Mobile Device Enforcement 2.5 Flashcards
Third Party App Stores
Mobile devices have app stores like Google Play and Apple App Store. Not all the apps are secure. MDM can manage if app store is allowed or what apps are/aren’t allowed.
Rooting/Jailbreaking
Mobile devices are designed with a purpose. You don’t need access to the OS but people root (Android) and jailbreak (iOS) their phones all the time. If this happens your MDM has no control over the device.
Carrier Unlocking
Moving a device to another carrier, the MDM on the phone may become compromised. This has to be handled with a security policy.
Firmware Over the Air (OTA) Updates
The operating system is constantly changing similar to a desktop. Security patches or entire OS updates are pushed out occasionally. The MDM needs to manage how this is handled.
Camera Use
Common method information is exfiltrated out of an organization. Usually the best policy is to geofence the camera so that it can’t be used around the workplace.
SMS (Short Message Service) / Multimedia Messaging Service (MMS)
Significant security concern because of someone leaking data this way or phishing attempts via text. Capability can be managed by MDM.
External Media
Mobile devices connected to desktops act like a flash drive. Easy to transfer data to and from. Manageable by MDM.
USB On the Go
Multiple mobile devices connected together via a USB cable. One device acts as a host, can read other devices and also act as a storage device itself. Dangerous from a security perspective.
Recording Microphones
A useful function on every mobile device. Good for meetings and taking notes, has some legal liabilites based on state laws and situations. Disable it entirely or geofence it. Managed from MDM.
Geotagging/GPS Tagging
Location services. Photos and video can have your location imbedded into the meta data. Posting these on social media can give away location information and possibly more.
WiFi Direct
Technology to allow simplified device to device connections. Often seen in home devices. Very unsafe, disable.
Hotspot/Tethering
Phone becomes a hotspot to allow other connected devices to connect to the internet. Could become a rogue access point if the hotspot phone is connected to the work network. Manage with MDM.
Payment Methods
Near field communication used to make payments with Apple/Android pay. Manage with MDM.