Scribd Logo
Upload

Welcome to Scribd!

  • End Point Security - The Right Protection in The Right Place

    Uploaded by

    quocirca
    71 views15 pages
    The right protection in the right place Bob Tarzey, service director, Quocirca Ltd. Consumerisation seems inevitable, it's just a matter of when. A threat to data Send by corporate email Send by web mail Print Transfer it to memory sticks Post on the web Share with unauthorised internal users.

    Original Description:

    Original Title

    End point security - the right protection in the right place

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The right protection in the right place Bob Tarzey, service director, Quocirca Ltd. Consumerisation seems inevitable, it's just a matter of when. A threat to data Send by corporate email Send by web mail Print Transfer it to memory sticks Post on the web Share with unauthorised internal users.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    71 views15 pages

    End Point Security - The Right Protection in The Right Place

    Uploaded by

    quocirca
    The right protection in the right place Bob Tarzey, service director, Quocirca Ltd. Consumerisation seems inevitable, it's just a matter of when. A threat to data Send by corporate email Send by web mail Print Transfer it to memory sticks Post on the web Share with unauthorised internal users.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 15

    End point security

    the right protection in the right place

    Bob Tarzey,
    Service Director
    Quocirca Ltd

    BrightTALK
    Dec 7th 2010

    © 2010 Quocirca Ltd


    What is an end point?

    FIREWALL

    VDI VM
    © 2010 Quocirca Ltd
    The pressing problem of the mobile
    end point

    Percentage of employees working remotely at some point during a


    week (source Quocirca “The distributed business index”)
    © 2010 Quocirca Ltd
    Diversity of mobile devices

    Source: Gartner
    Published in Information
    Age (Oct 2010)

    © 2010 Quocirca Ltd


    Three main challenges

    Malware

    Secure access

    Data loss

    © 2010 Quocirca Ltd


    Malware always the biggest concern
    Malware

    Internet use

    Internal users

    Compromise of sensitive data

    External users
    Scale from 1 = “not
    “Web 2” tools a threat” to 5 = “a
    very serious threat”
    Email

    2 2.5 3

    To what extent are the following a threat to IT security in


    your organisation? (source Quocirca “You sent what?”)
    © 2010 Quocirca Ltd
    A threat to data
    Send by corporate email
    Send by web mail
    Print
    Transfer it to memory sticks
    Post on the web Scale from 1 = “not
    Share with unauthorised internal users confident” to 5 =
    “very confident”
    Copy to mobile device
    Share with unauthorised external users

    2.7 3.2 3.7

    When users have legitimate access to data how confident are


    you that you can control their ability to do the following?
    (source Quocirca “You sent what?”)
    © 2010 Quocirca Ltd
    Three main factors to consider

    The type of device VM

    The user
    The transactions
    • Employee
    involved
    • External

    © 2010 Quocirca Ltd


    Two extreme approaches

    Centralised
    control The
    mechanisms approach
    taken
    should be
    somewhere
    Host between the
    based two
    security

    © 2010 Quocirca Ltd


    Centralised control

    • Force all application and/or internet access via central


    control points
    • Suits
    – Some mobile PC use
    – Remote/home workers
    – Limited use for smartphones
    • Tools
    – VPN
    – VDI
    – Next generation firewalls
    – Web proxies
    – Email filtering
    • Problems – creates choke points
    © 2010 Quocirca Ltd
    Host based security

    • All devices are security in the own right (aka Jericho


    Forum)
    • The only practical way to protect most smartphone use
    – Password protection
    – Malware protection
    – Device firewall (on-device filtering)
    – Encryption
    – Remote disablement and wipe
    – SIM recognition
    – Geolocation using GPS
    • Problems
    – Hard to manage
    – Consumes resources
    © 2010 Quocirca Ltd
    Consumerisation

    Consumerisation
    seems inevitable,
    it may be a secret
    weapon

    © 2010 Quocirca Ltd


    Management tools

    • Ensuring protection is in place and remains so


    • keeping device software and security up to date
    • Taking action can be taken when a problem arises
    • Auditing of device ownership and use (e.g. logging
    phone calls made, SMS content and photos)
    • Asset and licence management
    • Taking remote action

    • End point management tools


    • End point security tools
    • Mobile device management

    © 2010 Quocirca Ltd


    A final thought – end of life

    © 2010 Quocirca Ltd 14


    Thank you

    Thanks, this presentation will be available on


    www.quocirca.com

    Thank you
    Bob Tarzey
    Quocirca
    www.quocirca.com

    © 2010 Quocirca Ltd

    You might also like