SlideShare a Scribd company logo

Mobile security decision framework

Vishal Sharma
Vishal Sharma
Technology
1 of 3
Download to read offline
Financial (T1) Policy (T2) Technology (T4) Privacy (T6) Operations(T5) Security(T7) Legal (T3) Description Mobile use is justified when it has an efficient, positive impact on mission accomplishment. In applying mobile technology, users, information, and location must be considered. Users: How do users accomplish the task now? How would use of mobile technology affect them? Information: What is the source of the information? Is it govern- ment, public, or private data? What is its sensitivity? Location: Where do the users need access to the information? How would mobile help? Three dimensions influence selection of a mobility program. The constraints of this model include determining what capabilities are to be supported, how much the program can cost, and what degree of security is required. As weight is increased in one dimension, each of the others is affected. NIST SP 800-37 and 800-39 describe information security risk management as one aspect of a holistic organizational risk man- agement program. The mission benefits of implementing mobile computing must be weighed against risk to the organization, mission, information sys- tem, and to the Nation. The Risk Management Framework should be applied to the multiple facets of risk, which span legal, regula- tory, policy, privacy, and technical domains. Decision outcomes include the following: which applications, mobile devices, and types of infrastructure pieces are to be supported. Each decision outcome should be based off mission requirement, balance and trade-offs, and tailoring of risk. References OMB: Digital Government Strategy; NIST: SP 800-124 Rev.1 Draft OMB: Digital Government Strategy; NIST: SP 800-124 Rev.1 Draft NIST: SP 800-37, SP 800-39 NSA: Enduring Security Framework Mobile Computing Decision Should we use mobile computing? To what extent? Mission Requirements How would mobile support the mission? Decision Balancing How shall I weight the dimensions? Risk-Based Tailoring How will I cover the various risks? Results Selecting the right solution Application (R1) Device (R2) Infrastructure (R3) All these must be given consideration: Mobile Computing Decision Framework v1.0 Does mobile support my mission? (M1) Users(M2) Information(M3) Location(M4) What is the mission impact? (M5) Framework (categories flexible, depending on use case) Capabilities(B1) Security(B3) Economics(B2)
Evaluations and Assumptions Briefly describe your mission and the use-case you are evaluating for mobile technology. Use the diagram above to place a dot where you believe your bal- ance is. Take note a shift toward one dimension may result in a loss in others. Assign a confidence rating in each of the circles above where you feel you have tailored your mobile solution to those risks. Circle that number in the chart below for each risk consideration. The evaluations, assumptions, and decisions from the worksheet should lead you to a gen- eral idea of the mobile solution appropriate for your mission, priorities, and risk tolerance. Decisions What are the elements of your mission requirement from above? M1. Does mobile support my mission? M2. Who are the users involved? M3. What is the source and sensitivity of your information? M4. Where will the information be needed by the users? M5. What is the mission impact? What are the factors influencing your balance above? B1. Capabilities B2. Economics B3. Security How confident are you that risk has been adequately addressed? What solution aspects make sense? R1. Application R2. Device R3. Infrastructure To Dos or“What don’t I know?” Mobile Computing Decision Should we use mobile computing? To what extent? Mission Requirements How would mobile support the mission? Decision Balancing How shall I weight the dimensions? Risk-Based Tailoring How will I cover the various risks? Results Selecting the right solution All these must be given consideration: Mobile Computing Decision Framework v1.0 Does mobile support my mission? (M1) Users(M2) Information(M3) Location(M4) What is the mission impact? (M5) Application (R1) Device (R2) Infrastructure (R3) Financial (T1) Policy (T2) Technology (T4) Privacy (T6) Operations(T5) Security(T7) Legal (T3) Worksheet Low --- Level of confidence --- High T1. Financial (1) (2) (3) (4) (5) T2.. Policy (1) (2) (3) (4) (5) T3. Legal (1) (2) (3) (4) (5) T4. Technology (1) (2) (3) (4) (5) T5. Operations (1) (2) (3) (4) (5) T6. Privacy (1) (2) (3) (4) (5) T7. Security (1) (2) (3) (4) (5) (categories flexible, depending on use case) Capabilities(B1) Security(B3) Economics(B2)
Evaluations and Assumptions Due to budget cuts, evaluating to reduce overall mobile device costs through two-pronged approach: 1. Optimize rate plans for agency provided mobile devices, and 2. Implement a BYOD pilot program. Non sensitive data. No PII. Everywhere the employee is, including on site. Currently looking to provide wifi hotspots at work locations. Efforts will create efficiency for agency and save money Economic driving factor is cost reduction due to budget cuts. Overall IT budget cuts of 15% - $17.6M to $15M FY 2011 mobile support cost $800K. Result of budget cuts left $400k to support mobile devices in FY2012. Optimize mobile data/voice rate plan (bundling) and implement BYOD pilot to shift cost to users (no plan reimbursement) Overall mobile users don’t use voice. Plan to provide minimum capabilities to include email and voice. No office apps in BYOD. Financial: Top priority - Cost reduction is the driving factor to meet budget constraints and enable mission Policy: Require users to sign acceptable behavior policy, update security policies pertaining to mobile device Legal: Minimally addressed. Reimbursement unclear Technology: Addressed Operations: Addressed Privacy: Addressed. No PII Security: Minimally addressed. Password lock required on device; password complexity and aging enforced for email Applications: Provide support for GWMail and GWCalendar Device: Initiate BYOD alpha pilot and maintain Blackberry support as needed Back end Infrastructure: Provide current op- tions and cloud MDM (specifically for BYOD). Infrastructure Transport: Do not support or limit any transport for BYOD. Business as usual for Blackberry use Decisions M1. Does mobile support my mission? Yes, it enables work com- munication via email and phone to 550 employees M2. Who are the users involved? Employees and Executives M3. What is the source and sensitivity of your information? Gov- ernment email, no sensitive/PII: government on-premise, cloud, with the employee M4. Where will the information be needed by the users? On- premise, alternative work locations, with employees M5. What is the mission impact? Positive: Reevaluating mobile needs to enable work communication will reduce cost, thereby meeting budget goals B1. Capabilities (Low) Email and Voice - Notifylink MDM (cloud product) B2. Economics (High) Bundle mobile data/voice packages and offer BYOD ($120 per year per user plus $5 per year for applications) B3. Security (Low) Minimum security. Limited security functionality. Note: No PII, no real data senstivity R1. Device - Support multiple platforms: Present GFE RIM Blackberry BYOD on Apple iOS and Google Android R2. Transport- Cellular, Wifi, Bluetooth, near field communications, etc.; No control over monitoring users location, behavior, and ap- plications. Current MDM detects jailbroken and rooted devices. It does not limit or restrict specific transmission options. R3. Infrastructure - Cloud based MDM. Still support Blackberry RIM/BES infrastructure. Support email and voice. Mobile Computing Decision From: A Toolkit to Support Federal Agencies Implementing Bring Your Own Device (BYOD) Programs Mission Requirements How would mobile support the mission? Decision Balancing How shall I weight the dimensions? Risk-Based Tailoring How will I cover the various risks? Results Selecting the right solution All these must be given consideration: Mobile Computing Decision Framework v1.0 Does mobile support my mission? (M1) Users(M2) Information(M3) Location(M4) What is the mission impact? (M5) Application (R1) Device (R2) Infrastructure (R3) Financial (T1) Policy (T2) Technology (T4) Privacy (T6) Operations(T5) Security(T7) Legal (T3) Example Case Study Capabilities(B1) Security(B3) Economics(B2) Low --- Level of confidence --- High T1. Financial (1) (2) (3) (4) (5) T2.. Policy (1) (2) (3) (4) (5) T3. Legal (1) (2) (3) (4) (5) T4. Technology (1) (2) (3) (4) (5) T5. Operations (1) (2) (3) (4) (5) T6. Privacy (1) (2) (3) (4) (5) T7. Security (1) (2) (3) (4) (5)

Recommended

Integration strategies and tactics for information technology governance
Integration strategies and tactics for information technology governanceIntegration strategies and tactics for information technology governance
Integration strategies and tactics for information technology governanceVishal Sharma
 
Every company is a technology company
Every company is a technology companyEvery company is a technology company
Every company is a technology companyVishal Sharma
 
Digital transformation
Digital transformationDigital transformation
Digital transformationshivani12380
 
A Case - Cognizant - Built to Excel
A Case - Cognizant - Built to ExcelA Case - Cognizant - Built to Excel
A Case - Cognizant - Built to ExcelKamales Mandal
 
The CIO Handbook
The CIO HandbookThe CIO Handbook
The CIO HandbookHCL Technologies
 
The Construction Industry's Digital Push
The Construction Industry's Digital Push The Construction Industry's Digital Push
The Construction Industry's Digital Push Renoir Consulting
 
Realising Digital’s Full Potential in the Value Chain
Realising Digital’s Full Potential in the Value ChainRealising Digital’s Full Potential in the Value Chain
Realising Digital’s Full Potential in the Value ChainCognizant
 
Global-Technology-Outlook-2013
Global-Technology-Outlook-2013Global-Technology-Outlook-2013
Global-Technology-Outlook-2013IBM Switzerland
 

Recommended

Integration strategies and tactics for information technology governance
Integration strategies and tactics for information technology governanceIntegration strategies and tactics for information technology governance
Integration strategies and tactics for information technology governanceVishal Sharma
 
Every company is a technology company
Every company is a technology companyEvery company is a technology company
Every company is a technology companyVishal Sharma
 
Digital transformation
Digital transformationDigital transformation
Digital transformationshivani12380
 
A Case - Cognizant - Built to Excel
A Case - Cognizant - Built to ExcelA Case - Cognizant - Built to Excel
A Case - Cognizant - Built to ExcelKamales Mandal
 
The CIO Handbook
The CIO HandbookThe CIO Handbook
The CIO HandbookHCL Technologies
 
The Construction Industry's Digital Push
The Construction Industry's Digital Push The Construction Industry's Digital Push
The Construction Industry's Digital Push Renoir Consulting
 
Realising Digital’s Full Potential in the Value Chain
Realising Digital’s Full Potential in the Value ChainRealising Digital’s Full Potential in the Value Chain
Realising Digital’s Full Potential in the Value ChainCognizant
 
Global-Technology-Outlook-2013
Global-Technology-Outlook-2013Global-Technology-Outlook-2013
Global-Technology-Outlook-2013IBM Switzerland
 
Report 3 the fourth industrial revolution - things to tighten the link betwe...
Report 3 the fourth industrial revolution - things to tighten the link betwe...Report 3 the fourth industrial revolution - things to tighten the link betwe...
Report 3 the fourth industrial revolution - things to tighten the link betwe...Rick Bouter
 
Worldwide IT Services Market - 2012
Worldwide IT Services Market - 2012Worldwide IT Services Market - 2012
Worldwide IT Services Market - 2012Padma Vallury
 
Implications of Industry 4.0 for CIOs
Implications of Industry 4.0 for CIOsImplications of Industry 4.0 for CIOs
Implications of Industry 4.0 for CIOsCapgemini
 
Efma-Accenture Innovation in Insurance Awards 2019
Efma-Accenture Innovation in Insurance Awards 2019Efma-Accenture Innovation in Insurance Awards 2019
Efma-Accenture Innovation in Insurance Awards 2019Accenture Insurance
 
How to Deal With Disruptor (from Telco prespectives)
How to Deal With Disruptor (from Telco prespectives)How to Deal With Disruptor (from Telco prespectives)
How to Deal With Disruptor (from Telco prespectives)Saiful Hidayat
 
Hackathon_article
Hackathon_articleHackathon_article
Hackathon_articleNatasha Azar
 
Complimentary report on the current needs of CIOs
Complimentary report on the current needs of CIOs Complimentary report on the current needs of CIOs
Complimentary report on the current needs of CIOs BMAJCHER
 
Data Science And Analytics Outsourcing – Vendors, Models, Steps by Ravi Kalak...
Data Science And Analytics Outsourcing – Vendors, Models, Steps by Ravi Kalak...Data Science And Analytics Outsourcing – Vendors, Models, Steps by Ravi Kalak...
Data Science And Analytics Outsourcing – Vendors, Models, Steps by Ravi Kalak...Tommy Toy
 
Telco2 business models and opportunities briefing may 2013
Telco2 business models and opportunities briefing may 2013Telco2 business models and opportunities briefing may 2013
Telco2 business models and opportunities briefing may 2013Simon Torrance
 
CIO Magazine_Summer13_Workplace_of_the_Future
CIO Magazine_Summer13_Workplace_of_the_FutureCIO Magazine_Summer13_Workplace_of_the_Future
CIO Magazine_Summer13_Workplace_of_the_FutureDaniel Biondi
 
Accelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesAccelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesMcKinsey & Company
 
Corporate presentation primeur_eng
Corporate presentation primeur_engCorporate presentation primeur_eng
Corporate presentation primeur_engPrimeur
 
Digitization in supply chain management
Digitization in supply chain managementDigitization in supply chain management
Digitization in supply chain managementHae-Goo Song
 
Werkplek Van De Toekomst
Werkplek Van De ToekomstWerkplek Van De Toekomst
Werkplek Van De ToekomstJean-Pierre Beelen
 
Business Intelligence John Tull Seminar Presentation
Business Intelligence John Tull Seminar PresentationBusiness Intelligence John Tull Seminar Presentation
Business Intelligence John Tull Seminar PresentationJohn Tull
 
Mario Derba keynote on Oracle IT Innovation Strategy at the ICIS event at Boc...
Mario Derba keynote on Oracle IT Innovation Strategy at the ICIS event at Boc...Mario Derba keynote on Oracle IT Innovation Strategy at the ICIS event at Boc...
Mario Derba keynote on Oracle IT Innovation Strategy at the ICIS event at Boc...Mario Derba
 
Top 5 digital transformation trends in manufacturing
Top 5 digital transformation trends in manufacturingTop 5 digital transformation trends in manufacturing
Top 5 digital transformation trends in manufacturingJohn Kang Liquidmetal
 
How smart, connected products are transforming companies presentation (edit...
How smart, connected products are transforming companies presentation (edit...How smart, connected products are transforming companies presentation (edit...
How smart, connected products are transforming companies presentation (edit...Fahmy Amrillah
 
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...Capgemini
 
DARQ power driving value for the Communications Industry
DARQ power driving value for the Communications Industry DARQ power driving value for the Communications Industry
DARQ power driving value for the Communications Industry accenture
 
Changing Your Enterprise Architecture - Mobile is Not an Add-On
Changing Your Enterprise Architecture - Mobile is Not an Add-OnChanging Your Enterprise Architecture - Mobile is Not an Add-On
Changing Your Enterprise Architecture - Mobile is Not an Add-OnWheatstone
 
Securely adopting mobile technology innovations for your enterprise using ibm...
Securely adopting mobile technology innovations for your enterprise using ibm...Securely adopting mobile technology innovations for your enterprise using ibm...
Securely adopting mobile technology innovations for your enterprise using ibm...bupbechanhgmail
 

More Related Content

What's hot

Report 3 the fourth industrial revolution - things to tighten the link betwe...
Report 3 the fourth industrial revolution - things to tighten the link betwe...Report 3 the fourth industrial revolution - things to tighten the link betwe...
Report 3 the fourth industrial revolution - things to tighten the link betwe...Rick Bouter
 
Worldwide IT Services Market - 2012
Worldwide IT Services Market - 2012Worldwide IT Services Market - 2012
Worldwide IT Services Market - 2012Padma Vallury
 
Implications of Industry 4.0 for CIOs
Implications of Industry 4.0 for CIOsImplications of Industry 4.0 for CIOs
Implications of Industry 4.0 for CIOsCapgemini
 
Efma-Accenture Innovation in Insurance Awards 2019
Efma-Accenture Innovation in Insurance Awards 2019Efma-Accenture Innovation in Insurance Awards 2019
Efma-Accenture Innovation in Insurance Awards 2019Accenture Insurance
 
How to Deal With Disruptor (from Telco prespectives)
How to Deal With Disruptor (from Telco prespectives)How to Deal With Disruptor (from Telco prespectives)
How to Deal With Disruptor (from Telco prespectives)Saiful Hidayat
 
Complimentary report on the current needs of CIOs
Complimentary report on the current needs of CIOs Complimentary report on the current needs of CIOs
Complimentary report on the current needs of CIOs BMAJCHER
 
Data Science And Analytics Outsourcing – Vendors, Models, Steps by Ravi Kalak...
Data Science And Analytics Outsourcing – Vendors, Models, Steps by Ravi Kalak...Data Science And Analytics Outsourcing – Vendors, Models, Steps by Ravi Kalak...
Data Science And Analytics Outsourcing – Vendors, Models, Steps by Ravi Kalak...Tommy Toy
 
Telco2 business models and opportunities briefing may 2013
Telco2 business models and opportunities briefing may 2013Telco2 business models and opportunities briefing may 2013
Telco2 business models and opportunities briefing may 2013Simon Torrance
 
CIO Magazine_Summer13_Workplace_of_the_Future
CIO Magazine_Summer13_Workplace_of_the_FutureCIO Magazine_Summer13_Workplace_of_the_Future
CIO Magazine_Summer13_Workplace_of_the_FutureDaniel Biondi
 
Accelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesAccelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesMcKinsey & Company
 
Corporate presentation primeur_eng
Corporate presentation primeur_engCorporate presentation primeur_eng
Corporate presentation primeur_engPrimeur
 
Digitization in supply chain management
Digitization in supply chain managementDigitization in supply chain management
Digitization in supply chain managementHae-Goo Song
 
Business Intelligence John Tull Seminar Presentation
Business Intelligence John Tull Seminar PresentationBusiness Intelligence John Tull Seminar Presentation
Business Intelligence John Tull Seminar PresentationJohn Tull
 
Mario Derba keynote on Oracle IT Innovation Strategy at the ICIS event at Boc...
Mario Derba keynote on Oracle IT Innovation Strategy at the ICIS event at Boc...Mario Derba keynote on Oracle IT Innovation Strategy at the ICIS event at Boc...
Mario Derba keynote on Oracle IT Innovation Strategy at the ICIS event at Boc...Mario Derba
 
Top 5 digital transformation trends in manufacturing
Top 5 digital transformation trends in manufacturingTop 5 digital transformation trends in manufacturing
Top 5 digital transformation trends in manufacturingJohn Kang Liquidmetal
 
How smart, connected products are transforming companies presentation (edit...
How smart, connected products are transforming companies presentation (edit...How smart, connected products are transforming companies presentation (edit...
How smart, connected products are transforming companies presentation (edit...Fahmy Amrillah
 
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...Capgemini
 
DARQ power driving value for the Communications Industry
DARQ power driving value for the Communications Industry DARQ power driving value for the Communications Industry
DARQ power driving value for the Communications Industry accenture
 

What's hot (20)

Report 3 the fourth industrial revolution - things to tighten the link betwe...
Report 3 the fourth industrial revolution - things to tighten the link betwe...Report 3 the fourth industrial revolution - things to tighten the link betwe...
Report 3 the fourth industrial revolution - things to tighten the link betwe...
 
Worldwide IT Services Market - 2012
Worldwide IT Services Market - 2012Worldwide IT Services Market - 2012
Worldwide IT Services Market - 2012
 
Implications of Industry 4.0 for CIOs
Implications of Industry 4.0 for CIOsImplications of Industry 4.0 for CIOs
Implications of Industry 4.0 for CIOs
 
Efma-Accenture Innovation in Insurance Awards 2019
Efma-Accenture Innovation in Insurance Awards 2019Efma-Accenture Innovation in Insurance Awards 2019
Efma-Accenture Innovation in Insurance Awards 2019
 
How to Deal With Disruptor (from Telco prespectives)
How to Deal With Disruptor (from Telco prespectives)How to Deal With Disruptor (from Telco prespectives)
How to Deal With Disruptor (from Telco prespectives)
 
Hackathon_article
Hackathon_articleHackathon_article
Hackathon_article
 
Complimentary report on the current needs of CIOs
Complimentary report on the current needs of CIOs Complimentary report on the current needs of CIOs
Complimentary report on the current needs of CIOs
 
Data Science And Analytics Outsourcing – Vendors, Models, Steps by Ravi Kalak...
Data Science And Analytics Outsourcing – Vendors, Models, Steps by Ravi Kalak...Data Science And Analytics Outsourcing – Vendors, Models, Steps by Ravi Kalak...
Data Science And Analytics Outsourcing – Vendors, Models, Steps by Ravi Kalak...
 
Telco2 business models and opportunities briefing may 2013
Telco2 business models and opportunities briefing may 2013Telco2 business models and opportunities briefing may 2013
Telco2 business models and opportunities briefing may 2013
 
CIO Magazine_Summer13_Workplace_of_the_Future
CIO Magazine_Summer13_Workplace_of_the_FutureCIO Magazine_Summer13_Workplace_of_the_Future
CIO Magazine_Summer13_Workplace_of_the_Future
 
Accelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesAccelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securities
 
Corporate presentation primeur_eng
Corporate presentation primeur_engCorporate presentation primeur_eng
Corporate presentation primeur_eng
 
Digitization in supply chain management
Digitization in supply chain managementDigitization in supply chain management
Digitization in supply chain management
 
Werkplek Van De Toekomst
Werkplek Van De ToekomstWerkplek Van De Toekomst
Werkplek Van De Toekomst
 
Business Intelligence John Tull Seminar Presentation
Business Intelligence John Tull Seminar PresentationBusiness Intelligence John Tull Seminar Presentation
Business Intelligence John Tull Seminar Presentation
 
Mario Derba keynote on Oracle IT Innovation Strategy at the ICIS event at Boc...
Mario Derba keynote on Oracle IT Innovation Strategy at the ICIS event at Boc...Mario Derba keynote on Oracle IT Innovation Strategy at the ICIS event at Boc...
Mario Derba keynote on Oracle IT Innovation Strategy at the ICIS event at Boc...
 
Top 5 digital transformation trends in manufacturing
Top 5 digital transformation trends in manufacturingTop 5 digital transformation trends in manufacturing
Top 5 digital transformation trends in manufacturing
 
How smart, connected products are transforming companies presentation (edit...
How smart, connected products are transforming companies presentation (edit...How smart, connected products are transforming companies presentation (edit...
How smart, connected products are transforming companies presentation (edit...
 
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
 
DARQ power driving value for the Communications Industry
DARQ power driving value for the Communications Industry DARQ power driving value for the Communications Industry
DARQ power driving value for the Communications Industry
 

Similar to Mobile security decision framework

Changing Your Enterprise Architecture - Mobile is Not an Add-On
Changing Your Enterprise Architecture - Mobile is Not an Add-OnChanging Your Enterprise Architecture - Mobile is Not an Add-On
Changing Your Enterprise Architecture - Mobile is Not an Add-OnWheatstone
 
Securely adopting mobile technology innovations for your enterprise using ibm...
Securely adopting mobile technology innovations for your enterprise using ibm...Securely adopting mobile technology innovations for your enterprise using ibm...
Securely adopting mobile technology innovations for your enterprise using ibm...bupbechanhgmail
 
Securely Adopting Mobile Technology Innovations
Securely Adopting Mobile Technology InnovationsSecurely Adopting Mobile Technology Innovations
Securely Adopting Mobile Technology InnovationsIBM Software India
 
Securing a mobile oriented enterprise
Securing a mobile oriented enterpriseSecuring a mobile oriented enterprise
Securing a mobile oriented enterpriseinfra-si
 
Mobilising business
Mobilising businessMobilising business
Mobilising businessSno Jutt
 
Websense: A 3-step plan for mobile security
Websense: A 3-step plan for mobile securityWebsense: A 3-step plan for mobile security
Websense: A 3-step plan for mobile securityarms8586
 
Mbs t17 o'neil-mbs-t17 rsa-realizing-mobile-enterprise
Mbs t17 o'neil-mbs-t17 rsa-realizing-mobile-enterpriseMbs t17 o'neil-mbs-t17 rsa-realizing-mobile-enterprise
Mbs t17 o'neil-mbs-t17 rsa-realizing-mobile-enterpriseSelectedPresentations
 
report on Mobile security
report on Mobile securityreport on Mobile security
report on Mobile securityJAYANT RAJURKAR
 
Good for Enterprise by GMS Mobility
Good for Enterprise by GMS MobilityGood for Enterprise by GMS Mobility
Good for Enterprise by GMS MobilityRobert Kleinschmidt
 
Enable your employees to work securely from anywhere with digital workplace
Enable your employees to work securely from anywhere with digital workplaceEnable your employees to work securely from anywhere with digital workplace
Enable your employees to work securely from anywhere with digital workplaceNeetaSahay1
 
micE Model for Defining Enterprise Mobile Strategy
micE Model for Defining Enterprise Mobile StrategymicE Model for Defining Enterprise Mobile Strategy
micE Model for Defining Enterprise Mobile Strategyidescitation
 
Build a Mobile Strategy: Beyond BYOD
Build a Mobile Strategy: Beyond BYODBuild a Mobile Strategy: Beyond BYOD
Build a Mobile Strategy: Beyond BYODGraham Chalk
 
Mobile financial services simple to use, but not simpler to manage
Mobile financial services simple to use, but not simpler to manageMobile financial services simple to use, but not simpler to manage
Mobile financial services simple to use, but not simpler to manageIAEME Publication
 
Enterprise endpoint security_market
Enterprise endpoint security_marketEnterprise endpoint security_market
Enterprise endpoint security_marketpallavi_1234
 
Application Security framework for Mobile App Development in Enterprise Setup
Application Security framework for Mobile App Development in Enterprise SetupApplication Security framework for Mobile App Development in Enterprise Setup
Application Security framework for Mobile App Development in Enterprise SetupEswar Publications
 
Risk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs ProvidedRisk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs ProvidedTiffany Graham
 
Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security Omar Khawaja
 
Security and privacy issues and solutions of Mobile Cloud Computing
Security and privacy issues and solutions of Mobile Cloud ComputingSecurity and privacy issues and solutions of Mobile Cloud Computing
Security and privacy issues and solutions of Mobile Cloud ComputingTahmin Aysha Murshed
 

Similar to Mobile security decision framework (20)

Changing Your Enterprise Architecture - Mobile is Not an Add-On
Changing Your Enterprise Architecture - Mobile is Not an Add-OnChanging Your Enterprise Architecture - Mobile is Not an Add-On
Changing Your Enterprise Architecture - Mobile is Not an Add-On
 
Securely adopting mobile technology innovations for your enterprise using ibm...
Securely adopting mobile technology innovations for your enterprise using ibm...Securely adopting mobile technology innovations for your enterprise using ibm...
Securely adopting mobile technology innovations for your enterprise using ibm...
 
Securely Adopting Mobile Technology Innovations
Securely Adopting Mobile Technology InnovationsSecurely Adopting Mobile Technology Innovations
Securely Adopting Mobile Technology Innovations
 
Securing a mobile oriented enterprise
Securing a mobile oriented enterpriseSecuring a mobile oriented enterprise
Securing a mobile oriented enterprise
 
Mobilising business
Mobilising businessMobilising business
Mobilising business
 
Websense: A 3-step plan for mobile security
Websense: A 3-step plan for mobile securityWebsense: A 3-step plan for mobile security
Websense: A 3-step plan for mobile security
 
Mbs t17 o'neil-mbs-t17 rsa-realizing-mobile-enterprise
Mbs t17 o'neil-mbs-t17 rsa-realizing-mobile-enterpriseMbs t17 o'neil-mbs-t17 rsa-realizing-mobile-enterprise
Mbs t17 o'neil-mbs-t17 rsa-realizing-mobile-enterprise
 
IT Security Trends in 2012
IT Security Trends in 2012IT Security Trends in 2012
IT Security Trends in 2012
 
report on Mobile security
report on Mobile securityreport on Mobile security
report on Mobile security
 
Good for Enterprise by GMS Mobility
Good for Enterprise by GMS MobilityGood for Enterprise by GMS Mobility
Good for Enterprise by GMS Mobility
 
Enable your employees to work securely from anywhere with digital workplace
Enable your employees to work securely from anywhere with digital workplaceEnable your employees to work securely from anywhere with digital workplace
Enable your employees to work securely from anywhere with digital workplace
 
micE Model for Defining Enterprise Mobile Strategy
micE Model for Defining Enterprise Mobile StrategymicE Model for Defining Enterprise Mobile Strategy
micE Model for Defining Enterprise Mobile Strategy
 
Build a Mobile Strategy: Beyond BYOD
Build a Mobile Strategy: Beyond BYODBuild a Mobile Strategy: Beyond BYOD
Build a Mobile Strategy: Beyond BYOD
 
Mobile financial services simple to use, but not simpler to manage
Mobile financial services simple to use, but not simpler to manageMobile financial services simple to use, but not simpler to manage
Mobile financial services simple to use, but not simpler to manage
 
Enterprise endpoint security_market
Enterprise endpoint security_marketEnterprise endpoint security_market
Enterprise endpoint security_market
 
Mobile-Applications-Testing
Mobile-Applications-TestingMobile-Applications-Testing
Mobile-Applications-Testing
 
Application Security framework for Mobile App Development in Enterprise Setup
Application Security framework for Mobile App Development in Enterprise SetupApplication Security framework for Mobile App Development in Enterprise Setup
Application Security framework for Mobile App Development in Enterprise Setup
 
Risk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs ProvidedRisk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs Provided
 
Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security
 
Security and privacy issues and solutions of Mobile Cloud Computing
Security and privacy issues and solutions of Mobile Cloud ComputingSecurity and privacy issues and solutions of Mobile Cloud Computing
Security and privacy issues and solutions of Mobile Cloud Computing
 

More from Vishal Sharma

Generative AI - The New Reality: How Key Players Are Progressing
Generative AI - The New Reality: How Key Players Are Progressing Generative AI - The New Reality: How Key Players Are Progressing
Generative AI - The New Reality: How Key Players Are Progressing Vishal Sharma
 
ABB Aus FY23 Results
ABB Aus FY23 ResultsABB Aus FY23 Results
ABB Aus FY23 ResultsVishal Sharma
 
Digital Transformation - M2M to IoT
Digital Transformation - M2M to IoTDigital Transformation - M2M to IoT
Digital Transformation - M2M to IoTVishal Sharma
 
Next Generation Digital Transformation
Next Generation Digital TransformationNext Generation Digital Transformation
Next Generation Digital TransformationVishal Sharma
 
Vodafone India - Why Govt. of India Intervened
Vodafone India - Why Govt. of India IntervenedVodafone India - Why Govt. of India Intervened
Vodafone India - Why Govt. of India IntervenedVishal Sharma
 
OPTUS Australia Dec 22 Results
OPTUS Australia Dec 22 ResultsOPTUS Australia Dec 22 Results
OPTUS Australia Dec 22 ResultsVishal Sharma
 
TPG Telecom Feb FY 23 Results
TPG Telecom Feb FY 23 Results TPG Telecom Feb FY 23 Results
TPG Telecom Feb FY 23 Results Vishal Sharma
 
State of Global IT Services and Software Industry - 2023
State of Global IT Services and Software Industry - 2023State of Global IT Services and Software Industry - 2023
State of Global IT Services and Software Industry - 2023Vishal Sharma
 
Global Telecom Industry Overview - 2023
Global Telecom Industry Overview - 2023 Global Telecom Industry Overview - 2023
Global Telecom Industry Overview - 2023 Vishal Sharma
 
Future of Cloud 2022 - Grow and Be Green
Future of Cloud 2022 - Grow and Be GreenFuture of Cloud 2022 - Grow and Be Green
Future of Cloud 2022 - Grow and Be GreenVishal Sharma
 
Future of Cloud 2022
Future of Cloud 2022Future of Cloud 2022
Future of Cloud 2022Vishal Sharma
 
NBN - Economies of Scale vs Scope
NBN - Economies of Scale vs ScopeNBN - Economies of Scale vs Scope
NBN - Economies of Scale vs ScopeVishal Sharma
 
NBN and 5G - Threat or Complement
NBN and 5G - Threat or Complement NBN and 5G - Threat or Complement
NBN and 5G - Threat or Complement Vishal Sharma
 
Inflation Impact on IT and Levers to Destress Balance Sheet
Inflation Impact on IT and Levers to Destress Balance SheetInflation Impact on IT and Levers to Destress Balance Sheet
Inflation Impact on IT and Levers to Destress Balance SheetVishal Sharma
 
Sales Trigger Spectrum with Cloud Adoption Curve
Sales Trigger Spectrum with Cloud Adoption Curve Sales Trigger Spectrum with Cloud Adoption Curve
Sales Trigger Spectrum with Cloud Adoption CurveVishal Sharma
 
Telecom Industry - Revitalise for Revenue Generation
Telecom Industry - Revitalise for Revenue GenerationTelecom Industry - Revitalise for Revenue Generation
Telecom Industry - Revitalise for Revenue GenerationVishal Sharma
 
Post COVID B2B Sales Planning and Execution
Post COVID B2B Sales Planning and Execution Post COVID B2B Sales Planning and Execution
Post COVID B2B Sales Planning and Execution Vishal Sharma
 

More from Vishal Sharma (20)

Generative AI - The New Reality: How Key Players Are Progressing
Generative AI - The New Reality: How Key Players Are Progressing Generative AI - The New Reality: How Key Players Are Progressing
Generative AI - The New Reality: How Key Players Are Progressing
 
ABB Aus FY23 Results
ABB Aus FY23 ResultsABB Aus FY23 Results
ABB Aus FY23 Results
 
TPG H2 FY23 Results
TPG H2 FY23 ResultsTPG H2 FY23 Results
TPG H2 FY23 Results
 
Digital Transformation - M2M to IoT
Digital Transformation - M2M to IoTDigital Transformation - M2M to IoT
Digital Transformation - M2M to IoT
 
Next Generation Digital Transformation
Next Generation Digital TransformationNext Generation Digital Transformation
Next Generation Digital Transformation
 
Vodafone India - Why Govt. of India Intervened
Vodafone India - Why Govt. of India IntervenedVodafone India - Why Govt. of India Intervened
Vodafone India - Why Govt. of India Intervened
 
OPTUS Australia Dec 22 Results
OPTUS Australia Dec 22 ResultsOPTUS Australia Dec 22 Results
OPTUS Australia Dec 22 Results
 
TPG Telecom Feb FY 23 Results
TPG Telecom Feb FY 23 Results TPG Telecom Feb FY 23 Results
TPG Telecom Feb FY 23 Results
 
State of Global IT Services and Software Industry - 2023
State of Global IT Services and Software Industry - 2023State of Global IT Services and Software Industry - 2023
State of Global IT Services and Software Industry - 2023
 
Global Telecom Industry Overview - 2023
Global Telecom Industry Overview - 2023 Global Telecom Industry Overview - 2023
Global Telecom Industry Overview - 2023
 
Future of Cloud 2022 - Grow and Be Green
Future of Cloud 2022 - Grow and Be GreenFuture of Cloud 2022 - Grow and Be Green
Future of Cloud 2022 - Grow and Be Green
 
Future of Cloud 2022
Future of Cloud 2022Future of Cloud 2022
Future of Cloud 2022
 
NBN - Economies of Scale vs Scope
NBN - Economies of Scale vs ScopeNBN - Economies of Scale vs Scope
NBN - Economies of Scale vs Scope
 
Inflation Spectrum
Inflation SpectrumInflation Spectrum
Inflation Spectrum
 
NBN and 5G - Threat or Complement
NBN and 5G - Threat or Complement NBN and 5G - Threat or Complement
NBN and 5G - Threat or Complement
 
Digital vs IT
Digital vs IT Digital vs IT
Digital vs IT
 
Inflation Impact on IT and Levers to Destress Balance Sheet
Inflation Impact on IT and Levers to Destress Balance SheetInflation Impact on IT and Levers to Destress Balance Sheet
Inflation Impact on IT and Levers to Destress Balance Sheet
 
Sales Trigger Spectrum with Cloud Adoption Curve
Sales Trigger Spectrum with Cloud Adoption Curve Sales Trigger Spectrum with Cloud Adoption Curve
Sales Trigger Spectrum with Cloud Adoption Curve
 
Telecom Industry - Revitalise for Revenue Generation
Telecom Industry - Revitalise for Revenue GenerationTelecom Industry - Revitalise for Revenue Generation
Telecom Industry - Revitalise for Revenue Generation
 
Post COVID B2B Sales Planning and Execution
Post COVID B2B Sales Planning and Execution Post COVID B2B Sales Planning and Execution
Post COVID B2B Sales Planning and Execution
 

Recently uploaded

Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 

Recently uploaded (20)

Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 

Mobile security decision framework

  • 1. Financial (T1) Policy (T2) Technology (T4) Privacy (T6) Operations(T5) Security(T7) Legal (T3) Description Mobile use is justified when it has an efficient, positive impact on mission accomplishment. In applying mobile technology, users, information, and location must be considered. Users: How do users accomplish the task now? How would use of mobile technology affect them? Information: What is the source of the information? Is it govern- ment, public, or private data? What is its sensitivity? Location: Where do the users need access to the information? How would mobile help? Three dimensions influence selection of a mobility program. The constraints of this model include determining what capabilities are to be supported, how much the program can cost, and what degree of security is required. As weight is increased in one dimension, each of the others is affected. NIST SP 800-37 and 800-39 describe information security risk management as one aspect of a holistic organizational risk man- agement program. The mission benefits of implementing mobile computing must be weighed against risk to the organization, mission, information sys- tem, and to the Nation. The Risk Management Framework should be applied to the multiple facets of risk, which span legal, regula- tory, policy, privacy, and technical domains. Decision outcomes include the following: which applications, mobile devices, and types of infrastructure pieces are to be supported. Each decision outcome should be based off mission requirement, balance and trade-offs, and tailoring of risk. References OMB: Digital Government Strategy; NIST: SP 800-124 Rev.1 Draft OMB: Digital Government Strategy; NIST: SP 800-124 Rev.1 Draft NIST: SP 800-37, SP 800-39 NSA: Enduring Security Framework Mobile Computing Decision Should we use mobile computing? To what extent? Mission Requirements How would mobile support the mission? Decision Balancing How shall I weight the dimensions? Risk-Based Tailoring How will I cover the various risks? Results Selecting the right solution Application (R1) Device (R2) Infrastructure (R3) All these must be given consideration: Mobile Computing Decision Framework v1.0 Does mobile support my mission? (M1) Users(M2) Information(M3) Location(M4) What is the mission impact? (M5) Framework (categories flexible, depending on use case) Capabilities(B1) Security(B3) Economics(B2)
  • 2. Evaluations and Assumptions Briefly describe your mission and the use-case you are evaluating for mobile technology. Use the diagram above to place a dot where you believe your bal- ance is. Take note a shift toward one dimension may result in a loss in others. Assign a confidence rating in each of the circles above where you feel you have tailored your mobile solution to those risks. Circle that number in the chart below for each risk consideration. The evaluations, assumptions, and decisions from the worksheet should lead you to a gen- eral idea of the mobile solution appropriate for your mission, priorities, and risk tolerance. Decisions What are the elements of your mission requirement from above? M1. Does mobile support my mission? M2. Who are the users involved? M3. What is the source and sensitivity of your information? M4. Where will the information be needed by the users? M5. What is the mission impact? What are the factors influencing your balance above? B1. Capabilities B2. Economics B3. Security How confident are you that risk has been adequately addressed? What solution aspects make sense? R1. Application R2. Device R3. Infrastructure To Dos or“What don’t I know?” Mobile Computing Decision Should we use mobile computing? To what extent? Mission Requirements How would mobile support the mission? Decision Balancing How shall I weight the dimensions? Risk-Based Tailoring How will I cover the various risks? Results Selecting the right solution All these must be given consideration: Mobile Computing Decision Framework v1.0 Does mobile support my mission? (M1) Users(M2) Information(M3) Location(M4) What is the mission impact? (M5) Application (R1) Device (R2) Infrastructure (R3) Financial (T1) Policy (T2) Technology (T4) Privacy (T6) Operations(T5) Security(T7) Legal (T3) Worksheet Low --- Level of confidence --- High T1. Financial (1) (2) (3) (4) (5) T2.. Policy (1) (2) (3) (4) (5) T3. Legal (1) (2) (3) (4) (5) T4. Technology (1) (2) (3) (4) (5) T5. Operations (1) (2) (3) (4) (5) T6. Privacy (1) (2) (3) (4) (5) T7. Security (1) (2) (3) (4) (5) (categories flexible, depending on use case) Capabilities(B1) Security(B3) Economics(B2)
  • 3. Evaluations and Assumptions Due to budget cuts, evaluating to reduce overall mobile device costs through two-pronged approach: 1. Optimize rate plans for agency provided mobile devices, and 2. Implement a BYOD pilot program. Non sensitive data. No PII. Everywhere the employee is, including on site. Currently looking to provide wifi hotspots at work locations. Efforts will create efficiency for agency and save money Economic driving factor is cost reduction due to budget cuts. Overall IT budget cuts of 15% - $17.6M to $15M FY 2011 mobile support cost $800K. Result of budget cuts left $400k to support mobile devices in FY2012. Optimize mobile data/voice rate plan (bundling) and implement BYOD pilot to shift cost to users (no plan reimbursement) Overall mobile users don’t use voice. Plan to provide minimum capabilities to include email and voice. No office apps in BYOD. Financial: Top priority - Cost reduction is the driving factor to meet budget constraints and enable mission Policy: Require users to sign acceptable behavior policy, update security policies pertaining to mobile device Legal: Minimally addressed. Reimbursement unclear Technology: Addressed Operations: Addressed Privacy: Addressed. No PII Security: Minimally addressed. Password lock required on device; password complexity and aging enforced for email Applications: Provide support for GWMail and GWCalendar Device: Initiate BYOD alpha pilot and maintain Blackberry support as needed Back end Infrastructure: Provide current op- tions and cloud MDM (specifically for BYOD). Infrastructure Transport: Do not support or limit any transport for BYOD. Business as usual for Blackberry use Decisions M1. Does mobile support my mission? Yes, it enables work com- munication via email and phone to 550 employees M2. Who are the users involved? Employees and Executives M3. What is the source and sensitivity of your information? Gov- ernment email, no sensitive/PII: government on-premise, cloud, with the employee M4. Where will the information be needed by the users? On- premise, alternative work locations, with employees M5. What is the mission impact? Positive: Reevaluating mobile needs to enable work communication will reduce cost, thereby meeting budget goals B1. Capabilities (Low) Email and Voice - Notifylink MDM (cloud product) B2. Economics (High) Bundle mobile data/voice packages and offer BYOD ($120 per year per user plus $5 per year for applications) B3. Security (Low) Minimum security. Limited security functionality. Note: No PII, no real data senstivity R1. Device - Support multiple platforms: Present GFE RIM Blackberry BYOD on Apple iOS and Google Android R2. Transport- Cellular, Wifi, Bluetooth, near field communications, etc.; No control over monitoring users location, behavior, and ap- plications. Current MDM detects jailbroken and rooted devices. It does not limit or restrict specific transmission options. R3. Infrastructure - Cloud based MDM. Still support Blackberry RIM/BES infrastructure. Support email and voice. Mobile Computing Decision From: A Toolkit to Support Federal Agencies Implementing Bring Your Own Device (BYOD) Programs Mission Requirements How would mobile support the mission? Decision Balancing How shall I weight the dimensions? Risk-Based Tailoring How will I cover the various risks? Results Selecting the right solution All these must be given consideration: Mobile Computing Decision Framework v1.0 Does mobile support my mission? (M1) Users(M2) Information(M3) Location(M4) What is the mission impact? (M5) Application (R1) Device (R2) Infrastructure (R3) Financial (T1) Policy (T2) Technology (T4) Privacy (T6) Operations(T5) Security(T7) Legal (T3) Example Case Study Capabilities(B1) Security(B3) Economics(B2) Low --- Level of confidence --- High T1. Financial (1) (2) (3) (4) (5) T2.. Policy (1) (2) (3) (4) (5) T3. Legal (1) (2) (3) (4) (5) T4. Technology (1) (2) (3) (4) (5) T5. Operations (1) (2) (3) (4) (5) T6. Privacy (1) (2) (3) (4) (5) T7. Security (1) (2) (3) (4) (5)