Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.


Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

Untitled Prezi

No description

Alexandra Rutkovitz

on 21 February 2013

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Untitled Prezi

Network Access The Fortinet Approach Mobile Device Management (MDM) Solving the BYOD Challenge It's All About the Traffic Securing Your Network
in a BYOD Environment Choice Technologies
Expert Panel Agenda What is BYOD? BYOD Facts Defining BYOD
Challenges & Risks of BYOD
Benefits of BYOD
The Right Approach
Two-Factor Authentication
Mobile Device Management
Solving the BYOD Challenge Ken Goldstein:
Martin Hengst:
Ben Schmerler:
Andrew Kimmelman:
Steve Rutkovitz: Bring Your Own Device: Policy of permitting employees to bring personally owned mobile devices (laptops, tablets, & smart phones) to their place of work & use those devices to access privileged company information & applications. 37% employees already use personal devices
By 2016, 80% of employees will be permitted to BYOD
Mobile vulnerabilities doubled from 2010 to 2011
35% of adults have lost their mobile phones or had them stolen Potential Risks of BYOD The Challenges of BYOD Mitigating Risks and Challenges The Benefits Overcome the Risks Loss of Control
Data Loss or Compromise
Lack of device security policy
Intentionally altered security Policy creation & enforcement
Solution complexity
Resource intensive
Who manages the device?
Segregating data: corporate from personal By Managing:
Freedom to use personal devices anytime, anywhere
Keeps employees happy & productive Easy management
Protection control
Reduces costs Most organizations require a spectrum of solutions
No one-size-fits-all solution Requires the use of two authentication factors
Password or passphrase
One Time Password (OTP) Two-Factor Authentication Based off of a time-based algorithm or mathematical equation
Known only by your firewall & your token
Valid for about 60 seconds Protecting all BYOD Attack Vectors End user executes malware, is infected & now all their data is compromised
Malicious activity is detected & blocked Phishing site sends Bot infection to user disguised as ‘Security Update’
Content scanning prevents download User accesses phishing site, enters credentials
Access to phishing website is blocked Email Sent – Contains Sensitive Data
Mail message detected as Data Loss (DLP) Used to allow encrypted:
Direct file access
Connection to remote desktop
An encrypted tunnel between a PC & company’s network
Securely access company resources remotely Virtual Private Networks (VPN) The Fortinet Answer Android iOS Ensured identity via FortiToken Two-Factor Authentication
(soft token & hard token options) What is a FortiToken? Protected connections via SSL VPN encryption FortiClient FortiToken Hardware Clients THE FORTINET SOLUTION
Simple & cost-effective TRADITIONAL SOLUTIONS
Cumbersome & costly The Right Approach Small & portable FortiToken 200 FortiToken 300 Mobile Device Management:
Secures, monitors, & manages mobile devices
Deploys and enforces acceptable-use policies
Provides centralized control to:
other Mobile Devices
Reduces cost and business risks What is MDM? MDM consists of: What is included with an MDM solution? Detects & restricts jailbroken or rooted devices
Remotely locates, locks & wipes lost / stolen devices
Creates real-time compliance rules with automated actions
Securely shares & updates documents & content
Provides detailed hardware & software inventory reports
Tracks Mobile Expense Management MDM Platform Automated device approval process
Simplifies employee steps
Separates Corporate data from personal data
Perform automated actions
Distribute applications & documents
Selectively wipe corporate data
Implement self-service portal
Privacy settings
Usage monitoring alerts MDM Best Practices Your Firewall with FortiTokens & MDM
working together:
Allows the flexibility to deploy mobile technologies you want
Continuous Firewall and Mobile Device Monitoring and Alerting Data Loss Prevention: Mobile users can be blocked from sending sensitive data outside the network
Application Control: Mobile users can be stopped from accessing non-corporate approved applications
Anti-malware: Infected devices will not be allowed to propagate infections
Web Filtering: Mobile users can be protected against malicious sites
Traffic Shaping: Mobile applications can be limited to ensure that bandwidth is preserved Devices
Data Plans
Privacy MDM topics to consider: Software
Network service
Security Environment
Company Data
Behavior For the employee: For the company: Moving to a BYOD Environment Gives you:
Productivity Sales & Marketing Manager Senior Information Security Engineer Account Executive Inside Accounts CEO The Traditional Approach to Network Control Choice will tailor a solution based on your needs relative to:
Regulatory Compliance
Feature Requirements
Cyber Liability Policy Questions to Consider: Agreements: Is there an acceptable usage agreement for employee devices with corporate data?
Devices: What mobile devices will be supported? Only certain devices or whatever the employee wants?
Data plans: Will the organization pay for the data plan at all? Will you issue a stipend, or will the employee submit expense reports?
Compliance: What regulations govern the data that your organization needs to protect?
Security: What security measure are needed?
Applications: What apps are forbidden?
Services: What kinds of resources can employees access?
Privacy: What data is collected from employees devices? What personal data is never collected?
Full transcript