Section 5: Mobile Device Security Flashcards
What’s the best way to secure mobile devices?
Keep them up to date as soon as the updates come out
Where should you get applications from?
Only install apps from the official App Store or Play Store because they’re digitally signed. Doesn’t mean they’re 100% free of malware.
Sim Cloning
Allows two phones to utilize the same service and allows an attacker to gain access to the phone’s data.
Bluejacking
Sending of unsolicited messages to Bluetooth enabled devices (sending information to devices)
Bluesnarfing
Unauthorized access of information from a wireless device over a Bluetooth connection (takes information from a device)
How do you prevent Bluetooth attacks?
Don’t use the default pairing key, turn it off, make sure it’s not in discovery mode
How do you secure your info if your device is stolen?
Back up the data, encrypt the device, set up tracking on the device, don’t try to recover your device if it’s stolen alone (go the police)
Remote Lock
Requires a pin or password before someone can use the device
Remote Wipe
Remotely erases the contents of the device to ensure the information is not recovered by the thief
TLS
Transport Layer Security
MDM
Mobile Device Management; Centralized software solution that allows system administrators to create and enforce policies across its mobile devices
Should you allows location access in an application?
It’s recommended you turn it off for apps that don’t really need it
Geotagging
Embedding of the geolocation coordinates into a piece of data (i.e. a photo)
BYOD introduces a lot of __________ for your organization
Security issues
What is CYOD?
The company let’s you choose from several devices that they’ve pre-approved and has their MDM on it
What are the 10 best ways to harden your device?
Update your phone to the latest version of the software
Install antivirus
Train users on proper security and use of the device
Only install apps from the official mobile stores
Do not root or jailbreak your devices
Only use v2 SIM cards with your devices (very hard to clone)
Turn of all unnecessary features
Turn on encryption for voice and data
Use strong passwords or biometrics
Don’t allow BYOD