• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Mobile security trends
 

Mobile security trends

on

  • 2,040 views

 

Statistics

Views

Total Views
2,040
Views on SlideShare
2,039
Embed Views
1

Actions

Likes
1
Downloads
61
Comments
0

1 Embed 1

http://androidtwittertrendapp.jusst.us 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • WPA: Wi-Fi Protected AccessWEP: Wired Equivalent Privacy

Mobile security trends Mobile security trends Presentation Transcript

  • Security Trends in a Mobile Environment: Access in an Anytime, Anywhere World
    Ken Huang & James Hewitt
     HDI Executive Forum | June 22, 2011
  • About CGI
    Full Service IT company
    Managed service, BPO
    IP based Business Solutions
    SI&C
    Cloud and Mobile Computing:
    Cloud IT services
    Cloud security services
    Approximately 31,000 professionals worldwide
    Total Revenue: $4.5 Billion.
    2
  • Who Are We?
    Ken Huang
    Director of Security Engineering
    Cloud/Mobile Security
    ST&E
    IDAM
    E-Signature, etc.
    Frequent Speaker
    Blog: http://cloud-identity.blogspot.com/
    Linkedin: www.linkedin.com/in/kenhuang8
    Twitter: http://twitter.com/#!/kenhuangus
    James Hewitt
    Director of Security Governance
    CISO
    ST&E
    Database Security
    Frequent Speaker
    Linkedin: http://www.linkedin.com/pub/jim-hewitt/0/6ab/552
    3
  • Topics
    Mobile Technology and Trends
    Mobile Application and Trends
    Mobile Security and Trends
    Data Loss Prevention for Mobile Devices and Trends
    Discussion Topics
    4
  • Mobile Technology and Trends
    5
  • Mobile Technology and Trends
    6
  • 3G vs 4G Networks
    7
  • WiMAX vs. Wi-Fi
    8
  • NFC
    Based on RFID Technology at 13.56 MHz
    Operating distance typically up to 10 cm
    Compatible with today’s field-proven contactless RFID technology
    Data exchange rate today up to 424 kilobits/s
    Uses less power than Bluetooth
    Does not need pairing
    9
  • Mobile Application Trends
    Payment
    Using your phone to pay will become a reality
    Federal Government Adoption
    Mobile apps will become more widely used
    Cloud and Mobile Computing
    During an appearance in Silicon Valley, Aneesh Chopra, the nation’s first-ever CTO, acknowledged the inevitable emergence of cloud and mobile as solutions for the federal government, but sees them as supplementing, rather than replacing, legacy systems
    Transportation Department gets $100 million for mobile apps
    10
  • Mobile Application Trends (cont.)
    Federal Government Adoption (cont.)
    FBI – most wanted listing app on iPhone
    IRS – check refund status
    The White House mobile app – news, videos, podcasts, blogs, etc.
    Productivity tool
    Mobile apps will become more mature over time
    Banking
    Check balances, transfer funds, etc.
    11
  • Mobile Application Trends (cont.)
    Entertainment
    Videos, gaming, etc.
    Social networking
    Facebook
    Twitter
    Foursquare
    Linkedin
    Any new apps?
    Activists
    Collective bargaining and strikes
    Other
    Price comparison for various products
    12
  • Wi-Fi Security Trends
    Use a strong password
    Don’t broadcast your SSID
    Use good wireless encryption (WPA, not WEP)
    Use another layer of encryption when possible (e.g. VPN, SSL)
    Restrict access by MAC address
    Shut down the network and wireless network when not in use
    Monitor your network for intruders
    Use a firewall
    13
  • 4G Security Trends
    Backward compatibility to 3G or GSM capabilities exposes 4G to 3G and GSM security vulnerabilities
    4G also has a roaming vulnerability associated with mutual authentication: a fake network can easily claim to be a “roaming partner”
    14
  • Bluetooth Security Trends
    Bluejacking
    Sending either a picture or a message from one user to an unsuspecting user through Bluetooth wireless technology.
    DoS Attacks
    Eavesdropping
    Man-in-the-middle attacks
    Message modification
    NIST published a Guide to Bluetooth Security in 2008
    15
  • NFC Security Trends
    Ghost and Leech Attack
    Hacker’s RFID reader steals or transmits credentials to a fake RFID card
    Eavesdropping
    Hacker must have a good receiver and stay close
    To avoid this, use a secure channel as compensating control
    Data Corruption
    Jams the data so that it is not readable by the receiver
    Check RF field as compensating control.
    16
  • NFC Security Trends (cont.)
    Data Modification
    Changes the semantics of the data
    Use secure channel
    17
  • Attack on the app
    Currently, Androids are the target due to Google’s loose vetting process
    According to USA Today (June 5, 2011), Google had to remove 25 apps from the Android market, but not before 125,000 users have downloaded the apps1
    These apps allow hackers to download more malicious programs when the user makes phone calls
    iPhones and iPads are lightly hacked – but will become targets in the future
    1http://www.usatoday.com/tech/products/2011-06-03-tougher-security-sought-in-google-apple-devices_n.htm
    18
  • Data Protection for Mobile Device and Trends
    File-level encryption (PocketCrypt or PointSafe)
    Encryption of data in the transit
    Remote data wipe-out
    Device tracking
    Data backup (Cloud Storage As Service)
    Mobile Device Management (MDM)- Example GSA use Fiberlink.
    19
  • Gartner Predications
    2014 will witness over 3 billion mobile users worldwide
    Mobiles phones will become the preferred and most commonly used web device globally by 2013.
    As a result, a large number of mobile applications will be built for multiple platforms (Android, J2ME, Symbian, iOS, etc.) and domains (mobile payments, mobile, commerce, mobile VAS, etc.).
    20
  • Do Cell Phones Cause Cancer?
    According to an article in the HuffingtonPost (June 1, 2011):
    The World Health Organization announced that cell phones could possibly cause cancer.
    The WHO’s cancer research arm, the International Agency for Research on Cancer, classifies cell phones as a class 2b possible carcinogen. “The IARC also identified known as well as probable carcinogens, including a few others which some of us come into contact with on a regular basis.” 1
    CNN link: http://www.cnn.com/2011/HEALTH/05/31/who.cell.phones/index.html
    1http://www.huffingtonpost.com/2011/05/20/cell-phone-radiation_n_864799.html
    21
  • Topics for discussion
    What is the security policy for mobile technology in your organization?
    How can data be protected?
    Data encryption for mobile device
    Data Loss Prevention for mobile technology
    Mobile technology and cloud computing
    Trends on Telecommuting or telework
    22