How To Make Your Security Aware in A BYOD World Symposium Barcelona Spain

1 Fortinet Confidential
How to Make your Security

Aware in a BYOD World
Graeme Nash
Director Strategic Solutions, Fortinet
Security Challenges in a BYOD world
1
What Security is Required?
2
Focus Points
Fortinet Answers Critical BYOD Questions
3
The 4 Must-Have BYOD Security Features
4
Why Trust Fortinet?
5
What Our Customers Say About BYOD
Users want to bring in their iPads, iPhones and Galaxy S3s but
were not sure how to support them

My CFO heard we can save money through BYOD

We have to allow patients and guests on our guest network but how
do we keep the doctors data safe?

What do I do about the devices not supported by my MDM ie.ROAD?

How do I embrace all the potential mobile collaboration productivity and
innovation benefits whilst securing my corporate assets?
And the most common response
What Customers Say About BYOD
BYOD Challenges: Just the Tip of the Iceberg
Device proliferation
Web connectivity expansion
Gaming consoles
Media devices (e.g. TVs)
Next-generation devices
The Internet of Things
Printers
Laptops Tablets Smartphones Scanners
Web-Connected
Media
Video Game
Systems
Specialty Application
Devices
Appliances Web-Connected Toys
Who Knows
Health & Fitness

Many web-enabled devices
do not allow installation of
software / agents
Security features vary from
device to device
Fortinet Survey (EMEA results):
Gen-Y Workers Dependence/Control on Personal Devices

73% of respondents in EMEA are already regularly engaging in BYOD
practice
What statement best sums up Gen-Y attitudes to device usage?
52% consider BYOD a right
48% consider BYOD a privilege
What functions couldnt they live without for more than a day ?
Private calls 42%
SMS 39%
Private email 38%
Social Media 23%
Who is responsible for your device security?
The user 74%
The company 14%

Fortinet Survey:
Gen-Y workers attitude towards BYOD corporate policy
Worldwide EMEA APAC US
Yes 36% 27% 47% 29%
No 64% 73% 53% 71%
1-in-3 of respondents would contravene company
policy banning the use of personal device for work purposes
If your employer has/had a policy which prohibits the use of personal
devices in the work environment or for work purposes, have you
/would you ever use a personal device in contravention of this policy?
1
2
Focus Points
3
4
Why Trust Fortinet?
5
Through Corporate Policy
Complete Denial Difficult to Enforce

By Specifying Corporate assets only
(RIM, Citrix, VMWare)

Endpoint Clients

Network-based By behavior on the
network

Through Mobile Device Management
Gartner MDM Magic Quadrant
MDM consists of: *
Software Mgt.
Config, backup, updates
Network Service Mgt.
Location, usage
Hardware Mgt.
Provisioning, activation
Security Mgt.
Remote wipe, secure config
* Gartner Group Magic Quadrant
For Mobile Device Management
Software May, 2012
BUT ..
Managing the sprawl == $$
3 times as many employees consider device
security to be their own responsibility **
** Fortinet Gen-Y BYOD Survey
June, 2012
Its All About Mobile Device Connectivity and its Traffic
No Client VPN
VPN
& 2
Factor
Virtual
Desktop
(incl VPN
& 2 Factor)
Employee
Devices With
Mobile Device
Management
Corporate
Owned Devices
Uncontrolled
Devices
MDM
Client
Mobile Clients
2-Factor Authentication
MDM
Client
Most organizations require a spectrum of solutions
No perfect solution for all environments
Trade-offs for each solution
Network Security
The Network Is The Common Denominator

The network is THE core element in any approach you take
The network handles all the traffic, secures it, logs it and reports upon it
Regardless of whats on the device
Network
(LAN & WAN)
Enterprise
Mobile
Apps
Mobile
Device
Management
Unmanaged
Endpoint/
Device
Consumer
Mobile
Apps
BYOD Enablement through Network Security
Emily, a customer, needs guest access to
Skype on her iPad while visiting your
headquarters

Bills device is infected with malware and he
brings it on the corporate network
Jill is at Starbucks and needs to communicate
and be protected as if she was at HQ.
WiFi Guest Access
Bandwidth
Management
2-Factor Authentication
VPN Tunneling
Antivirus
BYOD Enablement through Network Security (Cont.)
Sue is in corporate marketing and should
have access to post non-sensitive
information to Facebook, but she should not
be playing Farmville

Joe started streaming movies while at work
through his tablet this is against corporate
policy
Application Control
Data Leakage
Prevention
Application Control
Ed unintentionally shared a sensitive
company presentation via his personal
Gmail account on his Android Phone.

Data Leakage
Prevention
1
2
Focus Points
3
4
Why Trust Fortinet?
5
Enabling BYOD: The 3 Critical Questions To Ask
1. Who are you?

2. Where do you want to go?

3. What data do you need?

User ID + Device ID

Identity Policies
Sig./MAC Address ID
Device Identification Access Control Security Application
Security Profiles
Awareness
Who Are You? : Device Identity
Who Are You?

Fortinet provides the answer:
Connection to corporate LDAP and Radius servers
Two Factor Authentication (hard and soft tokens) + Client Certificates
SMS and email based two factor authentication
Guest provisioning
Supports range of end user platforms (iPhone, iPad, Android)

Where Do You Want to Go?
Security on the LAN:
Control of wireless access and
security policies enforcement
All data flowing to and from
the network is inspected,
logged, and managed through
FortiGate
Retail
Store
Home
Coffee Shop
School
Security on the WAN:
Supports 3G, 4G, LTE, Cable
DSL, WiMax
Connect via VPN & 2-Factor
Authentication agents
(FortiClient & FortiToken)
All data flowing to and from the
network is inspected, logged,
and managed through FortiGate

Fortinet Solution Solves BYOD challenge
Data Loss Prevention
Prevent mobile users from sending sensitive
data outside the network
Application Control
Prevent mobile users from accessing non-
corporate approved applications
AntiMalware Prevent propagation from infected devices
Spam Filtering Protect email regardless of receiving device
Web Filtering Protect mobile users against malicious sites
Traffic Shaping
Limit mobile applications to preserve
bandwidth
What Data Do You Need?
1
2
Focus Points
3
4
Why Trust Fortinet?
5
Critical Technology No.1:
Integrating the Wireless Controller into the UTM Gateway
Stronger, BYOD Specific Technical Controls
Define security controls by:
Traditional IP address
Self-learning device identity
User identity

Allow (deny) by device type,
username, IP or MAC address
What you use dictates where you go

Take your device home

Client Reputation Management
Find the Bad Guy, avoid the Bad Server
Reputation built by activity
What you do, Where you go,
How you get there
Hosted content

Drill down report for those with the
worst reputations
What did they do, Where did they go
What applications did they run
Administrator defined thresholds

Enterprise Authentication Server
Identity Management and User Access Control
Enterprise Authentication Server
LDAP
User Database
Issuing CA
FortiToken
FortiAuthenticator
Authentication and Authorization
RADIUS, LDAP, 802.1X, EAP-TLS
Two Factor Authentication
FortiToken
Tokenless, via SMS and email
Certificate Management
X.509 Certificate Signing, Certificate Revocation,
SCEP
Remote Device / Unattended Authentication
Fortinet Single Sign on
Active Directory Polling
RADIUS Integration

Pulling it Together BYODs Core Moving Parts
CLIENT
Wired &
Wireless
Devices
MANAGEMENT &
REPORTING
All data flowing to and from
the network is inspected,
logged, and managed
through the UTM
WIRELESS CONTROL
SECURITY SERVICES
UTM : Unified Threat
Management
ACCESS
POINT
Wired &
Wireless
AUTHENTICATION
SERVICES
Infrastructure-wide
2-Factor Tokens
Token-less
Summary & Action Plan
Today:
Receive your Yes to BYOD and Gen-Y Survey whitepapers at
stand S5 in the ITExpo!
Back at the office:
Validate your BYOD drivers and (fully) quantify benefit!
Review your security infrastructures BYOD Core Moving Parts
Longer Term:
Enhance your BYOD project bang-for-buck by securing network
traffic from all sources/clients
Deliver the required granularity of security controls for BYOD
1
2
Focus Points
3
4
Why Trust Fortinet?
5
Fortinet A Strong Security Player
$434
$39
$80
$123
$155
$212
$252
$325
FORTINET REVENUE ($M)
55% CAGR

Q212 Revenue $129 M
25% Y/Y Growth
$13
03 04 05 06 07 08 09 10 11
Market Leader
Advanced technology and products
100+ patents; 110+ pending
Strong global footprint
1,600+ employees; 30 offices worldwide
Blue chip customer base
125,000 customers
(including majority of Global 100)
Exceptional financial model
FY11 revenues: $434 M
- 34% YoY growth
Strong balance sheet: $500M+ in cash
- No debt
Fortinet A Security Label
Major Certifications Other Recognitions
Thank You

www.fortinet.com

How To Make Your Security Aware in A BYOD World Symposium Barcelona Spain

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

How To Make Your Security Aware in A BYOD World Symposium Barcelona Spain

Încărcat de

Drepturi de autor:

Formate disponibile

1 Fortinet Confidential

How to Make your Security

S-ar putea să vă placă și