Successfully reported this slideshow.
Your SlideShare is downloading. ×

Mobile (in)security ?

Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Loading in …3
×

Check these out next

1 of 20 Ad

Mobile (in)security ?

Download to read offline

Is your company data secure? This talk is going to help understand some of the possible attack vectors on mobile platforms and what can Enterprises do, to lower the risk on this platforms.

Is your company data secure? This talk is going to help understand some of the possible attack vectors on mobile platforms and what can Enterprises do, to lower the risk on this platforms.

Advertisement
Advertisement

More Related Content

Slideshows for you (20)

Similar to Mobile (in)security ? (20)

Advertisement

Recently uploaded (20)

Advertisement

Mobile (in)security ?

  1. 1. /// Mobile (in)security ? Cláudio André / ca@integrity.pt
  2. 2. 2 /// MOBILE (IN)SECURITY ? WHOAMI • Pentester at Integrity S.A. • Web applications, Mobile Applications and Infrastructure • BSc in Management Information Technology • Offensive Security Certified Professional
  3. 3. 301.3 million shipments 3 /// MOBILE (IN)SECURITY ? MOBILE EQUIPMENTS 2014Q2 http://www.idc.com/prodserv/smartphone-os-market-share.jsp
  4. 4. 4 /// MOBILE (IN)SECURITY ? 2014Q2 MARKETSHARE 2.5% 0.5% 0.7% 84.7% 11.7% Android iOS Windows Phone BlackBerry OS Others http://www.idc.com/prodserv/smartphone-os-market-share.jsp
  5. 5. 5 /// MOBILE (IN)SECURITY ? MOBILE PLATFORMS ON ENTERPRISE BYOD & Mobile Security 2013 Survey Linkedin Information Security Group
  6. 6. 6 /// MOBILE (IN)SECURITY ? ENTERPRISES MAIN SECURITY CONCERNS BYOD & Mobile Security 2013 Survey Linkedin Information Security Group
  7. 7. 7 /// MOBILE (IN)SECURITY ? ENTERPRISES MAIN SECURITY CONCERNS I'm not a Hacker. Just a silly guy with a ski mask on. Don't know what I'm doing.
  8. 8. 8 /// MOBILE (IN)SECURITY ? SECURITY HORROR STORIES 2014 (SO FAR...) Ebay - 145 million users and encrypted email address. JP Morgan Chase - Customer information of 76 million households and 7 million business. Home Depot - 56 million debit and credit cards. Target - 40 million credit and debit cards. Community Health Systems - Personal data of 4.5 million patients.
  9. 9. 9 /// MOBILE (IN)SECURITY ? ATTACK VECTORS
  10. 10. 10 /// MOBILE (IN)SECURITY ? ATTACK VECTORS Device Network Server
  11. 11. 11 /// MOBILE (IN)SECURITY ? ATTACK VECTORS • Browser • System • Phone / SMS • Apps • Malware • ... Device
  12. 12. 12 /// MOBILE (IN)SECURITY ? ATTACK VECTORS Tech details in: http://security.claudio.pt
  13. 13. 13 /// MOBILE (IN)SECURITY ? ATTACK VECTORS Network • Packet Sniffing • Man-In-The-Middle (MITM) • Rogue Access Point • ...
  14. 14. 14 /// MOBILE (IN)SECURITY ? ATTACK VECTORS Server • Brute Force Attacks • SQL Injections • OS Command Execution • ...
  15. 15. 15 /// MOBILE (IN)SECURITY ? A WAY TO... Mobile Device Management; Mobile Application Management; Endpoint Security Tools; Network Access Control (NAC) Endpoint Malware Protections; …..
  16. 16. 16 /// MOBILE (IN)SECURITY ? MOBILE DEVICE MANAGEMENT - Focus on the Device - Provisioning - Security Policies Enforcement - Reporting and Monitoring - Software Distribution
  17. 17. 17 /// MOBILE (IN)SECURITY ? MOBILE APPLICATION MANAGEMENT - Focus on the Applications - Same as previous but applied to the applications. - Corporate App Store (wrapping)
  18. 18. 18 /// MOBILE (IN)SECURITY ? WHICH ONE TO CHOOSE ? - Depends on your objectives - Mixed solution
  19. 19. 19 /// MOBILE (IN)SECURITY ? NOT ONLY *WARE APPROACH - Defense-In-Depth - Raise User Awareness - Secure Development Best Practises (OWASP) - Threat Modeling - Continuous Penetration Testing
  20. 20. Thank you. 20

×