Download presentation
Presentation is loading. Please wait.
Published byConner Gobert Modified over 10 years ago
1
Tips on Securing Mobile Devices October 5, 2012 Preston Wiley, Network Security Manager, CISSP Mike Hill, Project Manager / Systems Analyst, CISSP
2
W HAT IS A M OBILE D EVICE ? Highly Portable Constantly connected to the Internet Able to run a variety of applications Easily stolen or misplaced Smartphones, Tablets Personally managed
3
M OBILE D EVICE O PERATING S YSTEMS iOS iPad iPhone iPod Touch Android Nexus 7 Samsung Galaxy HTC One, Desire, Evo, etc. Motorola RAZR MANY MANY MANY Others Blackberry, Symbian, Windows
4
W HY DO WE HAVE M OBILE D EVICES ? Highly Portable Convenient Always Stay Connected Remain Productive Coolness Factor
5
W HY SHOULD WE SECURE THEM ? As mobile devices become ingrained into our life, we store more and more data in them, such as: o E-mail o Contacts o Photos and we use various apps to make our lives easier: o Social: Facebook, Twitter, LinkedIn o Financial: Paypal, eBay, Amazon o Cloud Storage: Dropbox, Google Drive o Maps: Mapquest, Google Maps o Games: Angry Birds, Bad Piggies
6
T IP #1: L OCK D EVICE Passcodes o Pins o Pattern (Android) o Facial Recognition (Android 4) o Passwords Auto-Lock (Screen Timeout) o 1 minute to 5 minutes o Shorter time is more secure o Be aware of apps that can be accessed when locked
7
T IP #2: U PDATE A PPS Keep apps up-to-date using official sites o Apple App Store (iOS) o Google Play (Android) Be wary of 3rd party apps from unofficial sites (Android) o When you allow unknown apps on Android, you allow them from ALL sources o Only turn this option on if you need it and turn it off when you don't need it. o There are legitimate stores other than Google Play that require this to be turned on: Amazon App Store
8
T IP #3: D ISABLE N ETWORK S ERVICES Benefits to disabling services o These services can pose security risks o Can also extend battery life WiFi o Constantly scans for WiFi networks o Beware of open networks (unencrypted) Bluetooth o Turn off or set to non-discoverable if not needed o Used for hands free devices and wireless keyboards o Can be used to view your contacts and make calls with your phone.
9
T IP #4: B EWARE OF QR CODES Which QR code is the malicious one?
10
Tips 5-10
11
T IP #5: U PDATE O PERATING S YSTEM Update OS to latest version available to you o iOS 6 o Android 4.1 (Jelly Bean) o BlackBerry 7.1 OS o Windows Phone 7.5 *Data as of October 1, 2012*Data as of September 30, 2012
12
T IP #6: C ONFIGURE L OCATION S ERVICES Popular features of location services o Photos - geotagging o Maps - turn by turn navigation Beware of disclosing location publicly o Please Rob Me (2010) o U.S. Army warns about geotagging (2007) Recommended Configuration o Disable if not needed o Only enable for specific apps when needed
13
T IP #7: B ACKUP D EVICE
14
Backup your device o Device should not be sole source of this data o Data can be encrypted during backup to iTunes (iOS) o Backups based on Google Account (Android) Be aware of any sensitive data on device o Financial documents o Tax records o Health records o Passwords
15
T IP #8: W IPE D EVICE Erase data on device before o Return o Repair o Resale Auto-Wipe o Erases data after 10 failed attempts (iOS) o Autowipe app (Android 2.2+) Remote Wipe o Gives you the ability to remotely wipe device
16
T IP #9: F IND D EVICE Find My iPhone (iOS) o Requires iOS 5+ o Locate your device on a map o Display custom message o Remotely lock or wipe device o Lost Mode (iOS 6) LocateMyDroid (Android) o Available on Android OS 2.2+ o Visually see your phone on a map o Remotely lock/wipe phone (admin) Create ICE for lock screen
17
T IP #10: S ECURE B ROWSER S ETTINGS Recommended Settings o Block Pop-ups o Enable Private Browsing o Enable Fraud Warning (iOS) o Disable AutoFill o Disable Location Services o Clear history and cookies
18
W RAP -U P 10 Tips for Increased Security 1. Lock Device 2. Update Apps 3. Disable Network Services 4. Beware of QR Codes 5. Update Operating System 6. Configure Location Services 7. Backup Device 8. Wipe Device 9. Find Device 10. Secure Browser Settings
19
S ERIOUS ABOUT S ECURITY P ODCAST New episodes recorded every two weeks http://www.cerias.purdue.edu/site/sas_podcast Twitter: @SASPodcast
20
Q&A Preston Wiley E-mail: pswiley@purdue.edu Twitter: @PrestonSecure Mike Hill E-mail: mikehill@purdue.edu Twitter: @Purdue_Mike
21
R EFERENCES Android Distribution Chart https://developer.android.com/about/dashboards/index.html iOS Distribution Chart http://insights.chitika.com/2012/ios-by-device/ Permission to use Dilbert comics provided by Universal Uclick Please Rob Me http://pleaserobme.com U.S. Army warns about the risks of geotagging http://nakedsecurity.sophos.com/2012/03/14/us-army-warns-about- the-risks-of-geotagging/
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.