Securing the Enterprise Mobile Perimeter
-
Upload
brian-gleeson -
Category
Technology
-
view
901 -
download
1
description
Transcript of Securing the Enterprise Mobile Perimeter
![Page 1: Securing the Enterprise Mobile Perimeter](https://reader033.fdocuments.in/reader033/viewer/2022051514/54b7776f4a795921738b4662/html5/thumbnails/1.jpg)
Securing the Enterprise Mobile Perimeter Protecting workers’ mobile devices from sophisticated attacks
![Page 2: Securing the Enterprise Mobile Perimeter](https://reader033.fdocuments.in/reader033/viewer/2022051514/54b7776f4a795921738b4662/html5/thumbnails/2.jpg)
2
• Mobile security risk management as a service
• Android, iOS, Windows & Mac
• Spun-off from IronKey in 2012
• 70+ enterprise customers
About Marble
“Most Important Security Startups Of 2013”
![Page 3: Securing the Enterprise Mobile Perimeter](https://reader033.fdocuments.in/reader033/viewer/2022051514/54b7776f4a795921738b4662/html5/thumbnails/3.jpg)
3
BYOD Presents Real Security Challenges
*Dell/Vanson Bourne global survey of 1,485 IT leaders **Gartner, CIO Attitudes Toward Consummerization of Mobile Devices and Applications,” Gartner, May 2011
OF IT SAY BYOD POSES ‘MASSIVE’ RISK* 66% SAY THEIR MOBILE SECURITY WON’T PASS AN AUDIT** 63%
![Page 4: Securing the Enterprise Mobile Perimeter](https://reader033.fdocuments.in/reader033/viewer/2022051514/54b7776f4a795921738b4662/html5/thumbnails/4.jpg)
4
The Mobile Perimeter Is Under Attack
• Data loss
• Malware, trojans, zero-day attacks
• Compromised Wi-Fi hotspots
• Poisoned DNS
• Malicious, privacy-leaking apps
• Spear phishing
• Advanced persistent threats
![Page 5: Securing the Enterprise Mobile Perimeter](https://reader033.fdocuments.in/reader033/viewer/2022051514/54b7776f4a795921738b4662/html5/thumbnails/5.jpg)
5
Mobile Malware, Trojans, Zero-Day Attacks
INCREASE IN MOBILE MALWARE 2011 TO 2012*
*McAfee Threats Report: Second Quarter 2012
700%
![Page 6: Securing the Enterprise Mobile Perimeter](https://reader033.fdocuments.in/reader033/viewer/2022051514/54b7776f4a795921738b4662/html5/thumbnails/6.jpg)
6
Network Attacks
• Wi-Fi hotspots are easily hijacked at hotels, cafés, airports
• Criminals follow employees’ sessions into the enterprise
![Page 7: Securing the Enterprise Mobile Perimeter](https://reader033.fdocuments.in/reader033/viewer/2022051514/54b7776f4a795921738b4662/html5/thumbnails/7.jpg)
7
Advanced Persistent Threats
• APTs typically involve compromises of users’ devices or credentials
• 45% of enterprises see increase in spear phishing attacks targeting employees
• Criminals know mobile is a vector
• Uncontrolled environment with new risks
![Page 8: Securing the Enterprise Mobile Perimeter](https://reader033.fdocuments.in/reader033/viewer/2022051514/54b7776f4a795921738b4662/html5/thumbnails/8.jpg)
8
The Solution: Mobile Perimeter Defense
• Defends against ever-changing cyberthreats
• Detects and defends against APTs on mobile devices
• Dynamically assesses risk of users, devices, networks
• Controls access to cloud and enterprise services
• Easily-managed, simple to use
• Compatible with MDM
![Page 9: Securing the Enterprise Mobile Perimeter](https://reader033.fdocuments.in/reader033/viewer/2022051514/54b7776f4a795921738b4662/html5/thumbnails/9.jpg)
9
Marble Security Platform
MOBILE SECURITY MANAGEMENT (MSM)
MOBILE APP MANAGEMENT (MAM)
MOBILE DEVICE MANAGEMENT (MDM)
Dynamic risk score & remediation Secure messaging App-scanning & reputation
Jailbreak jammer detection Secure DNS &anti-phishing Secure browser
Anti-Malware Secure per-app VPN Site black listing & white listing
Geo fencing & location policies
App catalog App push & removal App black list & white list
Jailbroken & rooted detection Corp email set-up & sync Wi-Fi, camera, Bluetooth control
Encryption Remote lock, wipe, selective wipe Password set, strength, attempts
![Page 10: Securing the Enterprise Mobile Perimeter](https://reader033.fdocuments.in/reader033/viewer/2022051514/54b7776f4a795921738b4662/html5/thumbnails/10.jpg)
10
SSL/IPSEC VPN Tunnel
Marble Security Architecture
DNS Blacklist Providers
Public/Private Network
Marble Control Policy
App Security
Marble VPN
Secure Browser
HTTP/ HTTPS HTTP/
HTTPS
Marble VPN Node
DNS Black List
MARBLE ACCESS CLIENT • Scans for and removes malware, malicious apps • Profiles systems, detects rooted and jail broken devices • Connects securely via VPN to the Marble Network • Implements Marble Control Policy • Secure Browsing • Secure Messaging
MARBLE CONTROL • Dynamic risk analysis of user, device, apps and network • Correlates real-time, security feeds • Managed security deployment over the Internet • Sets and manages security policies with built-in MDM features • Rich reporting and analytics for users, devices, apps and data downloads
MARBLE NETWORK • Secured, encrypted connections • Thwarts attacks on Wi-Fi, cellular or wired networks • Secure DNS service with real-time blacklists • Protects against accessing phishing and malware sites • Protects the privacy of communications and credentials
Secure Messaging
![Page 11: Securing the Enterprise Mobile Perimeter](https://reader033.fdocuments.in/reader033/viewer/2022051514/54b7776f4a795921738b4662/html5/thumbnails/11.jpg)
11
Secure Containerization Layer
Marble Access Client Architecture
Authentication and device
fingerprinting
Data Encryption and Certificate Management
Key Management and Remote Wipe
Policy Enforcement and Device
Management
App Scanning
Device Risk Assessment
Network Access Control
![Page 12: Securing the Enterprise Mobile Perimeter](https://reader033.fdocuments.in/reader033/viewer/2022051514/54b7776f4a795921738b4662/html5/thumbnails/12.jpg)
12
MPD: Risk and Policy Architecture
Remediation Risk Scoring Detection Engines
Risk Control Assessment
Risk Correlation Engine
Device Risk Posture
OS, Firmware
Secure Storage
User Data
Malware
VPN
Network Risks
Geo-Location
Network Segment
Blacklists
Wi-Fi, Blue Tooth, NFC
Compromised DNS
Behavioral Risks
Login/Idleness
URL Access Behavior
Mobile App Usage/Install
App Risks
Malware
Application Vulnerabilities
Privacy Leaks
Blacklisted Apps
Enterprise SIEM Cloud Infrastructure Activity & Logs
![Page 13: Securing the Enterprise Mobile Perimeter](https://reader033.fdocuments.in/reader033/viewer/2022051514/54b7776f4a795921738b4662/html5/thumbnails/13.jpg)
13
Marble Control: Risk by Location
![Page 14: Securing the Enterprise Mobile Perimeter](https://reader033.fdocuments.in/reader033/viewer/2022051514/54b7776f4a795921738b4662/html5/thumbnails/14.jpg)
14
Marble Control: Risk Management
![Page 15: Securing the Enterprise Mobile Perimeter](https://reader033.fdocuments.in/reader033/viewer/2022051514/54b7776f4a795921738b4662/html5/thumbnails/15.jpg)
15
Mobile Perimeter Defense Components
Marble Access Client App • Download from Apple App Store or Google Play • Or, push through your MDM • Free lightweight Mobile Device Management, or use your own
Marble Network • Risk-based access control • Easy integration with public and private clouds
Marble Control • Cloud service for managing mobile security • No on-premise installation required
![Page 16: Securing the Enterprise Mobile Perimeter](https://reader033.fdocuments.in/reader033/viewer/2022051514/54b7776f4a795921738b4662/html5/thumbnails/16.jpg)