Enforcing Cyber security in Mobile Applications – Public Sector Use Case SAPHINA MCHOME, VIOLA RUKIZA TANZANIA REVENUE AUTHORITY INFORMATION AND COMMUNICATION.

Slides:



Advertisements
Similar presentations
Database Security Policies and Procedures and Implementation for the Disaster Management Communication System Presented By: Radostina Georgieva Master.
Advertisements

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.
Beyond Compliance: Advanced SmartGrid Authentication Paul Miller Uniloc.
Identify risks with mobile devices: Portable data storage Wireless connections 3 rd party applications Data integrity Data availability 2.
Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.
Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.
Lee Hang Lam Wong Kwun Yam Chan Sin Ping Wong Cecilia Kei Ka Mobile Phone OS.
1 MIS 2000 Class 22 System Security Update: Winter 2015.
Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.
Sixth Annual African Dialogue Consumer Protection Conference Session 5: Panel Discussion – Mobile Technology, Mobile Payments and Cyber Threats September.
By Ashlee Parton, Kimmy McCoy, & Labdhi Shah
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
Purdue University proudly presents Doug Couch & Nathan Heck, IT Security Analysts.
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
Chapter 1 – Introduction
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.
Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
CS691 Robin Kimzey Cell Phone Security a little computer in your pocket an easy target for malcontents.
Network Security Peter Behrens Seth Elschlager. Computer Security Preventing unauthorized use of your network and information within that network. Preventing.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.
Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.
Sybase Confidential Propriety.iAnywhere ConfidentialiAnywhere Confidential Proprietary.Sybase Confidential Propriety. Addressing the Challenges of Device.
Telenet for Business Mobile & Security? Brice Mees Security Services Operations Manager.
11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 
Securing Information Systems
NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.
LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.
SEC835 Database and Web application security Information Security Architecture.
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.
Storage Security and Management: Security Framework
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
Section Seven: Information Systems Security Note: All classified markings contained within this presentation are for training purposes only.
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.
Network Security Lecture 9 Presented by: Dr. Munam Ali Shah.
Center of Excellence for IT at Bellevue College. Cyber security and information assurance refer to measures for protecting computer systems, networks,
Doc.: IEEE ai Submission Paul Lambert, Marvell Security Review and Recommendations for IEEE802.11ai Fast Initial Link Setup Author:
Mobile Banking By: Chenyu Gong, Jalal Hafidi, Harika Malineni.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
Wireless Network Security Presented by: Prabhakaran Theertharaman.
1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester
SECURITY Professor Mona Mursi. ENVIRONMENT IT infrastructures are made up of many components, abstractly: IT infrastructures are made up of many components,
Chapter 2 Securing Network Server and User Workstations.
1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
1 Network and E-commerce Security Nungky Awang Chandra Fasilkom Mercu Buana University.
Quality of Information System (IS) reflecting local correctness and reliability of the operating system; the logical completeness of the hardware and software.
Chap1: Is there a Security Problem in Computing?.
Private Branch eXchange (PBX)
Ingredients of Security
Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.
Computer Security By Duncan Hall.
1 Chapter 13: RADIUS in Remote Access Designs Designs That Include RADIUS Essential RADIUS Design Concepts Data Protection in RADIUS Designs RADIUS Design.
Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.
Simon Prasad. Introduction  Smartphone and other mobile devices have made it so easy to stay connected.  But this easy availability may lead to personal.
Kaspersky Small Office Security INTRODUCING New for 2014!
E-Commerce & Bank Security By: Mark Reed COSC 480.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
KASPERSKY INTERNET SECURITY FOR ANDROID. YOUR MOBILE DEVICES NEED PROTECTION More online communications and transaction are happening on tablets and phones.
Network Security Presented by: JAISURYA BANERJEA MBA, 2ND Semester.
Network Security Basics: Malware and Attacks
TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES NAMED AFTER MUHAMMAD AL-KHWARIZMI THE SMART HOME IS A BASIC OF SMART CITIES: SECURITY AND METHODS OF.
Secure Software Confidentiality Integrity Data Security Authentication
Security in Networking
12 STEPS TO A GDPR AWARE NETWORK
Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham
Presentation transcript:

Enforcing Cyber security in Mobile Applications – Public Sector Use Case SAPHINA MCHOME, VIOLA RUKIZA TANZANIA REVENUE AUTHORITY INFORMATION AND COMMUNICATION TECHNOLOGIES DEPARTMENT

 Introduction  Security risks and threats  Security Enforcement  Conclusion OUTLINE

INTRODUCTION – PURPOSE Mobile devices & Applications Risks & Threats Secure Mobile platforms Essential Security Mechanisms

 Fastest growing sector  Calls + SMS  Fully fledged mobile computing platform  1G Analogue cellular network  2G Digital Cellular network  3G Broadband data services-  4G native IP networks INTRODUCTION – MOBILE TECHNOLOGY

 Smartphones, tablets, PDAs  High Processing power  High Storage Capacity  Easy Usability - touch screens, voice, QWERTY keyboards INTRODUCTION – MOBILE TECHNOLOGY Cont.

High capabilities has led to fast & high penetration and adoption Mobile payments & banking  Income & Property Tax, Utility bills (LUKU, DSTV & Water)– MPESA, NMB mobile Business operations - Complete Office Software INTRODUCTION – MOBILE APPLICATION IN PUBLIC SECTOR

Information security Mainly focused in protecting Information and Information systems from threats and risks that may result in unauthorized disclosure, interruption, modification and destruction. SECURITY RISKS AND THREATS

Security principle for ensuring non-disclosure of Information to unauthorized users  Small size – Easily misplaced, left unattended, stolen  Vulnerabilities in mobile applications - Malicious Code embedded in mobile apps  Wireless Technology – Bluetooth & Wi-Fi SECURITY RISKS AND THREATS - CONFIDENTIALITY

Data integrity refers to the accuracy and consistency of stored or data in transit, which is mainly indicated by the absence of data alteration in an unauthorized way or by unauthorized person  Weak protection mechanisms  Turning off security features  Intentional hacking of the traffic through sniffing and spoofing SECURITY RISKS AND THREATS - INTEGRITY

Availability is a security attribute of ensuring that a system is operational and functional at a given moment of time  Compromised devices causing downtime to the connected infrastructure  DOS attacks targeting mobile devices battery SECURITY RISKS AND THREATS - AVAILABILITY

Secure Information while optimize Key requirements of security solution ENFORCE SECURITY Protection ManagementSupport Detection

 Discover devices’ protection mechanisms  availability of antivirus  remote sanitization & encryption capabilities  authentication strength  Block unprotected /compromised devices based on Security policy set ENFORCE SECURITY - DETECTION MECHANISMS

 Effective Authentication methods – avoid plain, weak passwords  Access Control - Limit what attacker can do  Encryption  Protect stored information – even when device is lost  Protect transmitted data  Block unused, vulnerable communication ports  Disable wireless communication (Bluetooth, Wi-Fi) while not in use ENFORCE SECURITY – PROTECTION MECHANISMS

Centrally managing all devices  Security Administration  Control  Audit  Report Security Policies - Digital Policy Certificate ENFORCE SECURITY - MANAGEMENT

Support when devices are lost  Remote Sanitization  GPS Locator Education and Security awareness  Simple Steps to reduce risks  Trusted sites for downloading applications  Proper security settings  Use of strong password  Regular updating devices ENFORCE SECURITY - SUPPORT

Ratings by Security Mechanisms Category Enterprise Readiness of Consumer mobile platforms by Cesare Garlati of Trend Micro Security Mechanisms in Mobile Platforms

 Usage of mobile applications is inevitable  Organizations’ commitment  Investment in security solutions - Means for enforcing, monitoring and auditing protection mechanisms  Users Security Awareness CONCLUSION

Q & A THANK YOU

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.