protect against malware with mobile threat management

© 2015 IBM Corporation

IBM MobileFirst Protect (MaaS360) Threat Management Jimmy Tsang Director of Product Marketing IBM Security September 14, 2015

The Mass Malware to Mobile Migration

2 © 2015 IBM Corporation

Agenda

§  State of Mobile Threats in the Enterprise

§  IBM MobileFirst Protect (MaaS360) Threat Management

§  How It Works

§  Q&A


Mobile is how we work today

Savings Lives

Speeding Service

Bus1ng Lines Delivering Manuals

Heading Home Learning in the Classroom


Mobile changes the way

people work

Mobile provides a better

experience

Mobile creates risk of company data

Mobile is strategic for business


As mobile grows, threats grow

In 2014 the number of mobile phones

(7.3 billion) exceeded the

number of people on the planet (7

billion)

Mobile malware is growing.

Malicious code is infecting

over 11.6 million mobile devices at any given time.

138 billion apps were downloaded

in 2014. By 2017 50% of employers will require

BYOD.

Mobile devices and the apps we rely on

are under attack. 97% and 87% of top paid Android

and iOS apps have been hacked.


What is mobile malware?

Malicious software specifically built to attack mobile devices

Relies on exploits of particular operating systems and mobile device software technology

Types of mobile malware: •  Device data thieves and device spies that take

certain kinds of data and deliver it to hackers for profit •  Jailbreak or root malware, which gives hackers

certain administrative privileges and file access •  Malware that performs automatic transactions or

communications without the users knowledge


Mobile malware even on iOS devices

WireLurker Masque Attack


Criminals attack the weakest link


IBM MobileFirst Protect Threat Management

Detects, analyzes and remediates mobile risks delivering a new layer of security for Enterprise Mobility Management (EMM) with the integration of IBM Security Trusteer® to protect against:

§  Mobile malware

§  Suspicious system configurations

§  Compromised devices


IBM Security Trusteer

A leading provider of advanced malware & fraud protection solutions

Hundreds of millions of end users and many large financial firms rely on Trusteer’s holistic cybercrime prevention platform

Delivers risk-awareness and security intelligence


Mobile malware detection, analysis and remediation

IBM MobileFirst Protect helps stop mobile apps with malware signatures and behaviors on devices from a continually updated database §  Set granular policy controls & app exceptions

§  Automate remediation with compliance engine

§  Alert user & admins when malware is found

§  Uninstall apps with malware automatically*

§  Block access, selectively or fully wipe

§  Restrict use of container solutions

§  View device threat attributes in portal

§  Review history of malware detection events

*select Samsung SAFE Android devices


Enhanced jailbreak and root device detection

IBM MobileFirst Protect discovers & remediates compromised or vulnerable devices with detection logic that’s updated over-the-air §  Protect against jailbroken iOS & rooted

Android devices that can provide attackers with additional privileges on the operating system, enabling various attack vectors

§  Seek out hiders & active hiding techniques that try to mask detection of jailbroken & rooted devices

§  Leverage detection logic updated over-the-air without any app updates to be more responsive to fast-moving hackers

§  Set security policies & compliance rules to automate remediation

§  Block access, selectively or fully wipe devices or remove device control


Device risk data: •  Malware found •  Jailbreak or Root status •  Suspicious system config

How it works

Install MaaS360 app with Trusteer, policies

& rules embedded

Policy & rules enforcement &

remediation

MaaS360 portal Trusteer Mobile Risk Engine

Over-the-air updates: •  Malware definitions •  Jailbreak & Root checks •  Suspicious apps list


Key benefits


Enable apps and content with trust on any device, anytime, anywhere

Delivering mobile security for the way people work


The IBM mobile security framework

CA, Oracle, RSA

Configure devices & manage security policies

Automate enforcement

Mitigate risks of lost or compromised devices

Distribute & manage enterprise apps

Separate work & personal data

Protect apps & data from vulnerabilities

Enable work content availability & sharing

Create & edit content

Contain sensitive corporate information

Provide secure web & mobile access control

Deliver ease-of-use with SSO & unified identity

management

Extend Security Intelligence

Extend security information & event management (SIEM) to mobile environment

Incorporate log management, anomaly detection, configuration & vulnerability management

Manage Access and Fraud

Secure Content and Collaboration

Safeguard Applications and Data

Protect Devices


Complete mobility management and security

Advanced Management Visibility & Control

Secure Productivity Suite Trusted Workplace

Secure Document Sharing Content Collaboration

Mobile Threat Management Malware Protection

Mobile Enterprise Gateway Enterprise Access


Robust mobile security platform

Mobile Threat Management

Trusteer Risk & Event

Detection

QRadar

Unified Endpoint Management

BigFix Mobile Identity Access Control

ISAM

Integrated App Security

Worklight Integrated

Data Security

Guardium

o  Automated Policy Compliance o  Encryption & Data Protection o  Authentication & Restrictions o  Containerization & App VPN o  Device Quarantine & Wipe


Seamless enterprise integration

Advanced Management Visibility & Control

Secure Productivity Suite Trusted Workplace

Secure Document Sharing Content Collaboration Mobile Threat Management

Malware Protection

Mobile Enterprise Gateway Enterprise Access

BYOD Corporate

Shared

Mail systems Directories Certificates File shares


Why IBM MobileFirst Protect?

Integrated solutions that connect

seamlessly to your existing and external

environments

Scalable data security with intelligence for the

volume, speed, and variability of mobile

Complete management of

devices, apps, content and users from a single platform


Industry analyst opinions

“Leader” in the Magic Quadrant Enterprise Mobility Management Suites for 4 years

“Best-in-class cloud” among ranked EMM vendors

“Leader” in the 2014 Forrester Wave for Enterprise Mobile Management

“Highest” in Current Offering

“Champion” in the 2015 Enterprise Mobility Management Vendor Landscape Report

“Highest Value Score” of the vendor group

“Leader” Worldwide Enterprise Mobility Management Software 2014 Vendor Assessment


Get started now

Instant Access a free, fully functional trial for 30 days

Mobile Manage and secure your devices, apps and content

Easy Set up and configure your service in minutes

1 2 3


Questions & Answers

© Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.

THANK YOU www.ibm.com/security