Te c h Ta r g e t S e c u r i t y M e d i a G r o u p
technical guide on
MOBILE DEVICE SECURITY
contents
Mobile Phone Security Threats, Blended Attacks Increasing Three Mobile Device Security Policy Lookouts from ISF
A global perspective on mobile device security
How Sensitive Company Data Leaks onto Mobile Devices in Business Smartphone Encryption, Authentication Ease Mobile Management
�There are lots of ways confidential information can get into the wrong hands.
Mobile file sharing shouldnt be one of them.
Todays business takes place at breakfast, over lunch, on the plane, on the train, and even sometimes in the office.
Your business users need quick, easy, secure mobile access to files anywhere, any time, from any device. Ensure secure mobile file access and sharing for your workforce with Accellion Mobile Apps. Accellion secure file sharing solutions are used by the worlds leading corporations and government agencies. Try Accellion Secure Mobile File Sharing for free: www.accellion.com/ms-ebook-2011
Mobile File Sharing Risky Business if its Not Secure.
2011 Accellion . All Rights Reserved. All other trademarks are the property of their respective owners.
M OB I LE DEVICE SECU R ITY
insight
Mobile Device Security
As business users find it necessary to use mobile devices to maintain connectivity to corporate resources anytime, anywhere, it is vital that you understand that the lack of essential device security safeguards introduces substantial security risks to your organization.
TECHTARGETS SECURITY MEDIA GROUP presents a comprehensive guide to mobile device
contents
BY RON CONDON FOR SEARCHSECURITY.CO.UK
security. Our technical editors from the U.S., Europe, India and Asia provide their respective regions perspective on the issue.
Mobile phone security threats, blended attacks increasing
ATTACKS Gain insight into increasingly sophisticated mobile phone security threats and learn how you stay one step ahead of some recent smartphone scams.
How sensitive company data leaks onto mobile devices in business
DATA PROTECTION
Understand how company data leaks onto mobile devices and gain insight into enforcing corporate security policies.
BY PETER WOOD FOR SEARCHSECURITY.CO.UK
Smartphone encryption, authentication ease mobile management
Security pros use tools like encryption and authentication to extend security to smartphones. Learn about some current solutions that can help make mobile device management easier. BY ROB WESTERVELT FOR SEARCHSECURITY.COM
ENCRYPTION
Three mobile device security policy lookouts from ISF
The Information Security Forum (ISF) offers advice on how to draft a comprehensive mobile device security policy, given the evolving mobile device environment.
POLICY
BY STEVE DURBIN FOR SEARCHSECURITY.IN
SPONSOR RESOURCES
T E C H TA R G E T S E C U R I T Y M E D I A G R O U P
Technical Guide on Mobile Device Security
�Cloud-based MDM in under 5 minutes. No servers needed. Try it now @ http://www.maas360.com/TechTarget
M OB I LE DEVICE SECU R ITY
AT TAC K S
Mobile Phone Security Threats, Blended Attacks Increasing
CONTENTS
ATTACKS
Gain insight into increasingly sophisticated mobile phone security threats and learn how you stay one step ahead of some recent smartphone scams.
BY RON CON DON FOR SEARCHSECU R ITY.CO.U K
DATA PROTECTION
ENCRYPTION
POLICY
SPONSOR RESOURCES
CRIMINALS ARE USING increasingly sophisticated techniques to secretly attack smartphones by planting malware and generating premium rate calls and SMS messages. Corporate users have become favoured targets of these mobile phone security threats because they tend to check their bills less carefully than consumers, and are therefore slower to spot a problem. The conclusions come from a report by Dublin-based security company AdaptiveMobile, which provides services and products to 90% of the worlds mobile telecommunications companies. The company says that, while email spammers have seen their activities limited by better filtering techniques, mobile spamming and phishing scams offer criminals an easier route to making money. Gareth Maclachlan, chief operating officer at AdaptiveMobile, said the main attraction of the mobile phone is that it has intrinsic value: It is either tied to a customers account or holds a fund of money that can be spent. Every SMS the mobile sends can generate revenue if it goes through to a premium short code, and every call can generate revenue if it goes to a premium-rate number, he said. It is now much easier for a criminal to do this. In the last 18 months, the barriers to entry have been lowered. Before, you would have to carry out a complex activity to break into the carriers network and inject signaling. Now, you can get a pre-paid SIM for 10 and flood the network with cheap, unlimited SMS messages. So, just as email spam is virtually free to run, it is now almost free to send out masses of SMS messages. The trend is already costing mobile operators a lot of money. Maclachlan cited the recent case of one mobile phone service operator that lost $10 million in just a few days. Thousands of its subscribers received messages that looked like genuine missed call alerts, and many of them called the number and received a voice message saying the number was busy and to call back later. What they did not know was that they were
Technical Guide on Mobile Device Security
T E C H TA R G E T S E C U R I T Y M E D I A G R O U P
M OB I LE DEVICE SECU R ITY
CONTENTS
ATTACKS
DATA PROTECTION
ENCRYPTION
POLICY
SPONSOR RESOURCES
calling an international satellite phone service at $4 per minute. By the time the customers received their bills and started to complain, per standard procedure the operator had already paid the satellite company on behalf of its customers, and so had to issue customer refunds out of its own coffers, leaving it with a huge loss. Another growing problem identified by the report is the compound threata more sophisticated attack using multiple elementsthat is sometimes combined with an attack on the users PC. One example of such blended attacks was Zeus MitMo, a virus discovered in October 2010. This malware was developed to defraud online banking customers, specifically those who had begun using a second channel (the mobile phone) to receive a one-time authentication code for increased security in online banking transactions. Developed to run on Symbian and BlackBerry platforms, the malware tricked the mobile user into installing it on his or her mobile phone, and then forwarding any authentication code sent to that phone by the bank to the attackers, who then have all the information they need to empty the account. Maclachlan said the people running the scams Most people will not have are careful to avoid attracting attention to thema virus on their phone, and selves. In the mobile world, the infections will those who do will probably go to 50,000 or 100,000 subscribers on a network never notice. of several million. If each one of those handsets sends just one extra SMS a month, it will not be GARETH MACLACHLAN, chief operating officer, AdaptiveMobile detected. But it can generate a lot of revenue over a few months, he said. Most people will not have a virus on their phone, and those who do will probably never notice. He added that business users tend to be a particular target. We see very high infection rates in corporations, because most corporate users have the same handset for business and personal use. They have the same address books, so they trust messages coming from other parts of the company. And they never see their phone billits paid for them. He predicts that the mobile operators will try to prevent threats at the network level rather than taking the more hands-off approach of many ISPs. If the mobile operators pushed out antivirus to their customers devices, it would scare users and would generate more customer care calls, Machlachlan said, So operators are keen to solve security issues themselves at the network level.w
Ron Condon is SearchSecurity.co.uks Bureau Chief.
T E C H TA R G E T S E C U R I T Y M E D I A G R O U P
Technical Guide on Mobile Device Security
�Move up to More
Free
BlackBerry PlayBook tablet.
Upgrade to BlackBerry Enterprise Server v.5 by December 31, 2011 and receive a FREE BlackBerry PlayBook tablet.
BlackBerry enterprise Server v.5 opens up many new opportunities, including:
BlackBerry Balance Technology Manage employee-owned mobile devices and separate work and personal data Microsoft Sharepoint Document based collaboration optimized for BlackBerry smartphones greater Functionality & productivity Improved calendar, contacts, email and folder synchronization Learn more today www.blackberry.com/upgradeoffer
Terms and Conditions: Limited time offer valid only from October 12, 2011 to December 31, 2011 (Offer Period). Offer available to US and Canadian, excluding Quebec, existing BlackBerry Enterprise Server (BES) customers with version 4.1 or older who install and upgrade their BES to version 5.0 (Eligible Customers) during the Offer Period. Upgrade can be done either through: (i) the purchase and installation of BES version 5.0 software directly; or (ii) the purchase of BlackBerry Technical Support Services subscription, which includes free BES version 5.0 upgrade. Eligible Customers must enter the Server Routing Protocol Identifier (SRP ID) provided with installation of their BES as proof of upgrade on www. BlackBerryMoveUpToMore.com by January 31, 2012 in order to qualify for the Offer and receive one (1) 16GB BlackBerry PlayBook tablet. Limit one (1) tablet per SRP ID number. RIM reserves the right to change or terminate the Offer, or to extend the Offer or Offer Period without notice. Offer is not redeemable for cash and may not be combined with any other offer or promotion unless specifically authorized by RIM. Void where prohibited. Please allow 6 to 8 weeks for delivery. 2011 Research In Motion Limited. All rights reserved. BlackBerry, RIM, Research In Motion and related trademarks, names and logos are the property of Research In Motion Limited and are registered and/or used in the U.S. and countries around the world. All other marks contained herein are the property of their respective owners. RIM03957
M OB I LE DEVICE SECU R ITY
DATA P R O T E C T I O N
How Sensitive Company Data Leaks Onto Mobile Devices in Business
Understand how company data leaks onto mobile devices and gain insight into enforcing corporate security policies.
CONTENTS
ATTACKS
DATA PROTECTION
BY PETE R WOOD FOR SEARCHSECU R ITY.CO.U K
THE USE OF consumer technology such as smartphones and tablets is now common in the workplace. Whilst many businesses provide and administer smartphones for employee use, in most cases, the devices themselves are still owned by individual employees, eroding the boundary between personal and business computing. In many organisations, IT staff are obliged to permit personal mobile devices in business to connect to corporate networks, often undermining existing security controls.
How does corporate information get onto consumer devices?
There are several ways by which sensitive company data could seep onto employeeowned devices, but the following are generally the most likely:
1. When an employee adds his or her company email details to a smartphone,
ENCRYPTION
POLICY
suddenly the personal device is storing sensitive corporate data, as well as all the employees private information. If the phone is an iPhone or a BlackBerry, the employee will probably synchronise it with his or her personal computer, and, of course, iPad too, potentially adding even more sensitive data.
2. Google Docs, along with file-sharing services like Dropbox, and the apps that
SPONSOR RESOURCES
work with them, such as Documents To Go or Quickoffice, present another avenue for organisational data to spread onto employees mobile devices.
3. Instant messages and text messages can contain sensitive information that could
be unwittingly stored on a mobile device, especially if an attachment is involved.
4. Working collaboratively with colleagues whilst travelling is popular, and, thus,
employees will often copy business information directly from a desktop or laptop to a smartphone, which provides them with a convenient way to collaborate. Of course, it
T E C H TA R G E T S E C U R I T Y M E D I A G R O U P
Technical Guide on Mobile Device Security
M OB I LE DEVICE SECU R ITY
also loads the mobile device with potentially sensitive data.
5. Remote access to corporate networks is increasingly common, with many hand-
held devices supporting VPN software. Once connected via a VPN, a smartphone becomes a node on the internal network with all the rights and privileges of its user, making it simple to copy data to the phones hard drive.
What are the risks of corporate information on consumer devices?
When it comes to security, mobile devices that contain sensitive data could put all that data at risk, unless the appropriate controls are in place. Worryingly, many users do not protect their phones with a PIN or password, leaving all the information on the device exposed to anyone who picks it up. Even worse, if the device supports remote access, the data on corporate servers may be vulnerable, too. A survey by vendor Sophos in April 2011 of over 1,000 consumers found 28% were actively encouraged by their employers to use personal devices at work. However, 30% said their companies did not have a security policy in place to protect information on personal devices used for work purposes.
CONTENTS
What controls are needed to reduce the risks?
ATTACKS
DATA PROTECTION
A companys acceptable use policy must be updated to embrace smartphones and tablets as well as to illustrate that everyone benefits from making consumer devices secure. Employees should understand their personal data, such as bank details, logons and private emails, needs to be secure just as much as the business information on mobile devices. A policy should also clarify who owns the data on the consumer devices and what users responsibilities are. The policy should require users to: Register their personal devices before using them for company business. Notify the company if their devices are lost or stolen. Protect their devices with a secure password.
ENCRYPTION
POLICY
Only access the company network using an approved method, such as a VPN. Install (and keep updated) security software, such as antimalware and remotewipe applications. In addition, you may wish to restrict the sensitivity of information that employees can access on their devices, especially if you have protectively marked data. One way to restrict the types of corporate data that reside on consumer devices without opening the floodgates is to use technologies like Microsofts ActiveSync, which permits users to manage their mail, contacts and calendars on their smart-
SPONSOR RESOURCES
T E C H TA R G E T S E C U R I T Y M E D I A G R O U P
Technical Guide on Mobile Device Security
M OB I LE DEVICE SECU R ITY
phones and iPads without a direct connection to the corporate network. Apples iOS products (iPhone, iPad and iPod touch) support Cisco IPSec VPN protocols, proving a secure option for remote access (Juniper Networks and F5 Networks offer similar competing products). With the release of iOS 4, iPhones and iPads offer enterprise-quality access controls and policy enforcement comparable to those offered on a BlackBerry.
Stay a step ahead
The company and its employees must strike a deal that enables the application of adequate security controls to consumer devices in return for permitting access to corporate data. The trick is to identify the controls that will enforce the corporate security policy without driving a wedge between the business and its users. The alluring nature of recent consumer technologies has captured the imaginations of users, encouraging them to use the devices as more than phones and PDAs and really explore their capabilities. This can be great news for organisations that embrace the technologies enabling greater productivity, more creative results and flexible working. Rather than permitting this wave of consumerisation to sweep over the organisation, however, research the technologies available and the controls they offer. Perhaps start by offering access to mail and diary systems to a trial group, then monitor their behaviour and build your experience before committing further. Limit VPN access to devices you know offer secure client software, and ensure you deploy strong authentication to compensate for the potential weaknesses in consumer platforms. Most importantly, experiment with the technologies yourself and ensure you understand the strengths and weaknesses of each platform.w
Peter Wood is CEO at First Base Technologies, an ethical hacking firm based in the UK. Peter founded First Base in 1989 and has hands-on technical involvement in the firm on a daily basis, working in social engineering, network penetration testing and skills transfer.
CONTENTS
ATTACKS
DATA PROTECTION
ENCRYPTION
POLICY
SPONSOR RESOURCES
10
T E C H TA R G E T S E C U R I T Y M E D I A G R O U P
Technical Guide on Mobile Device Security
�Employees bring mobile devices. You bring end-to-end security.
Secure your sensitive corporate data with Good Technology.
Your employees are using their personal mobile devices for business tasks. This increases their productivity but may also expose your company to the risk of potential security breaches. Instead of trying to block access, take a smarter approach. Secure your sensitive corporate data by encrypting it at every stage of transit behind your firewall, over the air, and on mobile devices themselves. Good Technology provides an enterprise mobility platform that lets you grant safe access to company data on the latest iOS and Android-enabled devices. Thats why Good Technology is positioned as a Leader in the Gartner Magic Quadrant for Mobile Device Management. Learn more in a free white paper, Securing Business Mobility. Download now Or, try Good Technology solutions for yourself. Free trial
Securing Business Mobility Free Whitepaper
Download now
Good Technology 101 Redwood Shores Parkway, Suite 400 Redwood City, CA 94065 USA Visit www.good.com/privacy for more information on our Privacy Policy. 2011 Good Technology, Inc. All rights reserved. Good, Good Technology, Good for Enterprise, the Good logo, and Good Mobile Messaging are trademarks of Good Technology, Inc. All third-party trademarks, trade names, or service marks may be claimed as the property of their respective owners.
M OB I LE DEVICE SECU R ITY
E N C RYP TI O N
Smartphone Encryption, Authentication Ease Mobile Management
Security pros use tools like encryption and authentication to extend security to smartphones. Learn about some current solutions that can help make mobile device management easier.
BY ROB WESTE RVE LT FOR SEARCHSECU R ITY.COM
CONTENTS
ATTACKS
DATA PROTECTION
ENCRYPTION
POLICY
SPONSOR RESOURCES
KENNETH JOHNSTON, CIO and vice president of information systems at Guaranty Bank, is not alone in his struggles to keep pace with workers on the move. Extending the banks existing email encryption capabilities to mobile devices resulted in a painful and time-consuming process for employees. Our mobile workers and clients would try to get around the authentication process and fail, Johnston says. Instead of adding protection, encrypted email actually added to our data leakage fears. Johnston turned to Proofpoint Mobile Encryption to help extend email encryption for bank employees and his banks commercial clients. Proofpoint provides a mobile application or Web-based access to its email encryption services. Springfield, Missouri-based Guaranty Bank has a virtual deployment of Proofpoints Enterprise suite to guard against unauthorised access via inbound and outbound email. Johnston says the mobile application is a natural extension of the enterprise suite, giving users a familiar experience. Now workers and clients can quickly authenticate and open a message directly on their device. As workers are doing more of their business on the road, security vendors are taking notice with new mobile device security tools like smartphone encryption. Proofpoint in March launched its new mobile applications to make it easy for mobile users to decrypt encrypted messages and also search through email archives. Its part of a growing trend among security vendors to make mobile management easier for IT. Extending authentication and encryption on mobile devices has been slowly maturing, says Eric Ogren, founder and principal analyst of the Ogren Group. RSA supported SecurID on a Palm Treo back in the 1990s, he says. Other vendors, including PhoneFactor, are more recent entrants, providing phone-based, tokenless two-factor
Technical Guide on Mobile Device Security
12
T E C H TA R G E T S E C U R I T Y M E D I A G R O U P
M OB I LE DEVICE SECU R ITY
CONTENTS
ATTACKS
authentication systems. Ogren says products that extend security to smartphones and tablets will become a more attractive option for many enterprises dealing with an ever increasing mobile workforce. One of the biggest issues for companies is to get authentication to work on mobile devices, laptops, desktops and just about every device out there, Ogren says. Embedding the key in a device so end users can view encrypted email makes perfect sense. Other security vendors are joining the fray. Mobile security vendor Lookout sells mobile applications that work on Android, BlackBerry and Windows Mobile devices, which can detect mobile malware and analyze whether an application performs a privacy violation. Like other mobile device platforms, Lookout performs a secure backup, can locate missing devices and perform remote wipe capabilities. The major security vendors, including Symantec, McAfee, and Trend Micro provide similar capabilities. Mattias Tornyi, vice president and director of IT at Wedbush Securities, says his firm has long focused on the perimeter to ward off attacks. But he acknowledges that the perimeter is no longer black and white; SSL VPN capabilities are a must-have. Many of the brokerage firms employees are out in the field and while many are turning to their BlackBerry devices, which are easier for the company to manage securely using the BlackBerry server, a growing number are turning to Apple iPhones and Android devices. The goal is to be able to securely push out account info on the iPad and iPhone, he says. Were only now dealing with the concept of anytime, anywhere access, Tornyi says. Were securing all that with one time tokens and we also have high performance firewalls and [intrusion prevention systems] that were using. Its going to be a slow process.w
Robert Westervelt is the news director for TechTargets Security Media Group.
DATA PROTECTION
ENCRYPTION
POLICY
SPONSOR RESOURCES
13
T E C H TA R G E T S E C U R I T Y M E D I A G R O U P
Technical Guide on Mobile Device Security
�Your One Stop Shop for All Things Security
Nowhere else will you nd such a highly targeted combination of resources specically dedicated to the success of todays IT-security professional. Free.
IT security pro's turn to the TechTarget Security Media Group for the information they require to keep their corporate data, systems and assets secure. Were the only information resource that provides immediate access to breaking industry news, virus alerts, new hacker threats and attacks, security standard compliance, videos, webcasts, white papers, podcasts, a selection of highly focused security newsletters and more all at no cost. Feature stories and analysis designed to meet the ever-changing need for information on security technologies and best practices. Breaking news, technical tips, security schools and more for enterprise IT professionals.
www.SearchSecurity.com
www.SearchSecurity.com
Learning materials geared towards ensuring security in high-risk nancial environments.
UK-focused case studies and technical advice on the hottest topics in the UK Security industry.
www.SearchFinancialSecurity.com
www.SearchSecurity.co.UK
Information Security strategies for the Midmarket IT professional.
Technical guidance AND business advice specialized for VARs, IT resellers and systems integrators.
www.SearchMidmarketSecurity.com
www.SearchSecurityChannel.com
M OB I LE DEVICE SECU R ITY
P O L I CY
Three Mobile Device Security Policy Lookouts from ISF
CONTENTS
ATTACKS
The Information Security Forum (ISF) offers advice on how to draft a comprehensive mobile device security policy, given the evolving mobile device environment.
BY STEVE DU R B I N FOR SEARCHSECU R ITY.I N
DATA PROTECTION
ENCRYPTION
POLICY
SPONSOR RESOURCES
CONSUMER MOBILE DEVICES are an omnipresent fact of everyones life today. These devices come with their own baggage, in the form of their susceptibility to information security risks. This assumes importance from an organizational perspective, and one must consider handling the implications of consumerization when framing a mobile device security policy for the enterprise. Organizations today have little or no control over the consumer devices existing within their business ecosystems. Lack of visibility of usage and penetration, coupled with poorly defined ownership, makes governance an uphill task. Adherence to a mobile device security policy and compliance being the challenge, organizations need to start with an end-goal pertaining to what the organization expects these devices to achieve from a business perspective. To meet the challenge of rapid consumerization, mobile device security policies need to be comprehensive yet comprehensible, and always in sync with business requirements. A typical situation is when employees bring in iPhones and iPads and ask the IT departments to make the devices work, even though they dont fall under the existing IT policy. This potentially exposes the organization to risks. The solution is a clear, forward-looking mobile device security policy, with provisions for restructuring wherever gaps exist, and the ability to incorporate new devices, as and when required. Policy review needs to be continual, given the fast pace of device evolution. An understanding of the extent of consumer device penetration and forming different device groups is essential to identify support requirements for these devices and the attendant risks. The issues in this context are broadly spread over four areas, as detailed below:
1) Users: The weakest link
Since there is a lack of control over working practices, there is no consistent usage method. Problems arise when users decide to combine work and personal tasks. Inap-
15
T E C H TA R G E T S E C U R I T Y M E D I A G R O U P
Technical Guide on Mobile Device Security
M OB I LE DEVICE SECU R ITY
propriate usage within the corporate environment or access from unsuitable or insecure locations can magnify exposure and risk. Users need to be educated about risks and best practices. Drafting an acceptable use policy for these devices is essential. This is a key policy area for which monitoring device usage may be necessary to enforce a robust mobile device security policy. Given that organizations are moving into a consumer-based environment, one must distinguish between genuine mistakes and inadvertent ones, from the point of view of disciplinary action.
2) Devices: Trojan horses?
CONTENTS
ATTACKS
Most consumer mobile devices were never designed to be enterprise computing tools. They are thus not the most robust from a mobile device security viewpoint. Unattended, they are vulnerable to a host of infosec threats. Organizations need to put in place solutions for securing mobile device access within the corporate environment. This includes enabling functionality such as malware protection, firewalls, mobile device management systems, and so on. A key area is the issue of ownership. Clarity needs to exist in terms of actions on the device such as storage encryption, remote access and remote wipe, when the device itself does not belong to the organization. When the organization owns the device, the task of compliance and adherence to a mobile device security policy becomes easier. In reality, employee-owned devices are the norm.
3) Applications and data: Regulating risk
DATA PROTECTION
ENCRYPTION
POLICY
Apps are probably the easiest way to infect devices with malware. Organizations cannot depend on vendors or app-stores to screen applications for malware. One way to ensure security of mobile consumer devices is to host the app-store in-house, distributing only those apps that have been tested to meet organizational compliance standards. Alternatively, the mobile device security policy can specify the list of permissible apps. Data classification is another important aspect to consider when drafting a mobile device security policy, in terms of defining the restrictions on the type of data that can be accessed on consumer devices. With a robust mobile device security policy, organizations can maximise the advantages that mobile consumer devices bring to the workplace, while minimizing risks.w
Steve Durbin is Global VP at the Information Security Forum. His focus areas include cyber security in managed services, outsourced cloud security, consumerization and social media.
SPONSOR RESOURCES
16
T E C H TA R G E T S E C U R I T Y M E D I A G R O U P
Technical Guide on Mobile Device Security
M OB I LE DEVICE SECU R ITY
TE C H TA R G E T S E C U R I T Y M E D I A G R O U P
VICE PRESIDENT/GROUP PUBLISHER
Doug Olender
EDITORIAL DIRECTOR Michael S. Mimoso SENIOR SITE EDITOR Eric Parizo SITE EDITOR Marcia Savage DIRECTOR OF MARKETING Kathleen Quinn UK BUREAU CHIEF Ron Condon NEWS DIRECTOR Robert Westervelt SITE EDITOR Jane McPherson ASSOCIATE EDITOR Carolyn Gibney ASSISTANT EDITOR Maggie Sullivan SENIOR MANAGING EDITOR Kara Gattine SALES DIRECTOR Tom Click CIRCULATION MANAGER Kate Sullivan PROJECT MANAGER Elizabeth Lareau PRODUCT MANAGEMENT & MARKETING PUBLISHER Josh Garland DIRECTOR OF PRODUCT MANAGEMENT
Susan Shaver
Kim Dugdale, Kevin Martin SALES REPRESENTATIVES Eric Belcher [email protected] Patrick Eichmann [email protected] Sean Flynn [email protected] Jennifer Gebbie [email protected] Jaime Glynn [email protected] Leah Paikin [email protected] Jeff Tonello [email protected] Vanessa Tonello [email protected] George Whetstone [email protected]
ART & DESIGN CREATIVE DIRECTOR Maureen Joyce
CONTENTS
ATTACKS
CHIEF EXECUTIVE OFFICER Greg Strakosch PRESIDENT Don Hawk
DATA PROTECTION
EXECUTIVE VICE PRESIDENT Kevin Beam CHIEF FINANCIAL OFFICER Jeff Wakely
ENCRYPTION
EUROPEAN DISTRIBUTION Parkway Gordon Phone 44-1491-875-386 www.parkway.co.uk LIST RENTAL SERVICES Julie Brown Phone 781-657-1336 Fax 781-657-1100
POLICY
SPONSOR RESOURCES
Technical Guide on Mobile Device Security is published by TechTarget, 275 Grove Street, Newton, MA 02466 U.S.A.; Toll-Free 888-274-4111; Phone 617-431-9200; Fax 617-431-9201. All rights reserved. Entire contents, Copyright 2011 TechTarget. No part of this publication may be transmitted or reproduced in any form, or by any means without permission in writing from the publisher, TechTarget or SearchSecurity.com.
18
T E C H TA R G E T S E C U R I T Y M E D I A G R O U P
Technical Guide on Mobile Device Security
�Your One Stop Shop for All Things Networking
Nowhere else will you nd such a highly targeted combination of resources specically dedicated to the success of todays IT-networking and service provider professionals. Free.
Access time-saving technical tips, independent expert advice, checklists and tutorials, along with webcasts, white papers, newsletters and more - all for free! We also have half-day and full-day seminars, multi-day conferences, and dinner events coming to a city near you, as well as virtual shows you can view from the comfort of your desktop. Topics covered include: unied communications, WAN optimization, network management and more. View our full 2010-2011 schedule at: events.techtarget.com
�SPONSOR RESOURCES
See ad page 2
Accellion Secure Mobile Apps Accellion Secure Mobile Apps Free User Trial Accellion Whitepaper: 8 Critical Requirements for Secure Mobile File Sharing and Collaboration
See ad page 4
Mobile Device Management Best Practices Delivering and Managing Enterprise Mobile Apps True SaaS for Mobility
See ad page 7
Embracing Employee-Acquired Smartphones without Compromising Security Guide to Security Policies The CIOs Guide to Mobile Security
�SPONSOR RESOURCES
See ad page 11
Whitepaper: When Mobile Device Management Alone Isnt Enough Seven habits that prevent Android and iOS data loss Stop mobile data loss before it starts: See the how-to video
