Topic 10B Flashcards
Mobile device deployment models
Bring your own device (BYOD)—means the mobile device is owned by the employee. The device must comply with established requirements developed by the organization (such as OS version and device capabilities), and the employee must agree to having corporate apps installed and acknowledge the organization’s right to perform audit and compliance checks within the limits of legal and regulatory rules.
Corporate owned, business only (COBO)— means the device is the property of the organization and may only be used for company business.
Corporate owned, personally enabled (COPE)—means the device is chosen and supplied by the organization and remains its property. The employee may use it to access personal email and social media accounts and for personal web browsing
Choose your own device (CYOD)—is similar to COPE except the employee is given a choice of devices to select from a preestablished list.
Mobile device management (MDM)
is a critical strategy IT departments use to manage, secure, and enforce policies on smartphones, tablets, and other endpoints
MDM allows IT departments to maintain an inventory of all mobile devices accessing corporate resources and helps ensure that only authorized devices maintain access.
Additionally, MDM can enforce security policies, such as enforcing device encryption or mandating screen locks.
MDM can enable remote lock or wipe capabilities to protect sensitive data if a device is lost or stolen.
manage device updates and patches
Common tasks by MDM
updating enterprise applications, managing corporate email accounts, managing device geo-tracking and geofencing, managing application allow or block listing, controlling Internet access or use, and many other features
Android enterprise is used for MDM
Apples is built into the OS
Platform-agnostic solutions include platforms such as Microsoft Intune, VMware AirWatch, and IBM MaaS360
In iOS, there are various levels of encryption.
All user data on the device is always encrypted, but the key is stored on the device. This is primarily used as a means of wiping the device.
Email data and any apps using the “Data Protection” option are subject to a second round of encryption using a key derived from and protected by the user’s credential. Not all apps are “Data Protection”
In iOS, Data Protection encryption is enabled automatically when you configure a password lock on the device.
Indoor Positioning System (IPS)
works out a device’s location by triangulating its proximity to other radio sources, such as cell towers, Wi-Fi access points, and Bluetooth/RFID beacons.
Global Positioning System (GPS)
is a means of determining the device’s latitude and longitude based on information received from satellites via a GPS sensor.
sensor triangulates the device position using signals from orbital GPS satellites. As this triangulation process can be slow, most smartphones use Assisted GPS (A-GPS)
A-GPS uses cellular data. GPS satellites are operated by the US Government. Some GPS sensors can use signals from other satellites operated by the EU
Geolocation drawbacks
Privacy concerns
If an attacker can gain access to this data, then stalking, social engineering, and even identity theft become real possibilities.
Geofencing
the practice of creating a virtual boundary based on real-world geography.
GPS tagging
the process of adding geographical identification metadata, such as the latitude and longitude where the device was located at the time, to media such as photographs, SMS messages, video, and so on
GPS tagging is highly sensitive personal information and potentially confidential organizational data. GPS tagged pictures uploaded to social media could be used to track a person’s movements and location
For example, a Russian soldier revealed troop positions by uploading GPS tagged selfies to Instagram
Technologies that protect cellular data connections include
user awareness and training, virtual private networks (VPN), mobile device management (MDM), mobile threat defense, and data loss prevention (DLP).
How can geofencing be worked around?
GPS signals can be jammed or even spoofed using specialist radio equipment. This might be used to defeat geofencing
The risks from Wi-Fi come from
connecting to open access points or possibly a rogue access point imitating a corporate network. These allow the access point owner to launch any number of attacks, even potentially compromising sessions with secure servers (using a DNS spoofing attack, for instance).
WPA3 security gives a fairly low risk of eavesdropping
Personal area networks (PANs)
enable connectivity between a mobile device and peripherals. Ad hoc (or peer-to-peer) networks between mobile devices or between mobile devices and other computing devices can also be established.
Peer to peer should be disabled or an attacker can exploit a bridged connection.
ad hoc network
meaning that the network is not made permanently available. There is no established standards-based support for ad hoc networking however.
MITRE has a project to enable Android smartphones to configure themselves in an ad hoc network
Wireless stations can establish peer-to-peer connections with one another rather than using an access point.
Wi-Fi Direct
allows one-to-one connections between stations, though in this case, one of the devices actually functions as a soft access point.
Wi-Fi Direct depends on Wi-Fi Protected Setup (WPS), which has many vulnerabilities.
Android supports operating as a Wi-Fi Direct AP, but iOS uses a proprietary multipeer connectivity framework.
You can connect an iOS device to another device running a Wi-Fi Direct SoftAP, however.
Tethering
Where the connection is shared by connecting the smartphone to a PC with a USB cable or with a single PC via Bluetooth
Bluetooth & security issues
Radio based wireless technology
Device Discovery—is when a device can be put into discoverable mode meaning that it will connect to any other Bluetooth devices nearby. Unfortunately, even a device in non-discoverable mode can still be detected.
Authentication and Authorization—is when devices authenticate (“pair”) using a simple passkey configured on both devices. This should always be changed
Malware - Bluetooth worms and application exploits
bluejacking
a sort of spam where someone sends you an unsolicited text (or picture/video) message or vCard (contact details). This can also be a vector for malware
Unless device authentication is configured, a discoverable device is vulnerable to bluejacking
Bluesnarfing
refers to using an exploit in Bluetooth to steal information from someone else’s phone. The exploit (now patched) allows attackers to circumvent the authentication mechanism.
Bluetooth securirty features
Pairing and Authentication - passkey
Bluetooth Permissions
Encryption
Bluetooth Secure Connections (BSC) - Introduced in Bluetooth 4.0, BSC offers increased resistance against eavesdropping, on-path attacks, and unauthorized access
Bluetooth Low Energy (BLE) Privacy - BLE is a power-efficient version of Bluetooth that uses randomly generated device addresses that periodically change to prevent tracking and unauthorized identification of BLE devices.
Near-field communication (NFC)
based on a particular type of radio frequency ID (RFID). NFC sensors and functionality are now commonly incorporated into smartphones.
An NFC chip can also be used to read passive RFID tags
An NFC transaction is sometimes known as a bump
possible to exploit NFC by crafting tags to direct the device browser to a malicious webpage where the attacker could try to exploit vulnerabilities in the browser.
Does not provide encryption
Widest application of NFC
The widest application of NFC is to make payments via contactless point-of-sale (PoS) machines
The wallet app does not transmit the original credit card information but a one-time token that is interpreted by the card merchant and linked back to the relevant customer account
NFC
Certain antenna configurations may be able to pick up the RF signals emitted by NFC from several feet away, allowing an attacker to eavesdrop from a more comfortable distance.
An attacker with a reader may also be able to skim information from an NFC device in a crowded area, such as a busy train.
An attacker may also be able to corrupt data as it is being transferred through a method similar to a DoS attack—by flooding the area with an excess of RF signals to interrupt the transfer.
