Chapter 10 - Mobile and Embedded Device Security

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Screen Lock

-Lock screen prevents device from being used until the user enters the correct passcode. *Set screen to lock after a period of inactivity. - After a specific number of failed attempts to enter a passcode, additional security protection will occur: * Extend lockout period. * Reset to factory settings. Context-aware authentication involves a device that automatically unlocks and stays unlocked until a specific action occurs.

Mobile Application Management (MAM)

-The tools and services responsible for distributing and controlling access to apps. - Controlled apps through app wrapping. * Sets up a "dynamic" library of software routines and adds to an existing program to restrict parts of an app. - Using a MAM originally required the use of MDM as well.

Embedded system

A computer hardware and software contained within a larger system designed for a specific function.

Tethering

A mobile device with an active internet connection can be used to share that connection with other mobile devices through Bluetooth or wifi.

GPS tagging

- Adding geographical identification data to media. - Also called geo-tagging.

If device is stolen, security features include:

- Alarm --> Device can generate an alarm if it is on mute. - Last known location --> If battery is charged less than a specific percentage, device's last known location can be indicated on online map. - Locate --> Current location of the device can be pinpointed on a map through the device's GPS. - Remote lookout --> Mobile device can be remotely locked and a custom message sent that is displayed on the login screen. - Thief picture --> Thief who enters an incorrect passcode three times will have her picture taken through the device's on-board camera.

Bring your own device (BYOD)

- Allows users to use their own personal mobile devices for business purposes. - Employees have full responsibility for choosing and supporting the device.

MDMs can support

- Application whitelisting --> Ensures that only preapproved apps can run on the device. - Geo-frencing --> Uses the device's GPS to define geographical boundaries where the app can be used.

Mobile Device App Security

- Apps on the device should be secured also. - Apps can require the user provide authentication (such as a passcode) before access is granted.

Growing trend is to add ________ to devices that have never had computing power before.

- Capabilities. - These devices include: * Embedded systems and the Internet of things.

Data-in-transit

- Carriers build surveillance capabilities into their networks. - Allow law enforcement agencies to collect data-in-transit. - New mobile apps deliver over-the-top (OTT) content.

Web-based computer

- Contains a limited version of the Linux OS and a web browser. - Has an integrated media player. - Designed to be used while connected to the internet. - No traditional application can be installed. - No user files are stored locally. - Accesses web apps and saves user files on the internet.

Basic precautions against unauthorized recording involve:

- Do not use a webcam in any room where private activities take place. - Place a piece of electrical tape over the lens of a webcam when not in use.

Choose your own device

- Employees choose from a limited selection of approved devices but the employee pays the upfront cost of the device while business own contract. - Employees are offered a suite of choices that the company has approved for security, reliability, and durability.

Corporate owned, personally enabled (COPE)

- Employees choose from a selection of company approved devices. - Employees are supplied and device chosen and paid for by the company.

Examples of wearable technology

- Fitness trackers - Smart Watch * It can also serve as an accessory to a smartphone to view messages.

Portable computers

- Have similar hardware and run the same OS and application software found on a desktop computer. - Portable computers are smaller self-contained devices that can easily be transported from one location to another while operating on battery power.

Advantages to storage segmentation

- Helps companies avoid data ownership privacy issues and legal concerns regarding a user's personal data. - Allows companies to delete only business data when necessary without touching personal data.

Disable unused features

- It is important to disable unused features and turn off those that do not support the business use of the phone. - Should disable Bluetooth wireless data communication. * In order to prevent bluejacking and bluesnarfing.

To reduce the risk of theft or loss

- Keep the mobile device out of sight when traveling in high-risk area. - Always maintain awareness of your surroundings. - When holding the device, use both hands. - Do not use device on escalators or near train doors. - White or red headphone cords may indicate they are connected to an expensive device, so consider replacing cord. - If theft occurs, do not resist or chase the thief.

Benefits of the BYOD, COPE, and CYOD models

- Management flexibility. - Less oversight. - Cost savings. - Increased employee performance. - Simplified IT infrastructure. User benefits include: - Choice of devoice - Choice of carrier - Convenience

Feature phone

Is a traditional cellular phone with limited features, such as camera, MP3 music player, and the ability to send and receive short message service (SMS) text messages.

Mobile content management (MCM)

Is turned to provide content management to hundreds or even thousands of mobile devices used by employees in an enterprise.

Mobile devices with global positioning system (GPS) capabilities support:

Geolocation. - This is the process of identifying the geographical location of the device.

Significant loopholes in which mobile device data can be accessed through:

Data-in-transit and remote data-at-rest.

Wearable technology

Devices that can be worn by the user instead of carried.

Smartphones

Has all the tools that feature phone has but also includes an OS that allows it to run apps and access the Internet.

Storage segmentation

Separating business data from personal data.

Containerization

Separating storage into separate business and personal "containers" and managing each appropriately.

Smart phones are considered:

Personal computers because of their ability to run apps.

Multimedia messaging service (MMS)

Provides for pictures, video, or audio to be included in text messages.

If a device is lost or stolen cannot be located, it may be necessary to perform a ___________, which erases sensitive data stored on the device.

Remote wiping.

Strong Authentication

Restrict unauthorized users with a screen lock and require a strong passcode.

Quick Response (QR) codes

- Matrix or two-dimensional barcode which can be read by an imaging device. - Application for these codes include: * Product tracking. * Item identification. * Time tracking. * Document management. * General marketing. - An attacker can create an advertisement listing a reputable website but include a QR code that contains a malicious URL. * Code that directs a user's browser to the attacker's imposter website or to a site that downloads malware. - Users can circumvent built-in limitation on smartphones to download from an unofficial third-party app store (called sideloading). * This is called jailbreaking also on Apple iOS devices and rooting on android devices.

Examples of embedded systems

- Medical Devices - Aircraft - Vehicles - Industrial machines - Heating, ventilation, and air conditioning.

Security risks of mobile devices

- Mobile device vulnerabilities. - Connection vulnerabilities. - Accessing untrusted content. - Deployment model risks.

Tablets

- Portable computing devices generally larger than smartphones and smaller than notebooks. - Often classified as their screen size. - Generally lack a built-in keyboard. - Rely on a touch screen. - Primarily a display device with limited user input. - Most popular OSs for tablet are Apple iOS, Google Android, and Microsoft Windows.

Laptop

- Regarded as the earliest portable computer. - Have multiple hardware ports and may accommodate limited hardware upgrades.

Subnotebook computer

- Smaller than standard notebooks. - Use low-powered processors and solid state drives (SSDs). - Have both touch screen and a physical keyboard.

Notebook computers

- Smaller version of a laptop computer. - Typically weigh less than laptops and are small enough to fit inside a briefcase. - Designed to include only basic, frequently used features.

Mobile Device Management (MDM)

- Tools that allow a device to be managed remotely by an organization. - Usually involve: * Server component that sends out managed commands to mobile devices. * Client component to receive and implement the management commands. - An administrator can perform over the air (OTA) updates or configuration changes to one device.

Passcode

- Use a personal identification number (PIN). - Use a fingerprint "swipe" on a sensor to unlock the device. -Draw or swipe a specific pattern connecting dots to unlock the device.

Risk associated with enterprise deployment models

- Users may erase the installed build-in limitations on their mobile device, which disables the build-in security features.

Many mobile devices use

- Wi-Fi as the standard connectivity method. - Other devices it supports: * Cellular. * Satellite. * Infrared. * ANT - A proprietary wireless network technology used primarily by sensors for communicating data. * USB connections.

If a device is lost or stolen, several security features can be enabled to ______ the device or _____ the damage.

Locate, limit.

One-quarter of all laptops thefts

Occurred from unattended cars. - Or while traveling on airplanes and trains. - 15 percent occurred in airports and hotels. - 12 percent stolen from restaurants.

Shoulder surfing

Strangers who want to view sensitive information.

Mobile devices using location services are at increased risk of:

Targeted physical attacks. - Attackers can determine where users are and plan to steal the mobile device or inflict harm.

Short message service (SMS)

Text messages of a maximum of 160 characters.

Content management

Used to support the creation and editing/modification of digital content by multiple employees.


Set pelajaran terkait

Nutrition Consultant Exam Chp. 4-6

View Set

Pharmacokinetics and Pharmacodynamic Quiz

View Set

Computer Forensics Test 1 (Chapters 1) Review Guide

View Set

CH 22: Complications Occurring During Labor and Delivery

View Set

BUS 220: M13 - Organizational Structure & Change

View Set