Mobile devices have changed the way we use IT-services fundamentally over the last few years, but from a business perspective these consumer-focused devices carry substantial risks and are open to many security threats. This course creates awareness of the many common security threats for businesses in mobile scenarios, and delivers pragmatic approaches to secure your enterprise.
Alexander Wechsler has been working many years doing project and partner management for customers in the enterprise and embedded market. Many of his projects turned into showcases for the successful use of modern software technology.
Cryptography Primer In this module of the Enterprise Strengths Mobile Security course, we're going to focus on cryptography and I'm going to give you a short cryptography primer. So here's what I'm planning for the upcoming module. I want to give you an introduction to cryptography, we're also going to have a close look at algorithms and so called one way functions, which enable the protection of data. We're also going to talk about special items used in cryptography, for example keys, hashes, as well as a key transport mechanism, which are important to understand the way cryptography works. We're also going to talk about signing and encrypting, which is the securing of our data during storage or transport and it's also about authentication and making sure that things have not been tampered with. After the initial explanations we're going to have a look at certificates as well as certificate management and I have spread in demos along the way for important topics to show you how to apply certain cryptography processes, how to use tools or how to product certain items, for example, certificates. We need to secure our data. At the end of the module we're going to sum up what we've seen and learned and also going to have an outlook what's going to happen next.
Defining Requirements for Secure Mobile Devices In the previous modules we've been talking about threats against mobile devices. And of course we could now just have a look on which mobile devices are on the market and match the threats against them, but this wouldn't be enough to get complete picture for enterprise security. Therefore in this module we're going to sit back and think about how a secure mobile device would look like to match our requirements. To do this we're going to start by defining the perfect device as well as perfect user behavior because those two things always need to be looked at together. The best technical device in the hands of a total security unaware user is able to create nearly the same damage as a totally unsecure device in the hands of an experience user. To define those two things, we're having a short recap on the most common threats to have those in mind again, and then we're going to talk about the specific device requirements to take into consideration as well as the specific user requirements we also need to have a look at in this context. At the end of the module, again, we sum up everything and we're also going to have a short outlook on the next module.
Risk Mitigation Strategies We've been talking a lot about risks and threats in the preceding modules, and now it's time to think about what are the best mitigation strategies we're able to apply to counter those risks and threats, and that's exactly what we're going to do in the next module. We're going to think about the risk mitigation strategies and I want to do this in a project related way. Let's think about the mobile enterprise. What do we need at the very beginning if we want to turn our company into a mobile enterprise? So let's make the assumption we are a company and we do not have any mobile storage implemented yet and we're going to do this now. According to this we need to think about different implementation stages and, of course, we're going to start mitigating threats, and this begins with thinking about certain usage policies and user education at the very beginning of course. We're starting from the very bottom and, therefore, I'm shedding also some light on simple mitigation techniques you may want to apply if you are beginning with mobile devices in your enterprise, and one of the topics will also be Exchange ActiveSync Management because that's an important step if you want to move from unmanaged devices into the semi-managed devices stage. We're going to have demos along the way explaining techniques, which will start quite simple, of course, because we are at the beginning, but get more and more advanced as we are striving to reach a secure mobile enterprise.
Technologies Able to Satisfy Security/Mitigation Requirements Let us talk about technologies, which are able to satisfy security, as well as mitigation requirements in the upcoming module. We're going to have a closer look at technologies, which help us to secure the transport layer. We're also going to have a look at BYOD containers, which is a technology which helps us to separate the private user data from our business related data. In addition to that we're going to spend some time thinking about how we're able to enhance the app security on the device, and last but not least, we're going to have a look at rights management systems, which also help us to keep data, as well as content, secure.
Reaching Enterprise Security Hello and welcome. This is the last stretch, the last module in our Enterprise Mobility Security course, and naturally it's all about Reaching Enterprise Security. So what are we going to have a look at? Well, we're going to complete our corporate infrastructure implementation and we're going to complete the architectural setup by putting real-world products behind the logical placeholders, and for me it's important that one of the things you take away out of this course is that it's not enough to protect only the systems, but the combo of systems and data is much much more important, and we also need to have a solution in place to protect both systems, as well as data. After we have been completing the infrastructure setup I'm going to introduce some enterprise mobile device management systems to you. I'm going to show Microsoft Intune, which is a Cloud-based system, and we're starting with the very basic steps, such as enrollment, we're going to distribute profiles, be it certificate profiles, communication profiles, email profiles, all the stuff we've been talking about in the previous modules, we're going to deploy apps, and of course, we're going to enforce some policies because yeah, that's what it's all about. We want to enforce certain company policies on our mobile devices. To reach the next evolutionary level I'm going to show you the combination of SCCM and Intune because this hybrid solution really connects the Cloud with on-premise assistance management and this bridges the gap between modern mobile device management and the classical enterprise system management and only by combining these two approaches we'll really get into holistic system management.