Top 7 Mobile Security Threats
Giri Sreenivas
VP/GM, Mobile
Review prioritized threat list
• Lost/Stolen Devices and Terminated Employees
• Jailbroken Devices
• Trojans + Malware
• U...
State
• 35% of mobile devices are lost or stolen
 #1 type of crime in urban centers like NYC
• Devices are replaced every...
State
• 5% of iOS devices jailbroken
• Comparable percentage of Android devices are jailbroken
Consequences
• No trustwort...
State
• Well controlled in iOS app store, room for improvement
with Google Play
• 3rd party app stores pose dramatically i...
State
• BYOA – Bring Your Own App. Dropbox, Evernote, etc.
• Employees are finding the best apps to solve their work
probl...
State
• Apps request permissions to get access to sensitive
corporate data like address book contacts and calendar
events
...
State
• Occasionally referenced as smishing
• Inbound SMS and emails that elicit end user disclosures
of sensitive data
Co...
State
• Caps on data plans motivates WiFi usage, including
heavy reliance on insecure networks
• Majority of tablets are W...
Mobile Risk Management is a lean, enabling approach to addressing
these top 7 mobile threats
Check out a demo of Mobilisaf...
Upcoming SlideShare
Loading in...5
×

Top 7 Mobile Threats Webinar

172

Published on

With about 80% of companies embracing BYOD or Bring Your Own Device, mobile security is now a top priority at most companies. Watch this 30 minute live webcast where we will talk about the recent research we have performed to find the top 7 mobile security threats. You will also come away with mitigation tactics for each threat.

To download a free Mobilsafe demo, click here:
http://information.rapid7.com/mobilisafe-demo.html?LS=1428723&CS=Web

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
172
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
6
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Top 7 Mobile Threats Webinar

  1. 1. Top 7 Mobile Security Threats Giri Sreenivas VP/GM, Mobile
  2. 2. Review prioritized threat list • Lost/Stolen Devices and Terminated Employees • Jailbroken Devices • Trojans + Malware • User Behavior with apps • Promiscuous apps • Phishing • Man In The Middle Q+A Agenda 2
  3. 3. State • 35% of mobile devices are lost or stolen  #1 type of crime in urban centers like NYC • Devices are replaced every 18 months on average • > 50% of terminated employees did not feel it was wrong to steal corp data Consequences • Leakage of corporate data without adequate security controls like PINs, encryption and remote wipe Lost/Stolen Devices + Terminated Employees 3
  4. 4. State • 5% of iOS devices jailbroken • Comparable percentage of Android devices are jailbroken Consequences • No trustworthy data security mechanisms on the device  Encryption  Security policies like PINs • Correlated with presence of higher risk applications  Access to untrusted app stores for iOS Jailbroken Devices 4
  5. 5. State • Well controlled in iOS app store, room for improvement with Google Play • 3rd party app stores pose dramatically increased risks  Chinese botnets  Bad Pigs vs. Bad Piggies • Malware exploits operating system vulnerabilities are the apps/games to really be worried about Consequences • Data leakage Trojans + Malware 5
  6. 6. State • BYOA – Bring Your Own App. Dropbox, Evernote, etc. • Employees are finding the best apps to solve their work problems, many of which have not been vetted by IT/Security teams • Dropbox vs. Box Consequences • More highly productive employees • Data leakage, typically to cloud-based services User Behavior With Apps 6
  7. 7. State • Apps request permissions to get access to sensitive corporate data like address book contacts and calendar events • Recent versions of LinkedIn, Path, Evernote, etc Consequences • Corporate data inadvertently is leaked to cloud-based services without any visibility or awareness for IT and Security teams Promiscuous Apps 7
  8. 8. State • Occasionally referenced as smishing • Inbound SMS and emails that elicit end user disclosures of sensitive data Consequences • Jailbroken devices • Leaked credentials Phishing 8
  9. 9. State • Caps on data plans motivates WiFi usage, including heavy reliance on insecure networks • Majority of tablets are WiFi only Consequences • Difficult to detect capture of sensitive data, including credentials, by 3rd parties Man In The Middle Attacks 9
  10. 10. Mobile Risk Management is a lean, enabling approach to addressing these top 7 mobile threats Check out a demo of Mobilisafe • http://demo.mobilisafe.com Q + A 10
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×