Salvatore D'Agostino, profile picture
Uploaded bySalvatore D'Agostino
PDF, PPTX430 views

Mobile Device Security

This document discusses securing mobile devices and the edge of networks. It defines what mobile devices include, such as cell phones, laptops, and more. It outlines various attack vectors for mobile devices, including emails, MMS, SMS, and removable storage. The document also discusses using device certificates and FIPS 201 to help authenticate and manage devices. It notes challenges in managing both device and user security and behavior. Finally, it recommends enabling security features like passwords, data encryption, and remote wiping to help secure mobile devices.

Embed presentation

Download as PDF, PPTX
Mobile Device Security Protecting the Edge of the Network CTST 2009 Salvatore D’Agostino IDmachines LLC
It’s getting attention
What is a mobile device? • Cell phone – NFC – Bluetooth – 802.11.x – 3G, 4G • Laptop • Rugged Devices • Media Players • Automobile, Aircraft • Thumb Drives • Smart Card
Attack Vector(s) • Email – Attachments • MMS • SMS • Could be anything on thumb drive… • NIST SP-800-124
Device Identity, Another Take on Convergence • Devices matters as much as individuals • Need to be treated in a very similar manner – Enrollment – Registration – Issuance – Activation – Lifecycle Management
Can FIPS 201 address devices? • Device certificates widely used • Provides single method of authentication: – Doors – Desktops – Devices • Network gear • Desktops and Servers • Mobile devices • Programmable Logic Controllers – Smart Grid
Device Dilemma • Need to manage device security • Need to manage behavior of people that use it – Nearly half of people consider laptop their property • Often don’t have the expertise in the operating system (embedded) • Roaming issue • Now they can connect directly to the network – Not just the email server • Many vendors
Mobile Device Applications and Solutions Expanding Rapidly • Out of band authentication – One Time Passwords Delivered to the Phone • Many vendors entering space – Verisign iPhone app – Battle.net mobile authenticator – Valimo – Payline – CORISECIO – Air France NFC boarding passes – A hundred more…..
Simple Things to Do • Enable PINs and Passwords – Better if tied to x.509 digital certificate • Enable hard reset and data wipe for lost devices – PIN lockout with CAC • Lojack for phones – Ability to track lost devices • Encrypt data • http://csrc.nist.gov/publications/nistbul/Jan2009 _Cell-Phones-and-PDAs.pdf

More Related Content

PPTX
mobile application security
by-jyothish kumar sirigidi
 
PDF
SIM Card Overview
byCarlos Enrique Ortiz
 
PDF
CellSIM OS Overview 1.0
byVladimir Nagin
 
PDF
Mobile Device Management & Data Protection
byGeekTek IT Services
 
PPTX
TS31103 ISIM introduction
byKimmy Yang
 
PDF
Mobile security blunders and what you can do about them
byBen Rothke
 
PDF
2018 hotel technology communication trends
byNexus Net
 
PPTX
Webinar Express: Securing BYOD without MDM
byBitglass
 
mobile application security
by-jyothish kumar sirigidi
 
SIM Card Overview
byCarlos Enrique Ortiz
 
CellSIM OS Overview 1.0
byVladimir Nagin
 
Mobile Device Management & Data Protection
byGeekTek IT Services
 
TS31103 ISIM introduction
byKimmy Yang
 
Mobile security blunders and what you can do about them
byBen Rothke
 
2018 hotel technology communication trends
byNexus Net
 
Webinar Express: Securing BYOD without MDM
byBitglass
 

What's hot

PPTX
Internet of Things changing our lives
byABHILASHGUPTAKONIJET
 
PPTX
Smart Business using IoT
byMithileysh Sathiyanarayanan
 
PDF
smartXS: 2 Door 2 Reader & 4 Door 4 Reader Access Control Panel
bysmart-i Electronics Systems Pvt Ltd.
 
PPTX
World's Most Secure Privacy Phones
byJohn Adam
 
PPTX
Bank security
byPLN9 Security Services Pvt. Ltd.
 
PPTX
Secure Element Solutions
byUgo Chirico
 
PPTX
Intro to Smart Cards & Multi-Factor Authentication
byhon1nbo
 
PDF
SmartTrust WIB 1.3
byJulien SIMON
 
PPT
Mobile forensics
bynoorashams
 
PPTX
Mobile Forensics
byabdullah roomi
 
PPTX
Null mumbai-reversing-IoT-firmware
byNitesh Malviya
 
PPTX
OmniSource_ppt_2011_7-2 (2)(1)
byAndrea Colombetti
 
PPTX
SOVA security management
bySOVA Systems
 
PPTX
Mobile computing
byamellia27
 
PDF
Cellnetrix brochure 2013
byVladimir Nagin
 
PDF
Sierraware virtual phone
bySierraware
 
KEY
Smartphone security
byMike Brannon
 
PPTX
Making Mobile Manageable
bySpiceworks Ziff Davis
 
PPTX
Null mumbai-iot top 10
byNitesh Malviya
 
PPT
Securing Wireless Cellular Systems
byACMBangalore
 
Internet of Things changing our lives
byABHILASHGUPTAKONIJET
 
Smart Business using IoT
byMithileysh Sathiyanarayanan
 
smartXS: 2 Door 2 Reader & 4 Door 4 Reader Access Control Panel
bysmart-i Electronics Systems Pvt Ltd.
 
World's Most Secure Privacy Phones
byJohn Adam
 
Bank security
byPLN9 Security Services Pvt. Ltd.
 
Secure Element Solutions
byUgo Chirico
 
Intro to Smart Cards & Multi-Factor Authentication
byhon1nbo
 
SmartTrust WIB 1.3
byJulien SIMON
 
Mobile forensics
bynoorashams
 
Mobile Forensics
byabdullah roomi
 
Null mumbai-reversing-IoT-firmware
byNitesh Malviya
 
OmniSource_ppt_2011_7-2 (2)(1)
byAndrea Colombetti
 
SOVA security management
bySOVA Systems
 
Mobile computing
byamellia27
 
Cellnetrix brochure 2013
byVladimir Nagin
 
Sierraware virtual phone
bySierraware
 
Smartphone security
byMike Brannon
 
Making Mobile Manageable
bySpiceworks Ziff Davis
 
Null mumbai-iot top 10
byNitesh Malviya
 
Securing Wireless Cellular Systems
byACMBangalore
 

Viewers also liked

PDF
Identity Assertions Draftv5
bySalvatore D'Agostino
 
PPT
Alphabet
byguest0c0e54fa
 
PDF
rule refinement in inductive knowledge based systems
byarteimi
 
PDF
Askep cidera kepala
byForman Kurniawan
 
DOC
Ai in education2
byarteimi
 
PDF
FICAM Impact On Enterprise Architecture And Applications
bySalvatore D'Agostino
 
PDF
Industry best prototyping practices iab 24 april 2013
bySalvatore D'Agostino
 
PDF
Micro2440 Um 20090817
byasdfasdf1234000
 
PPTX
NIST FIPS 201-2 Workshop SIA Perspectives on Standards and Testing
bySalvatore D'Agostino
 
DOC
Electronic publishing
byarteimi
 
PPT
Representative Case Studies
bycliff27
 
PPTX
الجودة في التعليم التقني
byarteimi
 
PDF
EQAR workshop at the 4th European Quality Assurance Forum
byguest1279be
 
PPT
Exchange 2003ten Exchange 2010a GeçIş
byofficeblogu
 
PDF
UTILIZING COOPERATIVE LEARNING FOR IT GRADUATE STUDIES
byarteimi
 
DOC
Utilising learning styles
byarteimi
 
PPTX
De Ontdekkingen Van Schliemann
byxave88
 
DOC
Double transform contoor extraction
byarteimi
 
Identity Assertions Draftv5
bySalvatore D'Agostino
 
Alphabet
byguest0c0e54fa
 
rule refinement in inductive knowledge based systems
byarteimi
 
Askep cidera kepala
byForman Kurniawan
 
Ai in education2
byarteimi
 
FICAM Impact On Enterprise Architecture And Applications
bySalvatore D'Agostino
 
Industry best prototyping practices iab 24 april 2013
bySalvatore D'Agostino
 
Micro2440 Um 20090817
byasdfasdf1234000
 
NIST FIPS 201-2 Workshop SIA Perspectives on Standards and Testing
bySalvatore D'Agostino
 
Electronic publishing
byarteimi
 
Representative Case Studies
bycliff27
 
الجودة في التعليم التقني
byarteimi
 
EQAR workshop at the 4th European Quality Assurance Forum
byguest1279be
 
Exchange 2003ten Exchange 2010a GeçIş
byofficeblogu
 
UTILIZING COOPERATIVE LEARNING FOR IT GRADUATE STUDIES
byarteimi
 
Utilising learning styles
byarteimi
 
De Ontdekkingen Van Schliemann
byxave88
 
Double transform contoor extraction
byarteimi
 

Similar to Mobile Device Security

PDF
SN-Security Architecture for Mobile Computing and IoT
bySukumar Nayak
 
PPTX
Mobile Device Management.pptx
byPeterOwenje1
 
PDF
What Are Endpoint Devices_.presentation.pdf
byapurvar399
 
PPTX
Mobile Device Security
bynexxtep
 
DOCX
Wireless Security and Mobile DevicesChapter 12Princi.docx
byadolphoyonker
 
PPTX
Outside the Office: Mobile Security
byMcKonly & Asbury, LLP
 
PPTX
iPads on your network? Take Control with Unified Policy and Management
byCisco Mobility
 
PPT
4471_mobile_device_security_handout.ppt
byBalwinderKaur626266
 
PPTX
Provable Device Cybersecurity in Blockchain Transactions
byRivetz
 
PPTX
Isaca tech session 19 feb 2013 securing mobile devices rev
bySarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
PPTX
The intersection of cool mobility and corporate protection
byEnclaveSecurity
 
PPT
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
byIBM Danmark
 
PDF
Mobile Banking Channel Security - Cyber Security Conference 2011
byFilip Maertens
 
PPT
Mobile computing
byRighana
 
PDF
iScan Online - PCI DSS Mobile Task Force
byMAX Risk Intelligence by LOGICnow
 
PDF
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
byOKsystem
 
PPTX
Near Field Communication
bybdobles
 
PDF
SmartCard Forum 2010 - Secured Access for enterprise
byOKsystem
 
PPTX
Enterprise on the Go - Devon Winkworth, Snr. Principal Consultant, Layer 7 @ ...
byCA API Management
 
PDF
IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...
byAIP Foundation
 
SN-Security Architecture for Mobile Computing and IoT
bySukumar Nayak
 
Mobile Device Management.pptx
byPeterOwenje1
 
What Are Endpoint Devices_.presentation.pdf
byapurvar399
 
Mobile Device Security
bynexxtep
 
Wireless Security and Mobile DevicesChapter 12Princi.docx
byadolphoyonker
 
Outside the Office: Mobile Security
byMcKonly & Asbury, LLP
 
iPads on your network? Take Control with Unified Policy and Management
byCisco Mobility
 
4471_mobile_device_security_handout.ppt
byBalwinderKaur626266
 
Provable Device Cybersecurity in Blockchain Transactions
byRivetz
 
Isaca tech session 19 feb 2013 securing mobile devices rev
bySarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
The intersection of cool mobility and corporate protection
byEnclaveSecurity
 
Udløs potentialet i Enterprise Mobility, Vijay Dheap, IBM US
byIBM Danmark
 
Mobile Banking Channel Security - Cyber Security Conference 2011
byFilip Maertens
 
Mobile computing
byRighana
 
iScan Online - PCI DSS Mobile Task Force
byMAX Risk Intelligence by LOGICnow
 
Smart Cards & Devices Forum 2012 - Securing Cloud Computing
byOKsystem
 
Near Field Communication
bybdobles
 
SmartCard Forum 2010 - Secured Access for enterprise
byOKsystem
 
Enterprise on the Go - Devon Winkworth, Snr. Principal Consultant, Layer 7 @ ...
byCA API Management
 
IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...
byAIP Foundation
 

Mobile Device Security

  • 1.
    Mobile Device Security Protectingthe Edge of the Network CTST 2009 Salvatore D’Agostino IDmachines LLC
  • 2.
  • 3.
    What is amobile device? • Cell phone – NFC – Bluetooth – 802.11.x – 3G, 4G • Laptop • Rugged Devices • Media Players • Automobile, Aircraft • Thumb Drives • Smart Card
  • 4.
    Attack Vector(s) • Email – Attachments • MMS • SMS • Could be anything on thumb drive… • NIST SP-800-124
  • 5.
    Device Identity, AnotherTake on Convergence • Devices matters as much as individuals • Need to be treated in a very similar manner – Enrollment – Registration – Issuance – Activation – Lifecycle Management
  • 6.
    Can FIPS 201address devices? • Device certificates widely used • Provides single method of authentication: – Doors – Desktops – Devices • Network gear • Desktops and Servers • Mobile devices • Programmable Logic Controllers – Smart Grid
  • 7.
    Device Dilemma • Needto manage device security • Need to manage behavior of people that use it – Nearly half of people consider laptop their property • Often don’t have the expertise in the operating system (embedded) • Roaming issue • Now they can connect directly to the network – Not just the email server • Many vendors
  • 8.
    Mobile Device Applicationsand Solutions Expanding Rapidly • Out of band authentication – One Time Passwords Delivered to the Phone • Many vendors entering space – Verisign iPhone app – Battle.net mobile authenticator – Valimo – Payline – CORISECIO – Air France NFC boarding passes – A hundred more…..
  • 9.
    Simple Things toDo • Enable PINs and Passwords – Better if tied to x.509 digital certificate • Enable hard reset and data wipe for lost devices – PIN lockout with CAC • Lojack for phones – Ability to track lost devices • Encrypt data • http://csrc.nist.gov/publications/nistbul/Jan2009 _Cell-Phones-and-PDAs.pdf