Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own...
-
Upload
rhett-biglin -
Category
Documents
-
view
215 -
download
3
Transcript of Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own...
![Page 1: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/1.jpg)
Understanding the benefits and the risks.
Presented by Corey Nachreiner, CISSP
BYOD - Bring Your Own Device or Bring Your Own Danger?
![Page 2: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/2.jpg)
The way we wereHardware, software, and not much more.
2
![Page 3: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/3.jpg)
Change began in 2007
Business risk increased significantly
Social Media encouraged sharing of confidential information
The way we areMobile technology and social media have changed everything.
3
![Page 4: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/4.jpg)
4
The love affair employees have with mobile devices assures that they are here to stay.
Blurring of the linesWork anytime, anywhere.
![Page 5: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/5.jpg)
40% of devices are consumer owned
80% of professionals will use 2 or more devices
Corporate systems and data are more accessible than ever
Do the benefits of BYOD outweigh the risks?More security challenges and less control.
5
2008
2009
2010
2013
2007200
6
2011
2012
2005200
4
![Page 6: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/6.jpg)
The benefits of adopting a BYOD strategyDo the pluses outweigh the minuses?
Mobile devices are less expensive than old-school IT assets
Less provisioning and managing means less cost
Increased productivity
6
![Page 7: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/7.jpg)
BYOD Challenges!
![Page 8: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/8.jpg)
You can’t protect what you don’t knowUnderstanding and managing risks associated with BYOD.
!8
![Page 9: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/9.jpg)
9
!
Risking data lossThe consequences can be extreme.
One office data breach can incur
– legal fees– disclosure expenses– consulting fees– remediation expenses
One retail data breach can incur
– credit monitoring expenses– legal settlements– information control audits
![Page 10: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/10.jpg)
Risky viruses & malwareMobile devices offer little protection.
10
!
![Page 11: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/11.jpg)
Uninvited guests
Enter workplace via consumer devices
Access to other devices and data
Potential for company-wide infections
The risk from hackers and intrusions.
11
!
![Page 12: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/12.jpg)
12
!
The arrival of browser zombiesTrouble at every turn.
Man-in-the-Browser (MitB) attacks will escalate
Traditional malware runs every time a computing device is turned on
Browser malware only takes control of the web browser
![Page 13: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/13.jpg)
13
!
Policy enforcementIT is challenged by a BYOD workplace.
Creating device-specific policies is difficult
We’ve given up some direct control
Solutions for these mobile platforms are immature
![Page 14: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/14.jpg)
Challenges to productivityAdopting & enforcing a BYOD strategy.Younger employees collaborate in new ways
Employees want freedom to use mobile devices at work
Secure access solutions are necessary for empowering employees to work anywhere
14
!
![Page 15: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/15.jpg)
BYOD Missteps
15
![Page 16: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/16.jpg)
Failure to know what employees are doing on the network prevents successful planning
1. Not knowing what devices and applications are being used.
BYOD missteps
16
![Page 17: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/17.jpg)
Employees accessing social networks and social applications are not always wasting time
2. Not knowing how your social media strategy works with your BYOD policies.
BYOD missteps
17
![Page 18: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/18.jpg)
passwor
User-generated passwords are often weak and can compromise IT systems
3. Weak password management.
BYOD missteps
18
![Page 19: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/19.jpg)
BYOD Strategies
![Page 20: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/20.jpg)
Determine which devices are allowed to access the network
Determine which devices you will support
Focusing on policy is the first step.
Policy = Simplicity
20
![Page 21: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/21.jpg)
Separate work from fun Make sure employees understand the rules and the risks.
Work life and personal life should be kept separate
To get network access, employees must agree to acceptable use policies
IT should monitor activity
21
![Page 22: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/22.jpg)
Protect corporate dataFor high-level protection, limit access to devices that support VPN connectivity and require a secure connection
Limit access using VPN.
23
![Page 23: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/23.jpg)
Application control strategies make BYOD policies more secure
Decide which applications are acceptable, and which are not
Segment networks for additional protection
Applications should not be ignored.
Controls that go beyond mobile devices
24
![Page 24: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/24.jpg)
Consider additional risksAre you subject to controls such as HIPAA or PCI DSS?
If a device is lost, can you wipe the data?
Do employees know what rights they give up when using a mobile device?
Best practices and policy enforcement are essential
25
![Page 25: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/25.jpg)
BYOD & WatchGuard
![Page 26: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/26.jpg)
Manage BYODwith WatchGuard
WatchGuard makes managing BYOD easy by designing all products with easy-to-use policy tools. Administrators can enforce policies for small businesses or large enterprises
Easy-to-use security services for IT administrators.
27
![Page 27: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/27.jpg)
Control the network and the applications
Easily and quickly set up network segments
Maintain compliance and high-security
Monitor over 1,800 types of applications
WatchGuard products give you control over how devices are used.
28
![Page 28: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/28.jpg)
Protect all connected devices from mobile malware.
WatchGuard utilizes a “best-in-class” approach, ensuring network connected devices are shielded with an antivirus umbrella.
The network perimeter is the first line of defense.
29
d
![Page 29: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/29.jpg)
Safe surfing solution
Resides at the gateway
Device agnostic
Easy for IT to set up
WatchGuard’s WebBlocker protects users in hostile environments.
30
![Page 30: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/30.jpg)
Protect corporate dataFor high-level protection, limit access to devices that support VPN connectivity and require a secure connection
Limit access using VPN.
31
![Page 31: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/31.jpg)
What’s connected? What’s being used?
Logging and reporting are one of the most valuable resources that IT can leverage for a BYOD strategy. This insight helps protect resources and address areas of concern
WatchGuard illuminates trouble spots and potential
32
![Page 32: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/32.jpg)
Summary
!
![Page 33: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/33.jpg)
!
34
A major trend that is changing IT.
BYOD is here to stay
Will grow in size and scope
Presents new challenges and opportunities
A BYOD strategy is critical for data security
![Page 34: Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?](https://reader038.fdocuments.in/reader038/viewer/2022110303/5516b04f550346f6208b520f/html5/thumbnails/34.jpg)
Thank You
35