Security issues for mobile devices Cvetko Andreeski.

Slides:

Advertisements

Similar presentations

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.

Advertisements

Security for Mobile Devices

Bring Your Own Device (BYOD) Security By Josh Bennett & Travis Miller.

1 Confidential Lessons Learned from the First Generation of Mobile Apps Sean Ginevan, Product Management MobileIron - Confidential1.

What’s new in this release? September 6, Milestone Systems Confidential Milestone’s September release 2012 XProtect ® Web Client 1 Connect instantly.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Meraki Mobile Device Management

Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.

Wireless Application Protocol and i-Mode By Sridevi Madduri Swetha Kucherlapati Sharrmila Jeyachandran.

Evidor: The Evidence Collector Software using for: Software for lawyers, law firms, corporate law and IT security departments, licensed investigators,

Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.

IPhone Security: Understanding the KeyChain Nicholis Bufmack and Ryan Thomas CS 691 Summer 2009.

Android An open handset alliance project Janice Garcia September 18, 2008 MIS 304.

IOS 8 for MDM/EMM Greg Elliott Shiv Chandra Kumar.

Macintosh Configuration Management Will Jorgensen 1.

01 Introduction to Java Technology. 2 Contents History of Java What is Java? Java Platforms Java Virtual Machine (JVM) Java Development Kit (JDK) Benefits.

Case study 2 Android – Mobile OS.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Using RADIUS Within the Framework of the School Environment Ed Register Consultant April 6, 2011.

Internet GIS. A vast network connecting computers throughout the world Computers on the Internet are physically connected Computers on the Internet use.

OWASP Mobile Top 10 Why They Matter and What We Can Do

New Data Regulation Law 201 CMR TJX Video.

Mobility Without Vulnerability: Secure and Enable Your Mobile Users, Apps, and Devices David Clapp – Intuitive.

The Study of Security and Privacy in Mobile Applications Name: Liang Wei

A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 15 Installing and Using Windows XP Professional.

Anil Karmel Deputy Chief Technology Officer National Nuclear Security Administration Streamlined Application Management The Intersection of Cloud and Mobility.

 Security and Smartphones By Parker Moore. The Smartphone Takeover  Half of mobile phone subscribers in the United States have a smartphone.  An estimated.

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Cyber crime & Security Prepared by : Rughani Zarana.

Deploying and Managing Mobile Devices in the Enterprise.

By Jonathan….and Darion……….. Reliability Windows File Protection protects core system files from being overwritten by application installs. Driver certification.

Types of Electronic Infection

CSCE 201 Web Browser Security Fall CSCE Farkas2 Web Evolution Web Evolution Past: Human usage – HTTP – Static Web pages (HTML) Current: Human.

Presented by Team Alpha MOBILE DEVICE SECURITY 1.

Frequently Asked Questions NCSC Product Certification Payroll Anytime, Anywhere!

Confidential. For use within only Slide 1 iOS and Android content protection requirements Version 0.2 Sony Pictures Entertainment Tim Wright.

Hands-On Microsoft Windows Server Implementing Microsoft Internet Information Services Microsoft Internet Information Services (IIS) –Software included.

Secure Systems Research Group - FAU Patterns for Wireless Web Services Nelly Delessy January 19, 2006.

Copyright © cs-tutorial.com. Overview Introduction Architecture Implementation Evaluation.

© ITT Educational Services, Inc. All rights reserved. IS3230 Access Security Unit 6 Implementing Infrastructure Controls.

Wireless and Mobile Security

MobileSecurity Vulnerability Assessment Tools for the Enterprise Mobile Security Vulnerability Assessment Tools for the Enterprise Integrating Mobile/BYOD.

Elucido CONNECT. 2  Collaborate using personal devices AND from conference rooms…  Write, Annotate, Create documents & presentations on the fly…  Experience.

Dilip Dwarakanath.  The topic I’m about to present was taken from a paper titled “Apple iOS 4 Security Evaluation” written by Dino A Dai Zovi.  Dino.

Picturex Secures and Scales Event-Photo Sharing for Enterprise and Private Customers by Relying on the Powerful, Scalable Microsoft Azure Platform MICROSOFT.

INNOVATE THROUGH MOTIVATION Mobile Computing & Your Business KEVIN KIRKPATRICK – OWNER, MSP INC LOGO.

TCS Internal Security. 2 TCS Internal Objective Objective :  Android Platform Security Architecture.

©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. Securing Your Data in Endpoint and Mobile Environments Frank Suijten Security.

TECHDOTCOMP SUPPORT TECHDOTCOMP nd Ave, Seattle, WA 98122, USA Phone:

Ton den Braber Channel Manager Benelux Dell SonicWALL The Promises and Pitfalls of BYOD.

ZIMBRA ROADMAP. Contains proprietary and confidential information owned by Synacor, Inc. © / 2015 Synacor, Inc. Deliver an advanced, feature rich collaboration.

Enterprise | education | public printing locations PrinterOn for Manufacturing.

Tech and Construction Mobile Technology in the Field Allen Small, Distribution Director Austin Energy SWEDE 2015 Workshop.

Handling Personal Data & Security of Information Paula Trim, Information Officer, Children’s Strategic Services, Mon – Thurs 9:15-2:15.

WHAT ARE BACKUPS? Backups are the last line of defense against hardware failure, floods or fires the damage caused by a security breach or just accidental.

WELCOME Mobile Applications Testing

Security Issues.

Advanced Security Architecture System Engineer Cisco: practice-questions.html.

practice-questions.html If you Are Thinking about your dumps? Introduction:

Advanced Security Architecture for System Engineers Cisco Dumps Get Full Exam Info From: /cisco-question-answers.html.

Top 4 Data Recovery Software for Mobile in 2018 for free download

Running on the Powerful Microsoft Azure Platform,

CloneManager® Helps Users Harness the Power of Microsoft Azure to Clone and Migrate Systems into the Cloud Cost-Effectively and Securely MICROSOFT AZURE.

Datacastle RED Delivers a Proven, Enterprise-Class Endpoint Data Protection Solution that Is Scalable to Millions of Devices on the Microsoft Azure Platform.

MICROSOFT AZURE ISV PROFILE: ONEBE

PLANNING A SECURE BASELINE INSTALLATION

Chapter 10. Mobile Device Security

Personal Mobile Device Acceptable Use Policy Training Slideshow

IT Management, Simplified

IT Management, Simplified

Presentation transcript:

Security issues for mobile devices Cvetko Andreeski

Content Facts about mobile devices and traffic Mobile networks and communication Mobile platforms security Mobile application security Steps to increase security of mobile devices

Facts about mobile devices and traffic Increasing number of mobile devices for individual and professional work Broadband mobile networks 2G, 3G, 4G (max speed 1Gb/s) Portability and adaptability Duration of unplugged work In 2012, the number of mobile-connected tablets increased to 36 million There were 161 million laptops on the mobile network in 2012 Source: Cisco VNI Mobile Forecast 2013 In 2016 we should expect purchase of 283 million tablet computers which should be more than purchased laptop computers in that year

Mobile communication Most of the mobile devices use 3G standard for communication Only 0.9% of connections are 4G in 2012, but they make 14% of the traffic Even the 3G standard implements KASUMI cipher there were several possibilities to corrupt the communication The latest example is the so called related key attack. By this attack, one can recover the full A5/3 key Basics of communication through 4G architecture is the Y-comm framework. This framework implements security in the architecture from the initial stages of the design process. This architecture should deliver dedicated bandwidth for the users, by switching between the networks of different providers, known as vertical handover

Mobile platforms security FeatureBlackberryiPhoneAndroid Remote wipe capability Encrypted backup files Mandatory code signing  Type safe programming  Application sandbox  Corporate policy enforcement  Full disk and memory encryption  End-to-end data encryption    ImplementedPartially implementedNot implemented Source: comScore, May 2013 Source: Ernst & Young, January 2012 Comparison of security features on different mobile platforms Third party applications can fill the gap of some security features.

Mobile application security Web based application – Android – Java, Android SDK, many reversing tools for Android applications, – Android applications are not reviewed before they are send for downloading – Android – certification and keys can be taken from one location /etc/security/cacerts.bks – Android – available tools for data decryption – IOS – every application is reviewed before it is presented on Apple store – IOS – enforces application sendboxing – IOS – jailbraking – IOS – possibility for reversing applications, tools for setting the hook – IOS – lot of resources (raw data from database) in cache files

Steps to increase security of mobile devices Know the risks and assets on mobile devices and communication Follow the policy for security of mobile devices Test the platform and applications Avoid or limit the transfer of sensitive data over the network Use of secure protocols for logging and sending sensitive data Sandboxing for untrusted (or all) applications Test the end to end communication and services