Sign Georgia RFP Mobile

Document type sign rfp georgia mobile

I go ahead and good afternoon everyone and good morning if you're on that side of the world thanks for joining us for enter the mind of the mobile hacker my name is Scott King and I will moderate this webinar today we've got to asine esteemed speakers to great security experts from Zim period and from MobileIron we've got Mike Rhaego who's a director of security research at mol Iron Mike applies over 20 years of security technology experience and evangelism into the technical delivery of all types of mobile security solutions he's a frequent speaker and has even briefed the Pentagon and the FBI very very interesting Mike is also authored of quite a few books and we'd like to offer you a direction to that at the end of the webinar our other speaker from Zinn period is John Patterson John is our SVP pre-sales engineering we're proud to have him working with us John's worked in security for his entire career in consulting and pre-sales and leadership positions across R&D in all types of pre-sales activity he's got a strong background in malware and exploit research and analysis it's a frequent speaker at industry events and hopefully you've heard him speak before it's very interesting accent I love it but what we want to do today is really take you know what is the state of the mobility what are some of the known vulnerabilities and really take a dive into what hackers look for from a network and apps and malware and device perspective and then as we go on today please think of questions that you would like to ask the speakers will leave about five minutes at the conclusion of the webinar to to go into a live Q&A with with each of our guys and they'll offer our perspectives on each of the on each of the subjects that we're gonna go through today but you know really why we're all here is we're here because our our computing habits have changed with the adoption of mobile so many many organizations now allow employees to offer you know mobility programs and offer different enterprise services on our mobile phones and these are our own phones or corporate provision phones and they each behave differently in each of those programs offer different capabilities so employees bring all types of mobile apps in the workplace and they also bring lots of variables in terms of how to secure all this information in corporate data but with all this enablement what it also does is it offers the opportunity for threats for hackers for malware for all types of intrusions to happen via these mobile devices so we really want to look at that today and understand how do we secure all of this information as all of us run around all over the globe with with high powered computing devices in our pocket so with that I want to take it in and leave that to to Mike to really take over and help us understand why mobile is different Mike go right ahead great thank you so in terms of mobile we see three key differences in the mobile space first being the fact that mobile leverages a different type of operating system that leverages more of a sandbox approach in which apps and their data are segmented or separated from one another now granted users can you know interact with the apps and open up a document say maybe they've received in the email app and then open that document in a secondary app edit it and then thirdly upload it to Dropbox or something like that but the key point here is that fundamentally very different than the PC right in PC world you know all apps essentially have access to all data the second key difference is that the net work edges become a lot more blurred now that you know around the time of the emergence of all these mobile devices we also had the explosion of cloud and as a result various ways in which people can collaborate in the cloud in terms of documentation collaboration sharing various types of documents videos other types of things and as a result data lives everywhere and then the third thing is that users are becoming more of the low-hanging fruit if you've got a BYOD scenario users on the device they bring it into work they've configured it the way that they want it and then they want to connect it to your environment and access corporate data so how do you secure that knowing that there's this shared relationship in which no longer is IT pre configuring the PC and handing it over to the user with all the appropriate lock downs but you've got a new device coming in that's owned by the user and now you've got to find a way to secure that data perfect thanks Mike it's interesting the the user is always the lowest hanging fruit right so how do we help protect ourselves and so so with with all of this John worse you know where's the research going with mobile well you know as corporate enterprises and as users and users of mobile devices ourselves we continue to grow the usage and ultimately the the value of the information on the device or that the device has access to becomes more and more interest for the security researcher what's interesting is to look at the trends and focus of research efforts around vulnerabilities to mobile devices desktop devices you know Windows Mac OS 10 are still favorites from a research perspective but there's a huge opportunity is a researcher to find new and interesting vulnerabilities on less tested platforms and mobility certainly would fall into that category what you're looking at here is a comparison of the publicly listed vulnerabilities from from a historical perspective of the number of years what's interesting to look at here is in 2015 there's been a good growth continuously over the last few years what's interesting to note is the amount of effort that's been spent also around iOS so iOS is often perceived as a much more secure platform it has some great security capabilities around it but the research community itself is really spending a lot of time and effort in finding new and interesting ways to be able to to compromise these devices because ultimately that will then provide them potential access to some very valuable corporate information so you know what is the attacker typically looking to or what vectors are the attackers typically leveraging today that we see from a security perspective on mobile devices so I mean if we stay take a look here at the bottom of the diagram here Network attacks these are not analogous explicitly to mobile devices but as mobile devices are on 24/7 and have a pre disposition to connect aggressively to both public Wi-Fi networks and Wi-Fi networks that they have connected to previously that provides the attacker a are much broader attack surface and there's a number of different attacks and mechanisms attackers can use to get access to that data rule or leverage the user as Mike pointed out before in some sort of social engineering position application attacks are on the growth mark and I'll talk about that in a moment but both attacking attacking out funder abilities in applications themselves and providing malicious apps as a vehicle to gain more privileged or persistent access to mobile devices of interest ultimately while dear to heart from the attackers perspective and really the the Holy Grail from an attack perspective is being able to compromise and gain further access and privilege to the device that allows the attacker at a number of different value propositions one of them is of course access to other components of the phone system contact getting access and data from the device itself but one less considered one is also using the device as a pivot inside a corporate network quite often my experiences show me that mobile devices are often not segmented in a corporate network safe from corporate owned desktop devices and a mobile device is an interesting and unique attack vector so these are really some of the the core areas that we see from a mobile threat perspective but attackers are really spending their time and effort ultimately to gain access to these resources okay perfect perfect so so you know we'll dive into each one of these device attached application attacks my quanta tude you know explain you know what the hackers look for in the network sure so in terms of the network you know we know that users travel and when they travel we know that they connect to open Wi-Fi or shared you know secure Wi-Fi in airports hotels in coffee shops and in fact we just released a video that kind of demonstrates some of these threats but what were you commonly find is that you know a lot of these old-school Wi-Fi attacks that have been around for some time continue to impact devices and are now even more targeted at mobile devices and as a result if you have a user that goes into a coffee shop and they want to connect to the open Wi-Fi so that they can check their corporate email so that they can VPN into the corporate network so that they can connect to resources in the cloud owned by the enterprise in all of those circumstances there's certainly a potential for a lot of risks stemming from them possibly connecting to a rope access point to enable twin or a fake AP set up by a malicious attacker and as a result there's a number of things that can be performed by the attacker ranging from interception attacks to impersonation or man-in-the-middle attacks and so when the user goes to connect to the remote network whether it be back at the corporate enterprise network or in the club for that matter the attacker can try to present a fake certificate and as a result masquerade as the actual endpoint that the user is trying to connect to when this occurs you know the attacker can then leverage the opportunity to not only intercept the data but also decrypt it and read the actual data so one of the techniques that we use for example at mobileiron is the ability from proactive standpoint that when we deploy profiles for email for web access for access to SharePoint file shares and other types of things we can additionally provide a client certificate and enable that mutual authentication so when the user goes to connect to the resource now not only is the the user trying to validate the endpoint that they're connecting to but the server side is also validating the identity of the user so now if the attacker in a man-in-the-middle attack presents a fake certificate that mutual authentication handshake fails no VPN or per app VPN connectivity tunnel is set up no data is communicated and no data is exposed but also these attack occur attacks occur and that's why from a detection standpoint why usings imperium is so important hey perfect thanks Mike I think we want to talk about a specific example that maybe we've all heard of in the news John was what are some of the most famous Network type attacks you know my talk it's Imperium we see a huge amount of network based attacks to mobile devices that might might talk man in the middle there rogue access points something it's also very popular even we've seen incidents on trains that are providing mobile based services to workers a interesting example though you know we think of man-in-the-middle is something that users are often involved in that is they're trying to collect data or in Mike's case and he gave an example of securing apps I think as an industry we still have a long way to go there app painting is something that a lot of developers still don't do and but we never consider the impact necessarily to the device from even from simple wireless network manipulation I could example this year was actually with Swift key now Swift key is an embedded keyboard on samsung devices and this system has a privileged access it's it's in the it's in the privileged portion of that device and it updates itself proactively over the network it was discovered however that if one was to tamper with that traffic and unfortunately SSL was not used in this case an attacker could quite easily insert a response back that allowed a payload to be then installed directly on that device so really unfortunately you had a situation where an attacker can compromise the system portion of a device simply through manipulating wireless networks so we see a lot of investigation I know the research community are always very interested in how apps behave because they're looking for abilities to leverage man-in-the-middle based attacks as I say is Imperium this is this is definitely something that we see see a lot of trends on so we're going to be producing a number of reports we have a huge install and sensor base that provide and prepared to provide threat intelligence with us and then what you'll see is a broad range of countries you'll see or potentially run into network attacks the u.s. is very strong from a incident perspective we see a lot of activity in the US a China we have we see a lot of traveling executive staff to - to China but also to a broad range of European based countries as well all the way out to the Middle East the bottom line is is you know we're we're facing a challenge where the users are really trying to gain access traveling employees probably the most most challenging case and attackers will leverage that the tools one can buy some very straightforward tools to provide this $90 will buy you a community research product called a Wi-Fi pineapple that allows you to simulate a lot of wireless networks so one of the things that we'll be providing to our customers in the near future is also the ability to be able to be proactively warned around Wi-Fi networks and say we capture a lot of information about these types of incidents and challenges and it's always better to be forewarned forearmed so New York is actually an interesting discussion point New York itself is spending multiple millions of dollars to provide a metropolitan wide Wi-Fi network and with that become some new interesting attack vectors for for attackers as well and well well perfect thanks John is a good review of all types of network attacks and them the data is really interesting it's surprising how many threats that that we see out there so now that we've covered really the network type attacks Mike what what are hackers looking in terms of the applications that we have on our devices sure yeah so the second trend that we see in our security research is that hackers are looking more and more to the app and this really is sort of a evolution from the PC world to the mobile world in the PC world we were so accustomed to possibly receiving viruses malware infected files either as an attachment to an email through a phishing attack through a web browsing sessions and downloading of a file in things that would actually infect the PC operating system from a file perspective and and once that occurs of course it impacts you know the entire operating system when we look at it from a mobile perspective as we spoke about earlier of course mobile leverages more of an application sandboxing approach and in addition there are additional kernel protections that are fundamental to the mobile operating system so as a result sort of the low-hanging fruit now for our tackers is to focus more on infections through apps whether it be apps that are downloaded outside a curated app store whether it be a curated app store that had you know some possible um app that were infected with malware like we saw with the App Store and with Xcode ghosts where developers were using Xcode from sites other than Apple designing iOS apps and unknowingly infecting them with malware and then uploading them to iTunes for folks to download so you know it's interesting to see this evolution occur in terms of the stats we've also seen that you know when we take a look at the statistics we have you know across our customer base that we see one in ten enterprises has at least one device that's compromised so it's quite an interesting statistic 10% of enterprises you know from what we see have at least one compromised device that could expose enterprise data so 2015's been particularly interesting for me on a number of different fronts from a mobile app malware perspective I think there's a number of different data points for us as industry and for those of us that spend any time doing research first off on the iOS side obviously we had several potential cases that that showed iOS apps were also a potential attac vector it was already known and we'd seen incidents especially when it came to surveillance based technology that was there was interesting situations last year with the hacking team and their surveillance products that the target of both iOS and Android from a surveillance perspective we saw of course ios-based malware itself the curator wine specter situations Android has has always been known for or have been aligned more to to the malware a malicious app thought process what's been interesting this year at least in 2015 is a shift in the effort and the complexity of malware this you observing 2015 we saw a growth of the number of apps that provided additional payloads to be able to fully exploit the devices I personally reverse engineered and looked at some samples myself and these were not only providing a broad range of exploits to be able to gain persistence on the device but what was interesting and is trending in the same way that we saw on the desktop side is now a heavier use of obfuscation why why our attackers doing that they're making it more and more difficult for researchers and for security technologies to be able to detect that in some of these cases we even saw AES level encryption being used to to protect these final payloads that ultimately would be able to compromise the devices so interesting to see that very analogous to what we've we've already seen historically there on the desktop perfect yeah this the applications I think that's like the the most frequently asked question is how do I protect myself and are my applications malicious on my device Mike speaking of that what about the device how are the hacker is looking to the to the device and capturing information sure so the the third trend that we see are that hackers are looking to the device you know earlier you know John and Scott spoke to the continued increase in device vulnerabilities and with a particular uptick are you know with iOS and in addition to that you know when we talk to customers about a jailbroken iOS device rooted Android device or more broadly OS compromises which they can be lots of variants one of the things you try to get across to folks is that you know if you do have a user that jailbreaks an iPhone or route to their Android device that you're essentially bringing that security down to the level of a Windows 7 laptop we all know that there's been a myriad of different vulnerabilities that have impacted Windows 7 so ensuring the integrity and security posture of that device on an ongoing basis is really key in mobile one really good example that we have here on the screen is a demo that I do at some of the hacker and security conferences you know that we speak at you know shows like Def Con and in this example you know a lot of folks think about you know okay great so somebody jailbreak their iPhone or their iPad or somebody routes their Android device you know well a lot of folks may be familiar with the fact that that you know kind of breaks the application sandboxing allows apps to speak to one another certainly opens up a new attack surface to the attacker it also makes it vulnerable on the network so in this case we've got a jailbroken iPhone and now that this user is traveling around connects to an open Wi-Fi or even a secure Wi-Fi that's using encryption on AES encryption pre shared key whatever level of security you might be using most likely somebody can remotely log into this device so if you have someone on the same network they can secure shell in and unless the user has changed the default username and password on most all iOS devices which is a username of root and a password of alpine unless they've changed that password anybody can secure shell in to the device log in with a password of Alpine and have access to the device in our research our testing and the analysis that we've done rarely do we come across a user that's jailbroken their iPhone and change the password from Alpine to something else so just keep that in mind even if it's a secure Wi-Fi network unless you're using any client isolation which most people are not that device is vulnerable device exploitation is something that's very dear to Cimmerians heart and actually is ultimately web where we started our research efforts that's appearing we have a very strong research team we we work around the clock looking to understand the methodologies of attackers in both the iOS and Android platforms and really thinking about the attacker trying to understand the next steps that they may potentially take as well and we've spent a lot of time and effort around mitigations in this area as well so the ability for us to provide immediate detection of device exploitation across Windows I'm sorry across iOS and Android platforms is very critical for us because as mike says we we don't associate necessarily exploitation with with networks that that's an interesting example where the device is compromised but but also we have situations where the network itself in this case the cell phone network can be used to compromise devices directly and this was actually some research that our team did earlier this year really folk in 2015 focused around a specific set of vulnerability is an Android platforms this attack was interesting it got a lot of press explicitly for being an MMS based attack the the reality of the situation was the attack could be delivered in a number of different ways Network being one of those simply by browsing to a website or getting an email link with a link to a website would cause the device unfortunately to become exploited and in that case give a full route privileged access to the device and in fact also be able to call back to the attacker in a command-and-control type fashion so it's an interesting attack vector I think the the the takeaway here from a community and a threat research perspective on mobile is the holy grail for an attacker is what we would call a remotely exploitable vulnerability something that does not require us to be near or directly attached to to a device that we can have the user interact with in the same way that we would want to attack a desktop so there's a lot of focus at a number of the security conferences and from the researchers and these kind of vulnerabilities go for go for big box in the underground community forums you'll see opportunities to sell if you find these types of vulnerabilities for quoted up to a million dollars and you know one can understand that a lot of these exploits that don't get publicly reported are being unfortunately sold because these are high value especially from a surveillance of perspective so interesting interesting focus for us but you know ultimately the holy grail for the attacker has really been able to own that device and more importantly become persistent on that device and really the only way to recover from that persistence is to perform an entire firmware flash of those devices or in the iOS on the iOS side of the house really a full full recovery of that device okay and that's probably the that's probably call the helpdesk doesn't want to take a bunch of firmware flashes because you've been packed on your mobile device so I mean we've talked about you know the network's the apps the devices and we've got you know both types of people you know those interested in security those from the MDM and the MobileIron customers how does John how does this all work together yeah so the opportunity for Imperium a mobile ad to provide a very strong and compelling conjoined solution is is very exciting for us on this Imperium side we're very focused on threat detection and mitigation we are very focused around detection of malicious networks and the attacker manipulating those networks so that could be anything from Wi-Fi networks ultimately through to to cell towers we see a large amount of attacks in this area on a daily basis we also are very passionate about malware detection Mike talked about you know the shift to apps we see apps especially 2015 the uptake is it's been very interesting so apps as a delivery mechanism for permissions abuse but also as we saw in 2015 for extended or more privileged access to those devices the third area from as imperium perspective that that we're very passionate about is is the device itself there's a number of different areas that we really provide value for our customers the first is around a vulnerability perspective of those devices so you know allowing the customer to understand is this device potentially vulnerable to this exploit before they even see those attacks through to the ability then to proactively detect exploitation of of those devices directly and you know one of the things that's impairing we're very very proud of is the fact that we you know we're doing this on device if that if the device is disconnected for the network or the attacker has control that network that's something that we want to be able to target and immediately be able to detect those types of threads but really the the the power for our customers really comes into play when you combine what what we can bring from a threat visibility a threat detection a forensics capability with the power of of the MobileIron platform itself it's a huge very compelling integration directly with the compliance capabilities the to be able to automate the remediation of devices in the the situations and unfortunately you know when attackers are approving these devices to be able to proactively mitigate those threats via the MobileIron platform is is something that we've we've had a great will we're extremely proud we bring that forward to a lot of our conjoin prospects and I might I'm sure you you can add more sure you know in terms of the integration I think simplest way to think about it is leveraging all the cool detections that this Imperium has as well as the protections but the integration with MobileIron is about the ability to take action so leveraging that additional intelligence we get from zim p.m. having the ability to respond to a threat if we take a look at you know some of the things we do fundamentally at mobileiron sure you know we have people register their device and then can enforce various lockdowns and restrictions these range from something simple as enforcing a passcode encryption other types of security controls and then as you start to take a look at that from an app data perspective it's hey you know let's deploy various profiles for access to corporate resources either on the networker in the cloud as we deploy apps and their profiles to the device when we start to take a look at that from a security standpoint we want to ensure the security posture of that device remains sound how do I detect if the device has been jailbroken rooted or compromised that's something we do fundamentally in the product and we've done for some time people kind of think of that as a binary function it's either jailbroken or not or it's either rooted or not but it's not really the case we've got hundreds of checks lots of us then statements that really take a look at the security posture of that device from a device level in other words you know from an iOS standpoint there are various forms of jailbreak in fact there are anti detection tools that hide the fact that the device has been jailbroken such as ex-con and other types of tools if you take a look at it from an Android perspective certainly with the fragmentation it's even more complicated than that is there a custom ROM on the device that came from the factory even though the device isn't fully rooted maybe there is some privilege escalation capabilities as a result of that custom ROM maybe there are certain data exposures that come about from leveraging that custom ROM um has somebody enabled the Android debug bridge or USB controls to sideload an app so these are all you know just some of the many detections that we have that can trigger a quarantine and we leverage that same type of quarantine capability in all the intelligence we get from Imperium as well in particular with their network detections their app capabilities and even the proactive mechanisms that John spoke earlier in terms of the mechanisms for potential vulnerabilities so at the end of the day having that ability to do a selective or full life of the device most people use the Selective wipe and as a result go ahead and remove that sensitive data from the device to avoid a data breach a good example of that is in a project we worked on very recently together with a online media organization and they had good forensic staff internally they had identified a number of different breaches on mobile devices they looked to MobileIron ourselves to provide a solution initially to you know understand what the vulnerability perspective was of those devices you know are my devices in the field vulnerable to specific attacks of vulnerabilities but then as a conjoined solution be able to detect further exploitation of the devices and and also of the Namek attacks that they were seeing especially with their their traveling traveling user bays one of the other things that that our customers find particularly compelling and was certainly the case in this in this particular customers in instance was we provide a huge amount of forensic capability about the devices even if you have great forensic staff in your organization that's typically much larger enterprises in my own personal experience mobility research capabilities are still something that end-users so customers are really getting to grips with and even then if you have somebody that has good mobility forensic capabilities the challenge that they face is by the time they get the device often a lot of the context has really been lost about that attack so one of the value propositions that we were able to bring to the table there in conjunction with MobileIron was actually the ability for us to be able to collect all of that forensic information at the time of attack and also link that to their sim environment so they're able to get context around the user as a whole both from their desktop perspective and from their mobile perspective then when we see those threats for mobile line to be able to apply automatically in compliance policies the number of those were defined for different condition different types of attacks to ensure that they have put in place a scalable solution that would would serve them here for the longer term so we can asked I think it's probably worth knowing we can ask how does this work and how do we how do we actually even connect these solutions together and how does the integration work well it is actually really straightforward I mean from the MobileIron side we connect mobile line to the severan console that provides us a number of value propositions from a deployment perspective it synchronizes users and devices and any associated labels of those devices as well you deploy our out-out by the normal mechanisms in a MobileIron to to deploy the app it could be through store or or Enterprise style deployment and then the app is automatically logged in through the initial synchronization that we've done with mobile eyelets there's no user user piece really involved in this at all the apps just simply deployed in in the same way that any other application would be now we then go immediately into obviously a detection and mitigation stance if we detect a threat on the device or being directed at the device we're able to collect immediately both the forensic and the event information but also then be able to update in real time any labels on the MobileIron side that allows an automated process to be able to implement those compliance quarantine restrictions that you would want to apply depending on the different types of threats and it's very granular you're able to apply a number of different compliance actions depending on a number of different conditions so from this Imperium side we have a broad range of a threat types everything from network scans right through to full device compromised and that allows our joint customers to be able to put a very fine-grain control if they wish around how they would handle an automate both the deployment but ultimately the mitigations hey perfect thanks John thanks J hn so that really concludes our presentation I wanted to offer this time for some live Q&A to our speakers if you do have a question just go ahead and type it in the right-hand side of your window there and we'll get to those as is we've got a couple already that that we'll get started with we also have a datasheet on both of the solutions available in the handout section of your window you're free to download that and take a look at it and review at any time or just go twos imperium calm or MobileIron calm and and take a look or contact your rep I also want to take the opportunity to plug Mike's book again mobile data loss please check his Twitter and find the link to to go ahead and grab a copy of that book that that it's available I'm sure he appreciate a review as well but so so Mike with you know with the run-through of all the device level Network attacks app attacks which one of these vectors if any really stick out you know with your customers what do they ask you about in terms of those vectors um all three come up you know frequently I think the because malware tends to grab a lot of headlines I think that's the same case with mobile and as a result I would say out of those three probably the most common question is around app threats there's certainly a lot of concern folks have around jailbroken or rooted devices but we're seeing you know malware more frequently than we are you know new forms of jail breaks or routing for that matter so you know between Xcode ghost why Spectre on key Raider you know a lot of those things that through the fall you know what they just seemed one pop after another we've been getting a lot of questions around that the other interesting statistic that we have that was quite interesting was you know we we provided some scripts to allow people to kind of detect Xcode ghost in the presence of it in their environment and the results were quite staggering we did find that a lot a lot of customers actually had Xcode ghost you know in their environment and and for those customers they immediately started to take it a look at solutions like Imperium so so yeah so it certainly apps and and just to sum it up you know customers want the ability to identify not only malware but some of those potential vulnerabilities that John outlined here so that has been a frequent question that's been coming up more lately is you know how can I be more proactive about this we do remind them that from from a mobile iron standpoint you know we you know really look to combine you know both those proactive protections along with reactive and and complement that with live monitoring to really provide that true defense-in-depth um you know if you do have concerns about malware not only do we strongly recommend that you take a close look at as imperium but in addition to that you know keep in mind we've got our app connect containerization both for ios and android and that's meant to provide an additional barrier for protecting the enterprise data from those kinds of threats but we would never recommend you solely rely on that right any defense-in-depth strategy would always outline both a proactive reactive and live monitoring approach as john prescribed earlier john are you seeing the same thing applications over network and device or what's a combination you know i think when when we speak with customers and prospects and an analyst you know what other things I think is a challenge and I if I just step back and think about it with this but my security hat on here is I think the first thing that's the surreal challenge is is visibility I think just understanding what we face now from a mobile perspective is is a really interesting challenge you know if we look at what we or the approach that we've typically taken as security practitioners on the desktop we've probably quite a mature stance at this point we've got some anti-malware technology we've if we're sensible we've probably also got some sort of host-based IPS technology for exploitation and network based firewall in technology on our devices and we have a way to capture those incidents when they're occurring and and ultimately know had had a handle and mitigate those on the mobile side where we're still somewhat blind to be fraying a lot of other customers come to us with we really don't have a great deal of visibility I don't know how many of my devices are getting getting network attacks rogue access point attacks in New York City or or in China I simply don't know that and therefore I don't really understand what type of data we've intentionally lost at this point so one of the first things that we often find that people are asking us to help them with is providing the visibility the the next thing they want is forensics they want to understand what happened so that they they internally can decide a strategy on how to handle those I think certainly in the last year something that's been been top of mine hands has certainly been around device the device itself and by the device I encompass what mike says by apps because the app vector to ultimately own the device is really what the attack is targeting so that's the ultimate concern the ultimate concern is what is what what is it that I can do and and how is it I can approach this problem to give me a conference how can I go back to my seaso and say yes we've got this covered yes we understand our risk your and and more importantly have some sort of strategy in place to mitigate those and the attack factors ooh they will continue to grow and I think from our perspective one that's often missed and we see a huge amount of tax is just on the network that the network itself might make that point the user and end user as well being being the weak link there but all of those being ultimately an approach to it when the device is is a problem that we're going to face and certainly as a pure and we're asked more and more about perfect perfect well that's our time that's 45 minutes it really flew by John any closing thoughts 15 seconds now you know I I think really we've summarized it I think we we're moving into a different age now Mobile is now being treated as the next desktop and I and I you know I I think that state that's been overused in the industry generically in the last the last number of years but you know that the shift that we see of apps the deployment of tablets now to replace desktop traditional desktop PCs means that as security practitioners we really need to get that not only the visibility but but ensure the ability to detect and ultimately have a proactive life cycle leveraging integrations with technologies like mobile and to be able to provide a consistent and automated way to handle these threats and ultimately to be able to scale to to the challenge of providing access to these new users and these new devices