1
การสร้างเกราะป้องกันภัยคุกคามต่อข้อมูลความเป็นส่วนบุคคลในองค์กร
Assoc.Prof. Dr. Thanachart NumnondaDirectorSoftware Park Thailand14 March 2012
2
3
(4)
6 Million SmartPhones in Thailand
5
More than 400,000 Tablets sold in Thailand
6Source: wikipedia
7
8
iCloud
9
www.facebook.com/softwareparkthailand
10
Dropbox
11
Open Environment
12
Apps & Data Everywhere
Diverse Access Points
Browser
Windows
Mac
iOS
Android
Universal App Catalog and
Workflow
Broker
Entitlements, Policies and Reporting
SaaSServices
Windows
Legacy Apps
Data Services
Mobile Apps
The New Reality for Users
Source : From Datacenter to Device: Security in the Enterprise 2012 and Beyond : VMWare
13
Work Life Balance
Blurred Boundaries
Anywhere Anytime
Productivity
Strengths, Interested, Choices
14
Security
Data Loss
Virus
Identity Loss
Internet Security
Social Media Security
Mobile Security
15
Data Loss Prevention
Where is my confidential data stored?
Where is my confidential data being sent?
How is my confidential data being used?
How do I enforce my data loss policies
Source : Vontu: Security for a wide open world.
16
Have You Deployed?
Source : Vontu: Security for a wide open world.
17
Content Awareness Protection
Source : Vontu: Security for a wide open world.
18
Mobile Devices
Notebook
Smartphones
Tablets
Portable Harddisk
ThumbDrive
19
Risks
Mobile devices are easy to lose or steal
Can carry large amount of data
Often unprotected
Data may be “sniffed” during unprotected wireless communications
Results– Broken device
– Infections from viruses, spyware, malware
– Privacy and personal security concernsSource : CYBER SECURITY ON THE GO: TCU Information Security Services
20
Best Practices
Never store sensitive or confidential information on a mobile device.
Rule of thumb – do not trust wireless to be secure!
Avoid joining unknown Wi-fi networks
Most apps offer privacy controls– But privacy controls are not always easy to
access
Avoid portable harddisk, usb, thumbdrive
21
Data Loss Protection
Develop a plan and work with it
Develop a policy
Reduce the initial scope
Understand why you need it, business, HR and Legal aligned
Avoid band-aid solutions - integration is key
22
Social Media Security Treats
Mobile Apps
Social Engineering
Social Networking Sites
Your Employees
Lack of a Social Media Policy
Source : 5 Top Social Media Security Threats: Network World
23
Internet Security Treats
Advise Your Employees on Safe Internet Conduct
Be Wary of Social Engineering
Maintain Security Options
Password Security
Back-up Data
Source : 5 simple internet security tips: Evan Godfrey
24
Smart Phone Security Tips
Beware of Text Message Spam
Use Anti-Virus Software
Mind Your Moblie Apps
Avoid Wi-Fi Hotspots
Keep Your Phone in Jail
Source : Top 10 Smartphone Security Tips: Joseph Morah
25
Smart Phone Security Tips
Turn off Bluetooth Discovery Mode
Apply OS update
Backup or Sync Your Data Frequently
Enable Remote Locate, Lock and Wipe
Screen Lock Your Phone
Source : Top 10 Smartphone Security Tips: Joseph Morah
26
Case Studies
27
Thank you
[email protected]/thanachartwww.facebook.com/thanachartwww.swpark.or.thwww.facebook.com/softwareparkthailand