Securing Mobile Devices Flashcards
Screen locks - Securing Mobile Devices
- Fingerprint - Built-in fingerprint reader
- Face Unlock - Face recognition
- Swipe - Choose a pattern
- Passcode - Choose a PIN or add complexity
- Failed attempts:
- iOS: Erase everything a er 10 failed attempts
- Android: Lock the device and require a Google login
- Windows Phone: Delays next attempt or factory reset
Locator applications and remote wipe - Securing Mobile Devices
- Built-in GPS - And location “helpers”
- Find your phone on a map
- Control from afar with sounds and messages
- Wipe everything remotely
Remote backup - Securing Mobile Devices
- Difficult to backup something that’s always moving
- Backup to the cloud for constant backup
- Backup without wires - use the existing network
- Restore with one click - authenticate and wait
Antivirus and Antimalware - Securing Mobile Devices
- Apple iOS - Closed environment, tightly regulated
- Android - More open, apps can be installed from anywhere
- Windows Phone - Closed environment, apps run in a sandbox
Patching/OS updates - Securing Mobile Devices
- All devices need updates, even mobile devices
- Device patches - security updates
- Operating system updates - New features, bug fixes
Biometric authentication - Securing Mobile Devices
- Multi-factor authentication - More than one factor
- Passcode, password, swipe pattern
- Fingerprint, face, iris
- A phone is always with you, and you’re a good source of data
Authenticator apps - Securing Mobile Devices
- Pseudo-random token generators
- Carry around physical token devices
- Use a token generator app
Full device encryption - Securing Mobile Devices
• Encrypt all device data - Phone keeps the key
• iOS 8 and later - Personal data is encryption with your passcode
• Android - Full device encryption can be turned on
• Windows Phone 8/8.1 - Full device encryption only available
with Exchange ActiveSync or managed by an MDM
Trusted vs. untrusted sources - Securing Mobile Devices
- Once malware is on a phone, it has a huge amount of access
- iOS - All apps are curated by Apple
- Android - Downloaded from Google Play or sideloaded
- Windows Phone - Apps are curated by Microsoft
- Sideloading available in enterprise environments
Firewalls - Securing Mobile Devices
- Mobile phones don’t include a firewall
- Some mobile firewall apps are available, most for Android
- Enterprise environments can control mobile apps
Policies and procedures - Securing Mobile Devices
- Manage company-owned and user-owned mobile devices
- BYOD - Bring Your Own Device
- Set policies on apps, data, camera, etc.
- Force screen locks and PINs on these single user devices
