2. What Do We Believe About The Future?
2015
SaaS / Internet Devices Apps/Data
/ Cloud
3. Customer Challenges of the Post PC Era
The evolution of computing platforms introduce risk
Identity Management
Any Device, Any Cloud/Network
& Data Is Everywhere
Time Access
Access Control
Growth of new No single sign that enable Coexistence of corporate, Unknown network
computing platforms: secure ubiquitous access personal data and performance,
smart phones, devices to applications, data and policies availability, and security
and tablets devices
Multiple people Insecurity in the
accessing data transport of data
Enterprise Mobility Strategy
4. Our Vision . . .
SaaS Applications
.. Data Center Applications
DLP
Personal Applications
AV
Corporate / Personal
Personal Data Company Data
App & Data
Separation
Enterprise Mobility Strategy 5
5. Consumerization is Driving Disruption
Embracing the Personally-Owned & Unmanaged – “BYOD”
Info/App Access Only
Data Sources: Gartner, & IDC
Evolving
Focus
Unmanaged
246M Corp PCs Relevent
293M Personal PCs Devices
819M Smartphones Today
116M Tablets
Future
Devices
177M Corp PCs
Managed
300M Smarphones
Full Control
15M Tablets
Traditional
Focus
Corporate-Owned Personally-Owned
Devices
Enterprise Mobility Strategy 7
6. Understanding Managed & Unmanaged Mobility
Customers need to provide a solution for both the managed and unmanaged
use cases within the enterprise
Managed Unmanaged
MDM enables device Enterprise Use Cases Applications must be
management & protected individually
compliance
Data between
MDM is a foundation for applications must be
policy management secure
Corporate / Personal
Data separation solutions separation becomes a
evolve through APIs non-issue
Manage The Device Secure Apps & Data
Enterprise Mobility Strategy
7. Defining Enterprise Mobility Management
5 key areas of investment
Enterprise Mobility Management
Device/User Apps/Data Threat Expense Enterprise/Cloud
Management Protection Protection Management Integration
Configuration, Corporate data Core security Management Integration
Managed
Devices
Unmanaged
Devices
control and separation and functionality and control of across the
management of delivery of IT across platforms mobile expenses enterprise,
SYMANTEC O 3
mobile devices services including DLP,
Security/protection agents
Datacenter/Priva Public Cloud
PKI, VIP & Cloud
te-Cloud Services
Security/protection agents
Advancing Secure Best in class Enterprise app DLP for Mobile;
compliance collaboration Mobile security store & expense service brokering
automation control identity
Enterprise Mobility Strategy 9
8. Symantec Mobile Management
Comprehensive Enterprise Mobility Management - MDM
Enable Secure Manage
Activate enterprise Protect enterprise data Control inventory and
access, apps and data and infrastructure from configuration with
easily and automatically attack and theft massive scalability
> iOS, Win Mobile, BB, Symbian > Prevent JB, ensure passcodes, … > Integrated with an overall
endpoint management strategy
Enterprise Mobility Strategy 11
9. Enterprise Integration: DLP for Mobile
DLP for Tablets
• Monitor and protect confidential content flow across PIM and web traffic
• MDM managed traffic routing/backhaul from tablets to network DLP
Jan ‘12 • Enforce all DLP policies against all/some mobile traffic
Optional Backhaul; VPN Internet
Internet Local
OnDemand
Clean Traffic
Allowed Protected
Trafic Domain Network DLP
Realms
Enterprise Mobility Strategy 12
10. Mobile Security for Smartphones & Tablets
Mobile Security for Android
• Integrated into win/symbian
protection console
Jun ‘12
• Scheduled /Manual Anti-malware
scanning
• App blacklist/whitelist enforcement
• Uninstall protection, resilience
• Basic locate/lock/passcode reset/wipe and
anti-theft
• Single console mgmt/licensing/reporting
Mobile Security for WP7/8 - iOS
Enterprise Mobility Strategy 13
11. But What About Solving The Challenges BYOD?
Symantec Apps
Key Challenges in Securing Mobile Apps
Personal
Mexico iO-Zone Limited ability to deploy apps across platforms
Internal Apps
No way to manage app authentication
FORD Kaiser JPMC
No native way to prevent “cut & paste”
App Store Apps
No corporate / personal data separation
Lack of app-specific security controls
Enterprise Mobility Strategy 14
12. Our Approach to Protecting Mobile Apps
Enterprise Mobility Console
Symantec Apps
Personal
Mexico iO-Zone
Internal Apps
FORD Kaiser JPMC
Secure App Center
Feature-set
App Store Apps
App deployment & provisioning
User authentication across apps
App Copy & paste prevention
Per app file encryption
Remote data/app wipe
iOS & Android support
Enterprise Mobility Strategy 15
13. Symantec O3TM: The New Cloud Control Point
Symantec O3™
Access Information Cloud
Control Security Compliance
Control Protection Visibility
Private
Cloud
Extend internal security policies to public and private cloud
services accessed from mobile devices
Enterprise Mobility Strategy Symantec
14. Strong Authentication to Enterprise Resources
Secure Access to B2B and B2C web applications
– Can be supported with either one time password or PKI credentials
Account Logon Protection Transaction Protection
• Protects the front door
• Delivers best practice, 2 factor
authentication
• What you know: Username and
password
• What you have: a device that
• Secures higher risk transactions
delivers dynamic passcodes or
• Utilized for transaction
stores a digital certificate
authentication
Enterprise Mobility Strategy 17
15. Controlled Access to ANY Web Apps (intranet & Cloud)
Login using corporate ID App embedded OTP (silent)
O3 gateway acts as SSL VPN and 1-click access with DLP
returns list of authorized apps for user policy to control
and device (context based policy) confidential content
Enterprise Mobility Strategy
16. Symantec Enterprise Mobility - Big Picture
Enterprise
Symantec Mobile Management Management Console Symantec Mobile App Management*
• Device enrollment, provisioning,… • Native Email, Calendar, Contacts
MDM Email / PIM,
• Platform for providing MDM capabilities MEAP, & Strong • Native apps, management deployment in
Mobile Management
Advanced • Enterprise App Store, app deployment Security for
MDM Native Apps • App data encryption
• Corporate Document / Media Library
• Secure interaction between apps, cloud;
• VPN Configuration & Compliance remediation controlled by policy
DLP Corporate Persona
• Compliance (of all device settings/policies)
• Locate, Lock, Reset, Selective Wipe, Full Wipe
Anti-theft Reverse Proxy Mobile
Web App Authentications
+ O3
Symantec Mobile Security
Symantec ioZone*
Protection • Anti-malware, Web Protection • Internal Corporate Web Apps, SSO
where needed • Basic Anti-theft MIAM
• External Corporate Web Apps, SSO
• App Reputation (performance, battery, etc) • Data from Web Apps on device
Encryption
• Office/PDF files Sync’n’Shared on device
• Traffic to/from Corporate Web Apps
DLP
Secure Collaboration • From Symantec Mobile Management
Unmanaged Persona
• SaaS based console Doc Viewer • Office/PDF files Sync’n’Shared on device
Mobile File
• Sync / Share documents & media
Sharing Personal Apps & Data
• Available across PC, Mac, iOS, Android
Enterprise Mobility Strategy * Forward looking statement; subject to change at any time
17. Symantec Enterprise Mobility - Big Picture
Enterprise
Symantec Mobile Management Management Console Symantec Mobile App Management*
• Device enrollment, provisioning,… • Native Email, Calendar, Contacts
MDM Basic Email / PIM,
• Platform for providing MDM capabilities MEAP, & Strong • Native apps, management deployment in
Mobile Management
Advanced • Enterprise App Store, app deployment Security for
MDM Native Apps • App data encryption
• Corporate Document / Media Library
• Secure interaction between apps, cloud;
• VPN Configuration & Compliance remediation controlled by policy
DLP Corporate Persona
• Compliance (of all device settings/policies)
• Locate, Lock, Reset, Selective Wipe, Full Wipe
Anti-theft Reverse Proxy Mobile
Web App Authentications
+ O3
Symantec Mobile Security
Symantec ioZone*
Protection • Anti-malware, Web Protection • Internal Corporate Web Apps, SSO
where needed • Basic Anti-theft MIAM
• External Corporate Web Apps, SSO
• App Reputation (performance, battery, etc) • Data from Web Apps on device
Encryption
• Android 1st • Office/PDF files Sync’n’Shared on device
• Traffic to/from Corporate Web Apps
DLP
Secure Collaboration • From Symantec Mobile Management
Unmanaged Persona
• SaaS based console Doc Viewer • Office/PDF files Sync’n’Shared on device
Mobile File
• Sync / Share documents & media
Sharing Personal Apps & Data
• Available on PC, Mac, iOS, Android
Enterprise Mobility Strategy * Forward looking statement; subject to change at any time
Remove the graph and white text to make more fluid
The project code name is “Ozone” because we provide protection above the clouds. The product is named O3, which is the molecular name for the ozone (ozone is a triatomic molecule, consisting of three oxygen atoms). The ozone layer in the upper atmosphere prevents potentially damaging electromagnetic radiation from reaching the Earth's surface. Similarly, O3 protects enterprises from potentially damage in the cloud.Symantec O3 will help alleviate those concerns by combining identity and access control, information protection and cloud visibility and audits in a single security solution, allowing enterprise customers to extend their internal security policies to public and private cloud services.For the first time, identity and information security combined into a single security control point