byod: a new philosophy
TRANSCRIPT
01
ZIXCORP BYOD: A NEW PHILOSOPHY
Geoff Bibby November, 2014
Founded in 1998 as an email encryption company More than 11,000 active customers including:
Six divisions of the U.S. Treasury All of the FFIEC U.S. federal financial regulators
(incl. FDIC and OCC) The U.S. Securities and Exchange Commission 24 U.S. state financial regulators More than 2,000 U.S. financial institutions 24% of all banks in the U.S. 20% of all hospitals in the U.S. 32 Blue Cross Blue Shield organizations
LEADER IN EMAIL DATA PROTECTION
2
ZIX: EMAIL DATA PROTECTION
3
ZixGateway
Policy-based email encryption solution enables automatic email policy enforcement and data loss prevention based on email content or attribute
ZixDLP Insight and/or Quarantine Add-on for ZixGateway; intuitive audit or quarantine interface supplementing ZixGateway features – know why an email was or should have been secured
ZixOne
Mobile app for corporate email/calendar/contacts, allowing access to Exchange/O365 email while preventing local storage on device
4
MOST POPULAR MOBILE BUSINESS APPS EMAIL, CALENDAR AND CONTACTS
5
Source: BYOD and Mobile Security Report, 2014, Holger Schulze, Information Security Community on LinkedIn
BYOD Bring Your Own Device
MDM
Mobile Device Management
MAM
Mobile Application Management
MCM
Mobile Content Management
6
7
Mobile Device User Agreement Between Acme Omniscient (Employer) and Abe Prehensive (Employee)
As a condition of synchronizing my personal mobile devices with the Acme Omniscient computing environment, I understand that I am subject to certain restrictions on the use of my Tablet/Smartphone. This document serves as notification of the restrictions and expectations, and acceptance and acknowledgement thereof.
By signing below:
• I acknowledge that Acme will enforce security settings on the Tablet/Smartphone including at a minimum encryption of all Acme information on the device.
• I agree to hold Acme harmless for any loss relating to the administration of Tablet/Smartphone connectivity to Acme Omniscient systems including, but not limited to, loss of personal information stored on my Tablet/Smartphone due to data deletion done to protect sensitive information related to Acme Omniscient, its employees, contractors or partners.
• I understand that modifying the underlying operating system of the device (e.g., “rooting”, “Jailbreaking”, etc.) will result in the device being removed from synchronization with Acme Omniscient data and voids this agreement and support for the device.
• I agree that my Tablet/Smartphone can be wiped by Acme upon the decision of Acme Omniscient management and understand that it will delete all data including personal files.
• I agree to report loss of a device immediately to the IT Help Desk.
• I understand that failure to adhere to these conditions or failure to appropriately safeguard Acme information could result in action against me personally, including termination of employment, civil action or criminal prosecution.
• I understand that geolocation may be used to locate my device.
Printed name: ______________________________________________________________________
Signature: __________________________________________________________ Date:___________
Manager Approval printed name: ________________________________________________________
Manager Approval Signature: _________________________________________ Date:___________
loss of personal information data deletion
rooting, jailbreaking wiped delete all data including personal files
termination of employment criminal conviction geolocation
MOBILE SECURITY
Trust the Platform or Container
Trust the Viewer
Trust Nothing
Trust the App
Example: EMM
Example: Email Streaming
Example: Virtual
Example: App Wrapper
Security by Management Security by Abstraction Security by Isolation
8
From Gartner Spectrum of Trust for Mobile Enterprise Design, published April 4, 2014
9
TYPICAL EMM SOLUTION EMAILS ARE RETAINED IN PERMANENT MEMORY
ZIXONE SOLUTION EMAILS ARE VIEWED ONLY
10
ACCESSIBLE JAILBREAKING SOFTWARE
11
ZixONE app that delivers a view of corporate email, calendar and contacts on mobile devices
ZixONE server connects to
Exchange or Office365 Efficient, secure protocols deliver
information quickly
12
Mail Server ZixOne
13
ZIXONE A COMPLETELY NEW PHILOSOPHY
14
1. Simple for IT to administer 2. Simple for the end user to download and
use immediately 3. You will have happy users:
o no threatening user agreement o limited memory used o no threat of remote wiping
4. No corporate data on device: none to lose
#nodataondevice
IN SUMMARY, IT’S SIMPLE.
15