Browse communities
Presenting a webinar?
Share this content

Addressing BYOD Security and Compliance through Mobile Risk Management

Daniel Ford, CSO, Fixmo
The invasion of employee-owned devices, consumer-grade OS's, and unsanctioned mobile apps is exposing organizations to a new wave of security threats and compliance concerns. But the shift to a BYOD world also presents a unique opportunity to re-invent your endpoint security and data protection strategies with a greater focus on securing and managing the apps and the data, rather than the devices themselves, and providing employees with greater flexibility without compromising on security and compliance.

Join Dan Ford from Fixmo to learn about the following topics:

- Security and compliance impacts of BYOD
- Threats and vulnerabilities in iOS, Android and BlackBerry
- Preventing jailbroken OS's, policy hacking and other dangerous exploits
- Protecting your data on BYOD through an IT-controlled secure sandbox approach
- Mobile Risk Management as a strategic approach to security and compliance in a BYOD world
Jul 12 2012
47 mins
Addressing BYOD Security and Compliance through Mobile Risk Management
BYOD compliance mobile risk management security
More from this community:

Cloud Computing

Webinars and videos

  • Live 2 and recorded (2726)
  • Upcoming (82)
  • Date
  • Rating
  • Views
  • Perchè i Server? La Protezione dei sistemi critici
    La sicurezza dei server è un asset fondamentale per abilitare il business. Non solo per le informazioni che gestiscono ma anche per i servizi per i quali sono configurati. Pianificarne la sicurezza e la conformità è l’unico strumento per per ridurre il rischio in caso di attacco
    In questo webcast approfondiremo i vantaggi delle soluzione end point protection ed anche di server hardening
    Partecipa a questo webcast per pianificare al meglio la tua politica di Cyber Security.
    Read more >
  • Join Amazon Web Services for the sixth in our series of webinars, 'Journey Through the AWS Cloud'. This complimentary webinar discusses the use of AWS as a storage and archive platform.

    A wide range of assets can be cost effectively held in highly durable storage systems within the AWS cloud, for global distribution, long term storage or cold archive. Learn about a range of use cases for the Amazon Simple Storage Service (S3) beyond simple object storage, and how Amazon Glacier can revolutionise long term archive economics and technology.
    Read more >
  • CA Technologies is committed to helping you make Here's a quick look at how CA Technologies is intensely focused on their customers--how they're helping them do more, making their job better, more fun, and freeing up their time with innovative action. Learn more at http://www.ca.com/mainframe
    Read more >
  • In the last 10 years, hacking has become big business with a well organised infrastructure, defined roles and responsibilities, and sophisticated attack vector automation that generates large-scale attacks of unprecedented size, speed and devastation. Advanced protection is needed in order to successfully stand up to the ‘industrialisation of hacking’. In this webinar, Andy will talk about:

    - How to prevent web attacks like SQL injection, cross-site scripting, app DDoS or site scraping.

    - The limitations and vulnerabilities associated with IPS solutions and other traditional security solutions.

    - Attack-mitigation techniques for combating malware including bots and other automated attacks common in industrialised hacking.

    - How to protect networks from the ‘compromised insider’ threat.

    About the speaker:
    Mark has 18 years’ experience in the IT industry, and has specialised in Internet security systems for more than 16 years. Mark is a passionate evangelist for technology and is multi-skilled across a broad range of security solutions including Firewalls, VPNs, IPS, WAF, web and email content filtering, SIM/SIEM, load balancing, DLP, risk assessment, monitoring tools, DB security and consultancy. Mark joined Imperva in 2007 and held previous technical roles at Nokia and contracted as a security specialist where he has held senior roles designing and implementing firewall, IDP and VPN solutions in mission critical environments.
    Read more >
  • Come avvengono gli attacchi? 5 STAGES OF A DATA BREACH
    Per proteggere le aziende da attacchi informatici, è importante capire come operano gli attacanti. Questo webcast descrive l’anatomia di un attacco nelle sue 5 fasi: Reconnaissance, Incursion, Discovery, Capture ed Exfiltration
    Verranno inoltre analizzate le principali tecniche impiegate e le soluzioni per prevenirle e/o contrastarle oltre al relativo impatto sul business (rilevato dalla ricerca “Cost of a Data Breach 2013”)
    Partecipa a questo webcast per vedere come si sono evolute le cyber minacce e come stanno influenzando le realtà produttive.
    Read more >
  • Cosa sta DAVVERO succedendo? Il Security Threat Report
    Il Security Threat Report fornisce una panoramica e un'analisi di attività delle minacce a livello mondiale nel 2012. Dai dati della Global Intelligence Network, esperti di Symantec analizzano le tendenze emergenti negli attacchi, nelle vulnerabilità e negli obiettivi.
    Inoltre, l’ultima ricerca “Cost of a Data Breach Report 2013” traccerà gli impatti economici per le organizzazioni nel caso di attacchi informatici
    Partecipa a questo webcast per avere un aggiornamento sul panorama delle minacce e della sicurezza nel 2013 e sulle conseguenze nel business.
    Read more >
  • Pour limiter les risques d’une cyber-attaque, la politique de sécurité doit comprendre la mise en place d’une politique de supervision incluant la surveillance des vulnérabilités, la corrélation des événements de sécurité, les procédures de réponse en cas d’attaque… Lors de ce webcast, nous vous invitons à faire le point sur les solutions de SOC, SSIEM, Services Managés et leurs bénéfices.
    Read more >
  • Join Raj for a complete regulatory overview including:

    - HIPAA Omnibus Update
    - FTC Health Breach Rule
    - Top 5 reasons organizations FAIL Security Assessments
    - Case Studies
    - Guidance
    - Success Stories
    Read more >
  • Enterprise Storage moving toward the cloud requires an interoperable interface foundation to avoid vendor lock-in and provide choice. This tutorial will provide an overview of the features of a Enterprise cloud storage standard and explain how interoperability between clouds is achieved.

    What should you be requiring from your cloud vendors?
    How can you expect standards to roll out in implementations?

    Learning Objectives
    How this cloud storage standard can achieve interoperability and what this interoperability means to you.
    How you can use the cloud storage standard both internally for private clouds as well as for public clouds.
    Read more >
  • Virtualization, cloud computing, hybrid environments and BYOD are here to stay. When implemented successfully, these solutions can transform the way businesses operate and lower the OPEX and CAPEX costs of IT departments. However, these major IT trends cannot be considered separately: virtualization and cloud are often linked, and needs for anytime anywhere connectivity and mobile workforce enablement won't wait. This is why it's essential to have a holistic approach and address the business, technology and financial implications of today for tomorrow's needs.


    Dell has quickly become one of the largest and fastest growing networking providers in the world by leveraging its extensive expertise in the data center to build a complete portfolio of switches that are designed to be open, flexible, powerful and economical.
    Read more >
You might also like: Guard Your Business When Disaster Strikes
  • Channel
  • Channel profile

Governance, Risk, and Compliance

Up Down
  • Big Data: Privacy Threat or Business Strategy? Sep 12 2013 2:00 pm UTC 60 mins
    Big data has the potential to unlock data analytics to a whole new level. With more data comes more targeted predictive analytics, marketing, security measure and more. However, as you collect more data, especially about people, privacy becomes an issue. How much data about one person is too much data? Where do we draw the line between good business practices and invasion of privacy?

    Attend this webinar as this panel of experts discover where that line lands and which questions should you and should you not be asking from big data.
  • SSD vs. HDD - Risks and Side Effects of Flash Technology Aug 15 2013 2:00 pm UTC 45 mins
    Storage technology is trending towards solid state drives (SSD) across all platforms from mobile devices all the way to the data center. Regardless of the user perception that SSD/Flash is safer and more robust than traditional HDD, a recent survey compiled by Kroll Ontrack amongst 500 IT professionals reveals that 57 percent of respondents had experienced data loss with SSD/Flash technology.

    Peter Böhret, VP Europe, Kroll Ontrack will discuss the risks and technical considerations relating to the use of SSD/Flash technology in a disaster recovery scenario, from the viewpoint of the world’s leading specialist in data recovery. The presentation will cover an overview of key technology differences HDD vs. SSD, highlight disaster recovery challenges in SSD infrastructures, outline SSD data security considerations and provide guidance about SSD usage based on real life data loss scenarios.
  • Maintaining Security In an Always-On World Jul 18 2013 4:00 pm UTC 45 mins
    In this post-PC era, people work from outside the office on smart phones, tablets and laptops. They use unsecured Wi-Fi at airports, coffee shops and hotels. And the rise of cloud-based applications has enabled employees to access critical data without connecting back to headquarters through a VPN. As the lines between when, where and how work gets done continue to blur, and IT continues to lose visibility and control, security risks increase. Yet, despite the rapidly shifting technological landscape, exploding device diversity, and the rising work-anywhere culture, security solutions still focus on how to secure corporate networks. This session will discuss how businesses can leverage the cloud to seamlessly deliver security to users, wherever they choose to work.
  • Enhancing MDM's to Protect User Privacy through App Reputation Jul 17 2013 5:00 pm UTC 45 mins
    Today’s MDM solutions are effective at lost device and malicious app protection, ensuring passwords are used and separating and securing both personal and corporate information on the same device – but what about protecting against apps with shady privacy practices? For instance, apps whose developers monetize through imbedded advertising engines which pay based on the amount of user data collected. Or, apps which insecurely store, access and/or transmit user data. How can IT admins protect against the choices users are making when installing 3rd party apps? From a security perspective, this area needs to be addressed before corporate and personal data is compromised. As a result, a mobile application reputation service for Android and iOS platforms is required to specifically address the issues of shady apps. By analyzing dozens of key metrics, app reputation analysis greatly assists in the decision making process when it comes to a user installing a new app. By being able to immediately alert the user to the potential security risks, or poor security practices, it provides an informed opportunity for them to compare the app against other similar, yet more secure, apps.
  • The Irresistible Force of BYOD – How to Get it Running Securely Jul 16 2013 5:00 pm UTC 45 mins
    From increasing productivity to reducing operational costs, it's time for companies to look at how they be more effective with BYOD. Join Marco Nielsen, VP of Services at Enterprise Mobile, as he shares how to optimize your BYOD strategy and execution, how to make the most of your existing management solutions and how to address security challenges that have arisen from a much more diverse mobile device and application landscape.
  • Panel: Is BYOD Security An Oxymoron? Jul 16 2013 4:00 pm UTC 45 mins
    Bring Your Own Device (BYOD) policies have led to the consumerization of IT in the enterprise that delights business users, but creates security challenges for IT departments.
    This panel discussion will discuss the security challenges that personal smartphones and tablets can bring to organizations. It will also examine what can be done to strengthen the security posture of a company with a BYOD policy. Topics that will be discussed include:

    Malware, rooted devices, & remediation
    Policies & policy enforcement
    Mobile Device Management (MDM)
    Digital containers for enterprise data
    BYOD security best practices
  • To BYOD or Not to BYOD, That is the Question… Jul 16 2013 10:00 am UTC 45 mins
    A 2012 global survey reported that 88% of consumers use a personal mobile device for work. This year, Gartner has gone further, predicting that 50% of employers will stop providing devices by 2017, requiring employees to bring their own. If a bring your own device (BYOD) programme doesn’t already exist in your organisation, you need to start thinking now of the risks and if and how they can be managed. This webinar will discuss the continuing BYOD and mobile device in the workplace trend and offer an information-centric approach to assessing and managing the associated risks. It will provide insight and guidance on the implementation of BYOD programmes and in particular, discuss how to:

    · Take a risk-based approach to implementing BYOD projects

    · Identify the risks and threats posed by employee-owned devices connecting to the organisation’s systems

    - Conduct analysis of the business impacts that BYOD incidents could present

    · Assess the organisation’s vulnerabilities to those threats

    · Adopt and learn from BYOD leading practices

    The audience for this webinar is Chief Information Officers (CIOs), Chief Information Security Officers (CISOs), executives responsible for BYOD programmes, their direct reports, and all others participating in committees or working groups responsible for managing BYOD programmes.
  • The Consumerisation of Corporate IT - Stories from the Front Line Jul 16 2013 9:00 am UTC 45 mins
    Synopsis:
    Cool technologies show up for the consumer market before they're available to the business market. Employees are either going to figure out ways around the corporate security rules, or they're going to take another job with a more trendy company. Either way, senior management is going to tell security to get out of the way. It might even be the CEO, who wants to get to the company's databases from his brand new iPad, driving the change. It's going to be harder and harder to say no. Peter Wood looks at what firms are doing to answer this challenge and offers some pragmatic advice

    About the speaker:
    Peter is a world-renowned security evangelist, speaking at conferences and seminars on ethical hacking and social engineering. He has appeared in documentaries for BBC television, provided commentary on security issues for TV and radio and written many articles on a variety of security topics.

    Peter has worked in the electronics and computer industries since 1969. He has extensive experience of communications and networking, with hands-on knowledge of many large-scale systems. He founded First Base Technologies in 1989, providing information security consultancy and security testing to commercial and government clients. Peter has hands-on technical involvement in the firm on a daily basis, working in penetration testing, social engineering and awareness.
  • Are You Googling Your Clients’ Privacy Away? Jul 11 2013 6:00 pm UTC 45 mins
    This presentation addresses how various services offered by Google can become a threat to your companies’ privacy and confidentiality policies.

    It deals with Google’s capabilities to capture and aggregate information with or without user knowledge. Special attention is given to Google’s key offerings such as:

    * Google Searches
    * GMail
    * Orkut
    * Google Toolbar
    * Google Desktop
    * Android
    * Chrome Browser
    * Case Studies from around the world
  • Know When To Say When – Proactive Risk Management Jul 11 2013 4:00 pm UTC 45 mins
    When is the very worst time to make a commitment? When we know the very least. How can we make sensible commitments while also reducing risks? By using Proactive Risk Management. Niel Nickolaisen developed Proactive Risk Management in order to do two things – properly and concisely profile and mitigate risk and align commitments as to what and when with risk mitigation. This method encourages iterative risk management while also satisfying stakeholders as to what must be true before the team can make a concrete commitment.
  • Best Practice or Compliance – Preparing for Data Breaches Jul 11 2013 11:00 am UTC 45 mins
    Synopsis:
    Whether or not your business is at high risk of an attack, appropriate action must be taken in the event of a data breach. The procedure must ensure that the business is not compromised while still preserving necessary forensic evidence.
    There are currently no data breach notification regulations in force - but if there were, how would your business fair with them? Is your business using best practices before it has to comply?
    This session will explore some of the best practices to follow in dealing with breaches before EU Data Protection Regulations require data breach notification and response to data subjects in the event of a breach.

    About the speaker:
    Sarb Sembhi is a Principal Security Consultant with “Incoming Thought”, a security consultancy. Sarb is a regular speaker at Information Security Conferences around the world, including at CxO Summits, Gartner Summits, InfoSec Europe, RSA Europe, HITB, BCS, ISACA, IIPSec, IT Directors Forum.
    Sarb is also the immediate past President of ISACA (London Chapter), Chair of the ISACA Region 3 Government and Regulatory Agencies Sub-committee, a member of ISSA Advisory Board, Eurim, Infosecurity Magazine Editorial Board, Infosecurity Advisory Council 2009, and an individual member of the Parliamentary IT Committee.
  • Proactive Risk Management - A Use Case Approach Jul 11 2013 10:00 am UTC 45 mins
    In this webinar, Michi will discuss how an organization can take the requirements of their infrastructure around operational controls, compliance and security to extend and expand them into a Security Intelligence solution.

    Using a use case approach, organizations can look to extend and build upon their existing systems and controls to provide real-time warnings and feedback that allows them to make informed decisions focused around their business needs. Rather than just having a "top 10 attacker" reports and dashboards, how about a system that focuses around application lines and how this impacts business is more useful.
  • Cloud, Social Networking and BYOD Collide! Jul 11 2013 9:00 am UTC 45 mins
    Synopsis:
    The hot topics for 2013 are still cloud security, social networking and ‘bring your own device’ (BYOD). Peter Wood explores what happens when these three trends collide and the effect on the security of a typical large organisation. Pete believes that conventional security thinking has failed to address these challenges – so how do we deal with this brave new world and what can you do to manage the risks?

    About the speaker:
    Peter is a world-renowned security evangelist, speaking at conferences and seminars on ethical hacking and social engineering. He has appeared in documentaries for BBC television, provided commentary on security issues for TV and radio and written many articles on a variety of security topics.

    Peter has worked in the electronics and computer industries since 1969. He has extensive experience of communications and networking, with hands-on knowledge of many large-scale systems. He founded First Base Technologies in 1989, providing information security consultancy and security testing to commercial and government clients. Peter has hands-on technical involvement in the firm on a daily basis, working in penetration testing, social engineering and awareness.
  • Antivirus Software: Understand Detection Methods Before you buy Jul 10 2013 5:00 pm UTC 60 mins
    Before you choose an antivirus solution it's important to understand how it goes about detecting malware in the first place. Join us as we discuss:
    - Security in the News
    - Modern threat categoreis and attack vectors
    - Endpoint risks, infection methods, payloads
    - Detection with signatures and hueristics
    - Zero Day Risk
    - Technologies that protect removeable storage devices
    - Best Practices
  • Guard Your Business When Disaster Strikes Jun 26 2013 4:00 pm UTC 60 mins
    Fires, tornadoes, and hurricanes. Viruses, malicious attacks, and human error. Today's CTO must be part strategist, part superhero in his effort to achieve an always on infrastructure.
  • Why Your Current Endpoint Security Is Doomed to Fail Jun 25 2013 5:00 pm UTC 45 mins
    Join guest speaker Chris Sherman, researcher at Forrester Research, Inc., serving security & risk professionals, and learn why a new approach is needed to protect your enterprise against advanced threats.

    Attend this webcast and learn:

    -Why traditional security solutions-such as antivirus-are increasingly ineffective against the relentless tide of today's advanced threats and targeted attacks
    -How real-time visibility, forensics and signature-less detection on endpoints and servers are the keys to reducing your organization's threat surface
    -The benefits of integrating endpoint/server security with network security for comprehensive protection
  • HIPAA and FTC Health Breach Law: Correcting The Perils Of Lax Security Recorded: Jun 13 2013 49 mins
    Join Raj for a complete regulatory overview including:

    - HIPAA Omnibus Update
    - FTC Health Breach Rule
    - Top 5 reasons organizations FAIL Security Assessments
    - Case Studies
    - Guidance
    - Success Stories
  • What You Need to Know Before the Auditors Ask Recorded: Jun 13 2013 47 mins
    Don't be caught off guard when your auditors show up and start asking internal control questions that you can't answer. In this roundtable session, listen, learn, and share your experiences around managing your internal control system with your ERP system and what to be prepared for BEFORE the auditors show up. There are always tips to learn from others in the compliance area and this session traditionally has lively dialogue, so don't miss this opportunity to prepare for your next audit.
  • Securing Mobile Apps: Old School Know How For the New World Order Recorded: Jun 13 2013 58 mins
    Mobile devices and applications are redefining business, revolutionizing productivity and driving competitive advantage. But as the volume of mobile applications increases, so too are mobile exploits. In the rush to enter the mobile software market, are we taking shortcuts that force us to repeat sins of the past? Like caching sensitive data, incomplete encryption and simple mistakes in coding? Don't let old-school vulnerabilities allow hackers to resurrect previously obsolete malware and exploits. With the experience of more than 1,400 incident response investigations, thousands of penetration tests and hundreds of application security tests, Trustwave SpiderLabs' Charles Henderson will show IT, security and development teams how to make sure they're not leaving sound security practices and due diligence behind as they develop new mobile applications.
  • HIEs & HIXs: What’s in Store for a New Class of Business Associates Recorded: Jun 13 2013 49 mins
    The HITECH Act created new categories of business associates that included health information organizations (HIO), these days referred to as HIEs, and health insurance exchanges (HIX). OCR is preparing to make sure these business associates follow the HIPAA rules.

    The omnibus rule compliance date is rapidly approaching. If you’re an HIE or an HIX, it’s time to make sure all of those policies are in place, the workforce is trained and all of those other tasks that pave the road to HIPAA compliance. This also includes, among other things, reaching out to all of your covered entity customers and negotiating that business associate agreement, testing security incident response plans and that business continuity plan. You will walk away with a solid understanding of the not-so-new privacy and security requirements and practical information you can use to ramp up your compliance efforts in preparation for the September 23, 2013 omnibus rule compliance deadline.
trends, developments, and technology
Increasing expectations for good governance, effective risk management and complex demands for legislative and regulatory compliance are presenting a growing challenge for organizations of all sizes. Tune in to live and recorded presentations by respected luminaries in the fields of governance, risk and compliance. Their thought leadership will provide you with practical advice on how to implement successful GRC strategies and processes for your organization.
  • Upcoming webinars (16)
  • Recorded webinars (413)
  • Subscribers (16,349)
Channel RSS feed
Up Down
You might also like: Active Defense: How to Think Outside the Box

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Addressing BYOD Security and Compliance through Mobile Risk Management
  • Live at: Jul 12 2012 7:00 pm
  • Presented by: Daniel Ford, CSO, Fixmo
  • From:
Your email has been sent.
or close
You must be logged in to email this
OK