Mobile Device Security Flashcards
Near field communication (NFC)
Employment of electromagnetic induction to enable communication between devices within 10cm
Satellite communications (SATCOM)
Artificial geostationary satellite that provides services across the globe
Cellular Communication
Based on a single network tower that serves devices located within a certain radius.
ANT
A wireless sensor protocol that enables communication between sensors and their controllers
Universal serial bus (USB)
Enabled wired communication between devices that can be used for power supply, and serial data transmission.
Global positioning system (GPS)
A system that determines the precise location of something on earth through a series of satellites, tracking stations, and recievers.
Infrared (IR)
A wireless technology for transmitting data between two devices in the digital form within 5m
Wi-Fi
A common wireless technology used in homes and office buildings to connect local devices.
Bluetooth
A short range high speed low power wireless technology that enables communication between devices
5G cellular Communication
A broadband cellular network that operates at low latency, high bandwidth, and provides high speed downloads
Point to point (P2P) connection
Enables secure communication between two devices without encryption, through a fixed path.
Point to multipoint connection
Allows one to many connections by providing multiple paths from a single location to many others
Radio frequency identification (RFID)
A form of wireless communication that incorporates the use of electromagnetic or electrostatic coupling in the radio frequency portion of the electromagnetic spectrum to uniquely identify something.
Mobile app management
Used by IT admins and others to secure and control organizational data.
Mobile security management
The actions and precautionary steps for securing the organizations data and mobile devices used by it’s members
Enterprise Mobility Management
Used to secure data in employees personal devices
Remote wipe
Allows admins to remotely remove data from a mobile device
Screen lock
Used to prevent unauthorized access to the device
Passwords/pins
Form of authentication on electric devices
Geolocation
Can identify the real world location of devices through the internet
Geofencing
Virtual fence that interferes with mobile users when they cross an arbitrary line
Full device encription
Can encrypt all data stored within a device
Containerization
The application of encryption software to segment a device between personal data and the encrypted organizational data.
BYOD
Bring your own device
COPE
Company owned personally enabled
COBO
Company owned business only
CYOD
Choose your own device
What are the benefits of BYOD
Low cost, less employee aggravation
What are the downsides of BYOD
Difficult to maintain security, comparability issues which make it hard to scale
What must be done to successfully implement BYOD
Define the specs Decide how the data will be managed Policies How security will be implemented How support will be issued
What are the benefits of CYOD
Streamlines options
Able to control the devices without overly disturbing employees
Devices meet any spec requirements
Lower cost than COPE
What are the disadvantages of CYOD
Employees must seek out repairs and replacement
Must use updates though the organization
Slow deployment timeframe
What must be done to implement a CYOD policy?
Define a set of devices
A set of deletion policies
Define the security that must be implemented
Define how support will be obtained by user
What are the benefits to the COPE policy
Greater control
Org retains device ownership
Prevents multiple devices from being required
What are some of the downsides of COPE
Org will be required to purchase the device
Monitoring policies will need to be put in place
Business will be required to update all devices
Slow deployment time
What will be needed to deploy a COPE policy
The purchasing of devices and required software
Allow employees to work with the device to develop a tech portfolio
Develop policies
Deploy security and support
What are the benefits of COBO
Prevents data loss
The org posseses full authority
What are the downsides of COBO
High purchase cost
Requires employees to carry multiple devices
What must be done to implement a COBO policy?
Prohibit personal use on business devices
Allow employees to get used to the device
Develop policies
Deploy security and support on COBO devices
Enterprise Mobile Device Security risks
Weak security systems
Insufficient config allowance
Can be taken outside the bounds of physical security
What challenges face mobile devices when it comes to security?
Harder to track and secure
Can be easily mismanaged
Have to ensure all devices are up to date
Risks for all mobile policies
The sharing of confidential data
Data leakage and endpoint security
Supporting different devices/ OS’s
Mixing of personal and private data
The ability to bypass policy issues
Disgruntled employees
Sec prof guidelines for Mobile policies
Ensure multi-layer protection of systems
Educate the employees
Clarify which apps and data are owned by who
Use of encrypted channels for sensitive data
Clarify any bans
Control access
Ensure employees sign off on the policies
Employee guidelines for Mobile policies
Use encryption to store all sensitive data
Maintain a separation of org and personal data
Register devices that contain any org data
Update the OS regularly
Use anti-virus and DLP solutions
Set a strong passcode
Mobile device Management (MDM)
Used to deploy, manage, and monitor org owned devices
Features of MDM solutions
Security management
Device configuration
Device inventory and tracking
Over the air distribution
Policy management
Password enforcement
Data encryption enforcement
Network integration
Remote data wipe
Blacklisting/ whitelisting of apps and devices
Mobile application management (MAM)
Enables network defenders to secure, manage, and distribute applications on employee mobile devices
What are the features of an MAM solution
Device activation
Enrollment in provisioning capabilities
Remote wipe and other device level functionality
Minimal admin intervention
Mobile Content Management (MCM) or Mobile Information Management (MIM)
Provides secure access to corporate data
Enables secure sharing
Mobile Threat Defence (MTD)
As to secure mobile devices against malicious threats, network attacks, and device vulnerabilities
Mobile Email Management (MEM)
Pre-config emails on devices remotely, ensures that only approved apps and devices can access the emails, prevents unauthorized access to emails, pre installs the email client
Unified endpoint management (UEM)
Ensures remote provisioning, managing, controlling, and securing internet based solutions
Tracking device usage
Remote, Manuel, or auto pushing of updates
Supporting employee owned devices
Threat detection and mitigation
Enterprise Mobility Management (EMM)
A comprehensive solution responsible for MDM, MAM, MTM, MCM, and MEM. Secures and manages devices across multiple OSs.
Mobile app security best practices
Ensures that the app does not save passwords
Avoid the use of the query string while handling sensitive data
Use code obfuscation and encryption
Implement two-factor authentication
Use SSL/TLS to send data over secure channels
Avoid caching app data
Perform validation checks on input data
Implement secure session management
Mobile data security best practices
Encrypt the data stored on the device
Enable over the air encryption
Backup the mobile data periodically
Do not store extremely sensitive data on the device
Do not store passwords or pins as contacts
Use private data centers to store data
Mobile network security guidelines
Disable interfaces like Bluetooth, IR, and WiFi when not in use
Set Bluetooth enabled devices to non discoverable
Avoid connecting to unknown WiFi
Config web accounts to use secure connections
General guidelines for Mobile platform security
Avoid excessive installation of apps
Avoid auto uploading photos
Maintain configuration control and management
Install from trusted sources
Wipe or delete data before disposing a device
Disable GPS unless required
Kaspersky
Internet security for Android uses machine learning to combat new threats
Avira
Mobile security for iOS devices provides web protection, identity safeguarding, and identifies phishing websites.
