台灣企業行動化與行動安全趨勢剖析 Sean Pien 卞志祥 Country Manager, Taiwan & Hong Kong Executive Director, Greater China BSFI spien@idc.com
2007 2
The 3rd Platform: A Hyper-Disruption Era Paradigm shift Every 20 25 years Impact on vendors and channel By 2020: 40% of revenue from 3 rd Platform and reached USD$1.7 Trillion. 3rd Platform Implications for CIOs Systems Services IT Agility Business Agility Information Innovation Source: IDC IDC Visit us at IDC.com and follow us on Twitter: @IDC 3
2014 IDC Visit us at IDC.com and follow us on Twitter: @IDC 4
"Now this is not the end. It is not even the beginning of the end. But it is, perhaps, the end of the beginning. - Winston Churchill, 1942 5
The 3rd Platform creates the underpinnings for business process transformation and increasingly, business model transformation. Businesses are changing: How they engage with customers The speed at which they deliver products and services How they innovate The reliability of their operations Their overall resiliency With such high stakes, the business is increasingly driving technology initiatives 6
7
台灣智慧型手機需求持續成長 Unit 2014 YoY 2015 YoY CAGR (2013-2018) Smartphone 18% 4% 5% Tablet -13% -1% -3% NB -3% -6% -3% 10 Total 9% 3% 3% 8 Taiwan Smart Connected Device (excl. DT) 6 4 2 - Millions (unit) 2013 2014 2015 NB Tablet Smartphone Source: IDC Taiwan Smart Phone, Tablet & NB Market Tracker 8
行動裝置普及上網率已超越桌上型電腦設備 2011 85% 63% 59 % 14% 2012 91% 96 54% % 34% 2013 72% 69% 97 % 76% 2014 82% 81% 95 % 64% Source: IDC Taiwan Consumer Survey 2011-2014 9
私器公用 成為常態 在工作上使用個人的行動裝置 80% 44% 62% 日常生活中會傾向使用何裝置處理公務? Smartphone Tablet NB 視情況使用, 無特別偏好公司電腦 視情況使用公司電腦與自購電腦公司智慧型手機公司平板視情況使用公司手機與自購手機視情況使用公司平板與自購平板自己購買的智慧型手機自己購買的電腦自己購買的平板 1.9 1.9 2.0 2.1 2.1 2.2 2.4 2.8 3.1 3.2 Source: IDC Taiwan BYOD Survey 2014 10
行動資安事件層出不窮, 喚起企業危機意識 2014 年 to 2015 年, 層出不窮的行動裝置個資外洩事件 Apple Line 微信 滴滴打車 惡意程式 XcodeGhost 駭進 Apple Store, 感染千種 App. 駭客竄改蘋果開發工具 Xcode, 使 App 受感染, 造成用戶裝置上用戶帳號密碼資料或 app 資料, 均有被竊風險 受影響 app 數量目前以超過四千款, 而且數量可能還會再持續增加 Google Play 遭駭客攻擊, 目前已感染超過 20 萬裝置及上百萬用戶. Google Play 用來阻止惡意軟體的數位保鏢 (Digital Bouncer) 已被駭客繞過 駭客植入了惡意應用程式 -- 大腦測試 (Brain Test App) 它會植入後門並再添加惡意程式和木馬 11
資安強化為企業 IT 投入首要方向 Mobility Cloud Social BDA IoT 1 Security Security Security Security Security 2 Smart phones PS Social collaboration Data quality and availability assurance Networks 3 PC notebooks/ hybrid On-premise Business app/process integration Skills training for advanced analytics Sensors, modules, and tags 4 Tablets Converged/ integrated systems Customer engagement/ experience Business process analytics/ automation IT infrastructure 5 Mobile enterprise management SDDC Salesenablement New sources of data Devices, appliances, machines Source: IDC Asia/Pacific C-Suite Barometer 2014, Feb-April 2014 12
強化行動資安, 成為台灣企業首要目標 Choose up mobility initiatives that your organization focus on during the next 12 to 24 months? Virtual Desktop Infrastructure (VDI) deployment Deploy a MEM, or mobile enterprise management, solution, including MDM and MAM Incorporate additional security features to enhance mobile security Horizontal business applications (CRM, ERP, Sales Force Automation, Business Intelligence) Extending unified communications (e.g. messaging, presence) to the mobile devices Line of business applications (workflow or process management, document management) Implement mobility specific processes for internal business operations Implement mobility specific processes for external business operations 0.0% 10.0% 20.0% 30.0% 40.0% Source: IDC Taiwan Mobility Survey 2014, (Sample =100, Count = 273) Device, Application & Contents Security & Manageable 13
行動安全管理發展趨勢分析 IDC Visit us at IDC.com and follow us on Twitter: @IDC 14
資料保護與裝置管理為 MDM 防護基礎 There is increasing concern about enterprise mobility with the rapidly proliferating of BYOD trend. Encryption & Data Loss Protection is the key to Mobile Data/Content Protection & Control. Mobile Identity and Access Management (Mobile IAM) can help to strengthen mobile device management and security. What top challenges does BYOD present in your organizations? (APeJ) 1 Data/Content Security 2 Device management 3 User Management 4 Application management 5 Application provisioning Source: IDC Asia Pacific Enterprise Mobility Survey, 2015 (Sample = 3,510) 15
Wrapping/ Container 協助把關 APP 安全 Asia/Pacific customer to focus on mobile App/Data management Pure play MDM rapidly decline in 2015, replaced by EMM Most EMM solutions will include a type of App/Data management Customer planning and testing mobility management solution will be expecting Wrapping or Container solutions What type of mobile management solution do you use? 18.5% 33.4% 17.7% 20.1% 10.4% MDM EMM EMM & added security Planning and testing No plans Source: IDC APeJ Enterprise Mobility Survey 2014, N=2,000 16
Big Data 技術強化安全分析 To detect, investigate, and take targeted action against the advanced attacks before impact the business. It s not about the size or structure data. It s about: How long into the past? how long the connection persist? When the abnormalities begin? How many sites/hosts/severs/ and situation? Any abnormalities during the workflow? APT 攻擊的生命週期 Source: Mandiant, 2013 17
跨平台威脅情報整合以利快速反應與防禦 Integrated Threat Intelligence is an Important Means to Dealing with Advanced Threat. Dig the valuable information in Mass Events Identify APT Attacks Quick Response for Internal / External Attacks Synergy of Cross-Products, Cross-Vendor Collection Government Sector Security Vendor Cloud Security Service Provider Vulnerability Report Platform Analytics Math Modeling Machine Learning Behavior Analysis Response Ally with Security Products Manual Response Source: Mandiant, 2013 18
行動資安專案導入檢核表 Business Justification What s benefit and result we are looking for? Cost down? Revenue up? Productivity raise? Risk Control Minimize business risk like legal compliance, governance and information leak fraud Sponsorship and Deliver Team Skill, Mindset and Operation Excellent Partner Management Innovation Enhancement
IDC IT 安全成熟度模型 20
Essential Guidance 智慧型手機的快速普及, 促使行動裝置逐漸取代桌上型電腦成為員工最常使用的工具 在資安事件層出不窮下, 強化行動安全成為 IT 管理上最重要的課題 後續行動安全管理趨勢發展 資料保護與裝置管理為 MDM 防護基礎 Wrapping/ Container 協助把關 APP 安全 Big Data 技術強化安全分析 跨平台威脅情報整合以利快速反應與防禦 IDC IT 安全成熟度模型提供您進行後續資安投入方向建議 21
Way to Secure Your Mobile Environment? 22
For more information on how IoT will change everything, check out IDC s Infographics site http://infographics.idc.asia/ Thank you Sean Pien Country Manager, IDC Taiwan and Hong Kong spien@idc.com IDC Visit us at IDC.com and follow us on Twitter: @IDC 23