll), apply policies , and discover enterprise apps Windows Phone 8 for business comprehensive PowerPoint presentation © 2012 Microsoft Corporation.

18 Mobile Device Management Choices
1/15/2019 Mobile Device Management Choices Windows Intune Mobile Iron Airwatch Citrix XenMobile Symantec SAP Afaria and others © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

19 Windows Phone policy and reporting
Windows Phone 8 for Business (version 1.0) Windows Phone policy and reporting 1/15/2019 Enterprise policies and reporting EAS (NA) Simple password Alphanumeric password Minimum password length Minimum password complex characters Password expiration Password history Device wipe threshold Inactivity timeout IRM enabled Remote device wipe Device encryption (new) Disable removable storage card (new) Remote update of business apps (new) Remote or local un-enroll (new) Server configured policy values Query installed enterprise app Device name Device ID OS platform type Firmware version OS version Device local time Processor type Device model Device manufacturer Device processor architecture Device language Windows Phone 8 for business comprehensive PowerPoint presentation © 2012 Microsoft Corporation.

20 Remediate Remote and local wipe Windows update Application revocation
Admin initiated or end user initiated EAS or MDM based Windows update OTA only User can initiate Application revocation Store and enterprise apps

21 Security takeaways Secure boot turned on
Security model with sandboxing and least privilege All binaries are signed Device encryption on Device access control with MDM

22 Shared core and security
Windows Phone Summit_2012 1/15/2019 Great, consistent experience across devices Collaborate and communicate Ready for business Native device management Shared core and security App lifecycle management © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

23 Windows Phone Breakout Sessions
1/15/2019 5:36 PM Windows Phone Breakout Sessions Tuesday, June 25: 1:30pm - The phone that has everything the enterprise needs: Windows Phone 8 3:15pm – The top down guide for developers: Windows Phone 8 5:00pm – The power of collaboration: Integrating Windows Phone with Office 365, Exchange and SharePoint Online Wednesday, June 26: 8:30am – All aboard for the future of HTML5 mobile & hybrid web apps for Windows Phone 8 and Windows Tablets 10:15am – The Windows Phone 8 networking survival kit 12:00pm – Build it once for both: Writing code and designing for Windows 8 and Windows Phone 8 3:15pm – Mobile Security in the Enterprise: Windows Phone 8 Answers the Call 5:00pm – Using C and C++ in your Windows Phone 8 Applications © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

24 Windows Phone Breakout Sessions
1/15/2019 5:36 PM Windows Phone Breakout Sessions Thursday, June 27: 10:15am – Developing large-scale enterprise mobile apps for Windows Phone 8 12:00pm – Speechifying your Windows Phone 8 applications 3:15pm – Secrets of using background agents for Windows Phone 8 5:00pm – Manage Windows Phone enterprise apps Friday, June 28: 8:30am – Support your demanding LOB apps with SQLite and Windows Phone 8 10:15am – Creating Windows Phone 8 apps for SharePoint 4:30pm – Windows Phone: How to make money with your applications and games © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

25 Windows Phone Hands On Labs
1/15/2019 5:36 PM Windows Phone Hands On Labs Porting Windows 8 to Windows Phone 8 Windows Phone 8: File and Protocol Association Windows Phone 8: Lock Screen Wallpaper Windows Phone 8: Voice Command Windows Phone 8: Tiles Windows Phone 8: Purchase Windows Phone 8: Wallet Windows Phone 8: Running Tracker © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

26 1/15/2019 5:36 PM Windows Phone Booth Device Bar featuring the latest Windows Phones in the marketplace Expert Area – Stop by the booth to get all your Windows Phone questions answered by Windows Phone experts Theater Presentations: The Windows connected experience Build Mobile Apps Using Familiar Development Tools Why Windows Phone in the Enterprise? © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

27 Windows Phone Promotions
1/15/2019 5:36 PM Windows Phone Promotions Attend a Windows Phone theater session to be entered into a drawing for Windows Phones. Windows Phone Breakout Sessions – Attend Windows Phone breakout sessions and be entered into a drawing to win a Windows Phone. © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

28 Track Resources For more information about Windows Phone:
1/15/2019 5:36 PM Track Resources For more information about Windows Phone: © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

29 Questions?

30 Evaluate this session Scan this QR code to evaluate this session.
1/15/2019 5:36 PM Required Slide *delete this box when your slide is finalized Your MS Tag will be inserted here during the final scrub. Evaluate this session Scan this QR code to evaluate this session. © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

31 1/15/2019 5:36 PM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Download ppt "Mobile security in the enterprise Windows Phone 8 answers the call"

Similar presentations

Script Kiddies; CybercrimeCyber-espionage; Cyber-warfare CybercriminalsState sponsored actions; Unlimited resources Attacks on fortune 500All sectors.

Script Kiddies; CybercrimeCyber-espionage; Cyber-warfare CybercriminalsState sponsored actions; Unlimited resources Attacks on fortune 500All sectors.
Windows Phone 8 device and app management Alan Meeus Sr. Technical Product Manager Windows Phone Division Microsoft Corporation WPH205.

Windows Phone 8 device and app management Alan Meeus Sr. Technical Product Manager Windows Phone Division Microsoft Corporation WPH205.
Nick Randolph: Built To Roam Dave Glover: Microsoft.

Nick Randolph: Built To Roam Dave Glover: Microsoft.
20 21 Remote Wipe.

20 21 Remote Wipe.
WPH301. announcement Overview Roadmap for Business Risk Management (security model, application security, security management) Deploying Windows Phone.

WPH301. announcement Overview Roadmap for Business Risk Management (security model, application security, security management) Deploying Windows Phone.
www.windowsphone.com/business Secure Boot.

Secure Boot.
20 21 Remote Wipe.

20 21 Remote Wipe.
Microsoft Virtual Academy

Microsoft Virtual Academy
Make your app a native part of Office with Add-ins

Make your app a native part of Office with Add-ins
Secure Hyperconnectivity with TeamViewer and Windows technologies

Secure Hyperconnectivity with TeamViewer and Windows technologies
Exam Prep : Section 2: Design for Device Access and Protection

Exam Prep : Section 2: Design for Device Access and Protection
Windows 10 and the cloud: Why the future needs hybrid solutions

Windows 10 and the cloud: Why the future needs hybrid solutions
Modernizing your Remote Access

Modernizing your Remote Access
WebView: Bringing the web to your app

WebView: Bringing the web to your app
Microsoft Virtual Academy

Microsoft Virtual Academy
Optimizing Microsoft OneDrive for the enterprise

Optimizing Microsoft OneDrive for the enterprise
Build 2012 7/4/2018 © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.

Build /4/2018 © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.
The power of common identity across any cloud

The power of common identity across any cloud
Microsoft Ignite 2016 7/18/2018 8:30 PM BRK2065

Microsoft Ignite /18/2018 8:30 PM BRK2065
A Fast Track into Device Guard

A Fast Track into Device Guard

Similar presentations

Ads by Google