EC Council Certified Cybersecurity Technician (CCT) Module 12-L PDF
Document Details
Uploaded by SimplerAloe
Emmanuel Ayama
Tags
Related
- Mobile Device Management Concepts PDF
- Chapter 12 - 05 - Mobile Security Management Solutions PDF
- EC-Council Certified Cybersecurity Technician Exam 212-82 Mobile Device Security PDF
- Mobile Device Security (Certified Cybersecurity Technician) Exam 212-82 PDF
- Chapter 12 - 05 - Mobile Security Management Solutions PDF
- Chapter 12 - 05 - Enterprise Mobile Security Management Solutions PDF
Summary
This document provides a detailed overview of mobile device security, discussing various connection methods, management concepts, and common policies in enterprise settings. It further covers risks, best practices, and security management solutions. The focus is on practical aspects of security, not necessarily on past paper or exam questions.
Full Transcript
WITH @CDR AYAM MODULE 12 Mobile Device Security Understanding Various Mobile Device Connection Methods Understanding the Concepts of Mobile Device Management Understanding Common Mobile Usage Polici...
WITH @CDR AYAM MODULE 12 Mobile Device Security Understanding Various Mobile Device Connection Methods Understanding the Concepts of Mobile Device Management Understanding Common Mobile Usage Policies in Enterprises Understand the Security Risks and Guidelines Associated with Enterprises Mobile Usage Policies Understanding Enterprise-level Mobile Security Management Solutions Understanding General Security Guidelines and Best Practices for Mobile Platforms EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Mobile Device Connection Methods 1. Near-field communication (NFC): NFC covers very short distances using RFID technology. It employs electromagnetic induction to enable communication between devices connected within a range of 10 cm. The NFC chip embedded within a mobile device can read RFID tags and also be used to establish Bluetooth connections with nearby devices to exchange information such as images and contact lists. Although it allows a very narrow communication range, an attacker with a specialized antenna can intercept and capture the data by jamming the traffic. This security issue may result from the improper configuration of NFC and non-encrypted data transmission. An attacker may craft and send malicious RFID tags, forcing the mobile user to visit a fake website in the browser. Furthermore, an attacker may perform a DoS attack by creating enormous RF signals to corrupt the NFC data being transmitted in that area. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Mobile Device Connection Methods 2. Satellite communication (Satcom): Satcom is an artificial geostationary satellite that provides services across the globe, but it is much slower and more expensive than other technologies. There are many technologies that utilize satellite technology; some employ a connection to geostationary satellites, while others connect to satellites that revolve around the Earth in a low orbit, through which voice and data can be transmitted. The technology also has security concerns such as remote code execution and OS vulnerabilities. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Mobile Device Connection Methods 3. Cellular communication: Cellular communication is based on a single network tower that serves devices located within a specific radius. They are installed in urban, suburban, and rural areas and cover a large distance. Mobile devices contain built-in antennas, which enable the device to communicate via a cellular network. Security concerns with cellular networks include location tracking, exploiting SS7 vulnerability, traffic monitoring, denial-of-service (DoS) attacks, channel jamming attacks, and illegitimate access.. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Mobile Device Connection Methods 4. Cellular communication: Cellular communication is based on a single network tower that serves devices located within a specific radius. They are installed in urban, suburban, and rural areas and cover a large distance. Mobile devices contain built-in antennas, which enable the device to communicate via a cellular network. Security concerns with cellular networks include location tracking, exploiting SS7 vulnerability, traffic monitoring, denial-of-service (DoS) attacks, channel jamming attacks, and illegitimate access. 5. ANT: ANT is a wireless sensor protocol that enables communication between sensors and their controllers. This technology is used in Internet of Things (IoT) devices such as heart-rate or fitness monitoring equipment. It is not a Bluetooth or 802.11 wireless technology and has its own set of protocols developed for low- powered devices. It is susceptible to DoS or jamming attacks, and attackers can capture data in transit. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM. MODULE 12 Mobile Device Security Mobile Device Connection Methods 6. Universal Serial Bus (USB): USB enables wired communication for devices. It can be used for power supply and serial data transmission between devices. It is also designed to enable hot- swapping and improve plug-and-play features. USB ports are commonly used in mobile devices for both data transmission and power supply. It is relatively more secure than other connection methods, but disgruntled employees can use a USB device to exfiltrate data from the organization’s local network. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Mobile Device Connection Methods 6. Global Positioning System (GPS): GPS is a radio navigation and positioning system based on satellite communication. It provides information related to geolocation and timing irrespective of weather conditions on the Earth. Devices do not need to pass any data to satellites to establish a GPS connection; they only need to receive the signals from four or more satellites out of 28 to estimate their location. As the initial position fixing is slow with GPS, smart devices use assisted GPS (A-GPS), which uses external data sources for improved position fixing and faster location tracing. Security concerns with this technology include the fact that GPS signals can be intercepted and tampered with using specially designed GPS jammers. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Mobile Device Connection Methods 7. Infrared (IR): IR is a wireless technology for transferring data between two devices in the digital form within a short range of up to 5 m. It works only when there is no physical blockage or obstacle between the two devices. It is a type of networking feature integrated within devices such as tablets and smartphones that allows them to manage IR devices. It can also be used to transfer files between devices. Any device with IR accessibility can be managed using the IR feature of a mobile device. Furthermore, IR is used in modern wearable technology to enable devices to emulate the features of a remote control to operate devices such as smart TVs and detect health information such as oxygen levels. IR can also be used to perform IR therapy for treating chronic and acute pains. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Mobile Device Connection Methods 8. Wi-Fi: A Wi-Fi network connects devices within a limited (Wi-Fi enabled) area with high bandwidth. It covers a shorter distance than a cellular network and is a common wireless technology used in homes and office buildings to connect local devices. Furthermore, a mobile device can share its Internet service with other devices by using the hotspot tethering feature based on Wi-Fi technology. If clients do not use an encrypted channel or the channel does not use an appropriate protocol, then the clients can be targeted by main-in-the-middle (MITM) attacks, through which attackers can sniff the traffic between two communicating devices. As the technology uses a set of 5 or 2.5 GHz frequencies, it can also be vulnerable to DoS attacks and frequency interferences. Wi-Fi Direct is another Wi-Fi feature that enables peer-to-peer communication without any mediator such as router, but one of the connected devices in Wi-Fi Direct communication serves as a soft access point. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Mobile Device Connection Methods 9. Bluetooth: Bluetooth technology covers a longer distance than NFC. It is a short-range, high- speed, and low-power wireless technology that enables communication between devices connected within the Bluetooth range. When a device enables a Bluetooth connection, it sends “pairing” requests to a certain number of devices located within range, following which the corresponding device pairs with it using the device name and ID. It is mostly used in personal area networks (PANs). Conventional Bluetooth has a low data transfer rate. Therefore, with modern Wi-Fi technology, Wi-Fi connections are preferred for faster data transmission. Security concerns with Bluetooth technology include interception, eavesdropping, DoS attacks, transmission of viruses or worms, Bluesnarfing, and Bluejacking. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Mobile Device Connection Methods 10. 5G cellular (mobile) communication: 5G or fifth-generation communication technology is a broadband cellular network that operates at high bandwidth with low latency and provides high- speed data downloads. Some of the applications of 5G include the automobile industry, public safety, and fixed wireless access. The technology is designed to support IoT devices. Security concerns with this technology are associated with its management complexity. Attackers may attempt to take advantage of the increased number of devices connected to a 5G network to compromise and use them as botnets to paralyze the network through DDoS attacks. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Mobile Device Connection Methods 11. Point-to-point (P2P) connection: A P2P connection enables secure communication between two mobile devices without data encryption because they are connected through fixed paths without the interference of other devices. For example, in a scenario of mobile communication between two people, only the concerned device can hear the voice from the dialed device. Routing devices can also use this method to connect with each other by adopting the over-the-air encryption technique, which reduces the risk of eavesdropping. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Mobile Device Connection Methods 12. Point-to-Multipoint Connection: A point-to-multipoint (P2MP, PTMP, and PMP) connection allows one-to-many connections by providing multiple paths from a single location to several other locations. In this connection method, a central antenna broadcasts signals to multiple receiving antennas and devices through either time-division multiplexing (TDM) or frequency-division multiplexing (FDM) for bidirectional data transmission. One technology that uses PMP connections is Bluetooth, which can use the PMP method to connect one device with multiple devices such as headphones and media players. This type of connection does not provide high security or privacy, because the communication channel is broadcasted and shared. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Mobile Device Connection Methods 13. Radio-frequency identification (RFID): RFID works on the basis of radio-frequency technology, which identifies a person or object using their tags (unique labels). The tagging range can vary from a few centimeters to meters. RFID operates in the low-frequency (LF), high-frequency (HF), and ultra-high-frequency (UHF) bands. HF-RFID with a mobile device operates via servers by providing data history, data persistence, and data management. If the reader is located within the range of the tag, it generates an electromagnetic wave that activates the tag, thereby allowing the reader to gather information. RFID systems can be susceptible to attacks such as power analysis, reverse engineering, replay attacks, spoofing, sniffing, DoS, and cloning. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Mobile Device Connection Methods 12. Point-to-Multipoint Connection: A point-to-multipoint (P2MP, PTMP, and PMP) connection allows one-to-many connections by providing multiple paths from a single location to several other locations. In this connection method, a central antenna broadcasts signals to multiple receiving antennas and devices through either time-division multiplexing (TDM) or frequency-division multiplexing (FDM) for bidirectional data transmission. One technology that uses PMP connections is Bluetooth, which can use the PMP method to connect one device with multiple devices such as headphones and media players. This type of connection does not provide high security or privacy, because the communication channel is broadcasted and shared. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Features & Concepts of Mobile Device Management Mobile Application Management (MAM) Mobile Content Management (MCM) Mobile application management (MAM) is software that is Mobile content management (MCM) is software that mostly used by IT admins to control and secure forms a part of mobile device management (MDM). organizational data. MCM offers solutions to safeguard the content or data MAM offers features such as the remote activation or on the mobile devices used in an organization. deactivation of devices, device registration in the organization, and remote wiping in case of theft or loss. It provides features to store and deliver data, offer the required services, and permit employees to access the These features are suitable for mobile devices that are organizational data remotely and at any time used only for organizational purposes by the employees. necessary. For mobile devices that are used for both work and MCM ensures that unauthorized data access is personal use, IT admins can implement and apply privacy restricted or blocked, thereby protecting the policies on mobile applications by limiting organizational confidential data of the organization. It oversees data sharing. They can also enable the partitioning of the critical data management, access to work documents, applications used in the organization and personal data on email management, and digital asset management. the same mobile devices. It can also encrypt confidential data and use any strong MAM features also include software or application password technique for data transmission and data distribution to employees, license management, data storage. encryption, configuration, and inventory management. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Features & Concepts of Mobile Device Management Context-aware Authentication Mobile Email Management (MEM) Context-aware authentication is a type of Mobile email management (MEM) offers secure enhanced security technique that uses the access to organizational email infrastructure contextual information of a user such as and data on an employee’s mobile devices. geolocation, identity, and behavior for enhancing data security decisions. It helps in the remote pre-configuration and It also uses the data about the user, requests pre-set up of organizational email accounts for made, connection, and location. employees. All this data help in preventing malicious users MEM can enforce compliance and thwart from accessing the organizational data. unauthorized access by allowing only approved This technique also allows employees to access the and authorized devices and applications to organizational network within the office perimeter access the email. and denies access when a device is connected to a public Wi-Fi network. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Features & Concepts of Mobile Device Management Enterprise Mobility Management (EMM) Remote Wipe Enterprise mobility management (EMM) consists of Remote wipe is a technique used for securing tools and technologies used in an organization to and protecting data from miscreants if a mobile secure the data in employees’ personal (BYOD) and device used by an employee was stolen or lost. organizational devices. This feature allows the device owner or the EMM acts as a comprehensive solution responsible organization’s administrator to send a for MDM, MAM, MTM, MCM, and MEM. It command that can delete or erase all the safeguards the enterprise data accessed and used device data. by employee mobile devices. This helps prevent perpetrators from EMM can increase employee productivity as the IT compromising sensitive personal data or admin can configure applications remotely and confidential organizational assets. provide data access to employees EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Features & Concepts of Mobile Device Management Screen lock Passwords and PINs Screen lock is a feature in mobile devices that is Passwords and PINs are basic security features used to secure data and prevent illegal access by used in all mobile devices. Using a secure PIN perpetrators. and complex password can protect private data of the employee and confidential information Enabling screen lock in a mobile device can prevent of the organization stored on a mobile device. access to private data in the mobile device even if it was lost or stolen. A password or PIN acts as a simple but effective defense to safeguard the data from being Screen lock can be set in a mobile device by using accessed by any malicious user. protection techniques such as a password, face lock, fingerprint lock, pattern, or PIN. A PIN consists of a sequence of numbers, without any letters or special characters. Unlocking the screen involves a set of actions that needs to be performed correctly, failing which the In contrast, a password comprises uppercase device can lock out after a certain number of and lowercase letters, numerals, and special unsuccessful attempts. characters and are usually lengthier than a PIN. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Features & Concepts of Mobile Device Management Biometrics Push-notification Service Biometrics is an advanced and unique security A push-notification service is a messaging technology that utilizes an individual’s physical feature that originates from a server and attributes such as fingerprint, iris, face, voice, and enables the delivery of data or messages from behavior for verifying their identity. an application to a mobile device without any explicit request from the user. These data are stored in a database, and whenever It is a great marketing tool for maintaining the mobile device needs to be accessed, the user- contact with users. This service does not provided data are compared with the stored data; require any application to be opened for access is allowed only if there is a match. receiving the notification, and the text message in the notification will be displayed on the Biometrics can be used to authenticate a user very mobile device, even if the application is closed easily, quickly, and securely. It also prevents the or the screen is locked. need for remembering complex passwords. The mobile user has the option of enabling or disabling push notifications. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Features & Concepts of Mobile Device Management Mobile Security Management Features Mobile Security Management Mobile security management involves actions and 1. Generates separate logical containers on mobile precautionary steps for securing the organizational devices to prevent private apps from accessing data and mobile devices used by employees. the organization’s data It can protect the organization’s network access, 2. Employs strong passcode techniques to restrict helps in device and application security, and third-party access enables secure access to the organization’s emails. 3. Automates updates of the devices and OS with the latest security patches 4. Blacklists malicious applications 5. Executes commands on lost mobile devices remotely 6. Configures a VPN specifically for the organization’s data, resources, and application EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Features & Concepts of Mobile Device Management Containerization Full Disk Encryption Containerization is a technique in which all Full disk encryption is a security feature that can personal and organizational data are segregated on encrypt all the information stored on any storage medium within a mobile device. an employee’s mobile device. This technique encodes the user’s information With the increasing adoption of BYOD policies, stored on the mobile device by using an encryption key. It is useful for automatically encrypting data, using this technique substantially helps in which can be decrypted using the key. improving the security of organizational data. It employs encryption algorithms such as the 128-bit Advanced Encryption Standard (AES) with cipher- It also improves productivity and enables the easy block chaining (CBC). Mobile devices also support use of company resources and applications. data encryption at different levels. These applications do not have any control of or One encryption technique is to encrypt all user- related data with a key that is stored on the device. communication with the private applications or This technique is useful at the time of data wiping. data of the employees as they exist outside the The mobile device deletes the key permanently and makes the data inaccessible to a third person. container. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Features & Concepts of Mobile Device Management Geolocation Geofencing Geolocation is a technology that can identify the real- Geofencing is a technique through which mobile- world geographical location of users or devices when application marketers utilize the location of the user connected to the Internet. to gather information. This technique can determine how close the user’s mobile device is to an exact It works on mobile devices through the GPS system and location by using the GPS feature. is accurate to the level of approximately one foot. A geofence is a virtual fence that is positioned at a Deploying geolocation in applications helps marketers in static location and interacts with mobile users that implementing their business and marketing techniques cross the fence. easily. Geofencing helps marketers gather sensitive data Geolocation is also famous for offering a rich user and information about users’ offline activities from experience for navigation through maps and for tracking the location data. people, devices, or vehicles having the GPS feature. Geofencing uses cellular triangulation for locating a Geolocation is also used in weather forecasting. user’s device with an accuracy level of 50–50,000 m. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Features & Concepts of Mobile Device Management Over-the-air (OTA) Over-the-air (OTA) updating is a new method of delivering updates for applications, firmware, and time-zone rules, as well as any other essential data, to a mobile device. This method is used in many tasks such as configuring IoT devices, updating SIM cards, and updating software in electric cars. The manufacturers of mobile devices are introducing OTA technology to update the operating system (OS) and default apps in the device without interfering with the applications downloaded from Google Play Store or any other app store. For iOS devices, the OTA feature was introduced in the iOS 5.0.1 update. Previously, all updates to iPhones were performed by connecting to a computer and updating through iTunes. The main feature of OTA updates is that one updated device can send updates to all other devices in the network. However, OTA technology has vulnerabilities that may allow attackers to place an evil base station in a particular area and perform various attacks such as MITM and exploit device firmware. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Corporate Owned, Personally Enabled (COPE) Overview of COPE Corporate Owned, Personally Enabled (COPE) refers to a policy that allows employees to use and manage the devices purchased by the organizations. The devices include laptops, notebooks, smartphones, tablets, and/or software services. Larger enterprises are more likely to employ the COPE model. COPE is a lesser expensive option than BYOD because the companies buy devices at a lower cost than the retail price. COPE reduces the risks associated with BYOD by implementing stringent policies and protecting devices. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Corporate Owned, Personally Enabled (COPE) Advantages of COPE Disadvantages of COPE 1. Work or life balance on a single device 1. Need to purchase devices 2. Fewer security concerns than BYOD and CYOD 2. Monitoring policies must be established 3. Personal apps 3. Business is completely responsible for 4. Enhanced control and authority over devices keeping up with the latest technologies 5. Prevents employees from carrying two phones 4. Potential for productivity issues owing to less 6. Retains ownership of devices user freedom 7. Less expensive than BOYD 5. Slowest deployment timeframe 8. Enables organizations to freely install management software and/or integrate devices in MDM systems 9. Helps in solving regulatory and legal issues associated with deleting data on lost/stolen mobile devices EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security COPE Policy Implementation Purchase computing resources and devices: The organization purchases preapproved devices from vendors based on their centrally designed plan. Allow employees to work with company-owned devices and build a technology portfolio: These organization- owned devices allow employees to have COBO’s conservatism and BYOD’s freedom. The devices are designed for both office and personal works. Develop policies: Ensure that the employees completely understand and sign-off on the policy related to them leaving the company. Decide whether the employees will be allowed to procure or retain the device after leaving the company and create a procedure for removing all corporate data and assets from the device. Security: To ensure device security, organizations apply security controls, restrict certain features to secure from malware and data leaks, and monitor devices for data breaches or jailbreaking. Support: Deploy expertise solutions (dedicated helpdesk that knows the policies and needs of the organization) to speedily resolve any mobility issues. They should address following; 1 Device troubleshooting 2 Service troubleshooting 3 Activating devices EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Company Owned, Business Only (COBO) Company Owned, Business Only (COBO) refers to a policy that allows employees to use and manage the devices purchased by the organization but restrict the use of the device for business use only. COBO is used to describe a device that runs a single application. For example, An inventory system with an embedded barcode scanner. Blackberry is the best example of devices used in a COBO environment. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Company Owned, Business Only (COBO) Advantages of COBO Disadvantages of COB0 1. The company retains full control over all apps 1. High purchase cost for devices. on the device and its data. 2. Employees do not really enjoy working with 2. A uniform system landscape is adhered to at least two devices in their pockets. because the organization purchases the device. 3. Prevents data leakage. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security COPO Policy Implementation Prohibit personal use of devices: Enterprises prohibit the use of mobile devices as a part of their designing policy based on the COBO approach. Allow employees to work with devices running single application and build a technology portfolio: Enterprises allow employees to work with a device that runs a single application; for example, an inventory system with an embedded barcode scanner. Otherwise, they can allow the use of smartphones with prohibited personal use. Develop policies: Ensure that the mobile device management (MDM) and mobile application management (MAM) solutions fully meet the requirements of the company’s concept. Security: 1 Ensure fully locked down devices to maintain control over granular policies and control the device usage 2 Prevent app downloads Support: Deploy expertise systems (dedicated helpdesk that knows the policies and needs of the organization) to speedily resolve any mobility issues. They should address 1 Device troubleshooting 2 Service troubleshooting 3 Activating devices 4 Deactivating devices 5 Managing service requests EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Risk Associated with BYOD, CYOD, COPE, and COBO 1. Sharing confidential data on an unsecured network: Employees might access corporate data via a public network. These connections may not be encrypted and sharing confidential data via an unsecured network may lead to data leakage. 2. Data leakage and endpoint security issues: In this cloud-computing era, mobile devices are insecure endpoints with cloud connectivity. By synchronizing with organizational email or other apps, these mobile devices carry confidential information. If a device is lost, it could potentially expose all corporate data. 3. Improperly disposing of devices: An improperly disposed of device could contain a wealth of information such as financial information, credit card details, contact numbers, and corporate data. Therefore, it is important to ensure that devices do not contain any data before they are disposed or passed on to others. 4. Support of many different devices: Organizations allow employees to access their resources from anywhere in the world, thereby enhancing productivity and driving employee satisfaction. Support for different devices and processes can increase the cost. Employee-owned devices have limited security that operate on different platforms. This deters the capabilities of the IT department to manage and control devices in a company. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Risk Associated with BYOD, CYOD, COPE, and COBO 5. Mixing personal and private data: Control over isolating business use from personal use is difficult. For example, managing employees that shop on compromised websites, use public Wi-Fi connections, or given their device to others. 6. Lost or stolen devices: Owing to their small size, mobile devices are often lost or stolen. When an employee loses their mobile device that is used for both personal and official purposes, the organization might face a security risk because the corporate data on the lost device may be compromised. 7. Lack of awareness: Failing to educate employees regarding these policy and security issues may compromise the corporate data stored in mobile devices. 8. Ability to bypass organizational network policy rules: According to requirements, the policies imposed may differ for wired and wireless networks. The devices connected to wireless networks can bypass the network policies enforced only on wired LANs. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Risk Associated with BYOD, CYOD, COPE, and COBO 9. Infrastructure issues: These policies involve dealing with various platforms and technologies. Not all employees carry the same device. Different devices, each running different OSes and programs, have security loopholes. This can be problematic for an IT department to set up and maintain an infrastructure that supports the requirements of different devices such as managing data, security, back up, and compatibility among devices. 10. Disgruntled employees: Disgruntled employees in an organization can misuse the corporate data stored on their mobile devices. They may also leak sensitive information to competitors. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Mobile Device Management (MDM) Mobile device management (MDM) is gaining Features of MDM Solutions significant importance with the adoption of policies such as BYOD across organizations. The increase in Security Management different types of mobile devices such as smartphones, Device Configuration Management laptops, and tablets has made it difficult for enterprises to make policies and manage the devices securely. Device Inventory and Tracking MDM is a policy that helps in managing devices carefully while reducing support costs, mitigating Over-the-Air Application Distribution security risks, and reducing business discontinuity. Enterprise Policy Management e.g. (Password Enforcement and Data Encryption Enforcement) Mobile device management (MDM) solutions are used to deploy, secure, monitor, and manage company and Enterprise Network Integration employee-owned devices. Network defenders use the MDM server management console to remotely Remote Data Wipe configure the MDM agents installed on the devices. Blacklisting/Whitelisting Apps and Devices EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Mobile Application Management Solutions Mobile application management (MAM) software and Common features provided by MAM Solutions: services enable an organization to secure, manage, and distribute enterprise applications on user mobile Device activation devices, without interfering with personal apps and data. Enrollment and provisioning capabilities Enterprise Application Management allows removing the Remote wipe and other device-level access to a particular application for employees who left functionalities the organization. Remote management does not require MAM can be applied to company-owned mobile devices possession of the device and BYOD. Need minimal admin intervention and zero user It also enables the separation of enterprise apps and action. data from personal content on the same device. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Services provided by Enterprise Application Management (MAM) Application delivery (enterprise app store) Crash log reporting Software Licensing User and group access control Application configuration App version management Application authorization Push services Application usage tracking Reporting and tracking Application lifecycle management Usage analytics Application updating Event management Application performance monitoring App wrapping User authentication EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Mobile Content Management (MCM) or Mobile Information Management (MIM) Mobile content management (MCM) or mobile information Examples of MCM Solutions: management (MIM) solutions provide secure access to corporate data (documents, spreadsheets, email, schedules, Vaultize (https://www.vaultize.com) presentations, and other enterprise data) on mobile devices MobileIron (https://www.mobileiron.com) across the organizational networks without compromising with the speed. AppTec360° (https://www.apptec360.com) They enable easy and secure sharing of content between devices within an enterprise. File storage and file sharing services are the two main components of MCM solutions. MCM involves encrypting important information and allowing accessing, transmitting, or storing important information on only authorized apps using strong password protection policies. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security Mobile Content Management (MCM) or Mobile Information Management (MIM) Enables: Multi-channel content delivery capabilities that feature the management of a central content repository while delivering the content to devices simultaneously. Content access control: Access control to content includes 1 Authorization 2 Authentication 3 Access approval to content 4 Download control 5 Wipe-out for specific users 6 Time-specific access Specialized templating system: There are two approaches for adapting to mobile CMS templates. a. Multi-client approach allows to view different versions of a site on the same domain and presents suitable templates based on the devices used by clients for viewing the website. b. Multi-site approach displays mobile sites on a targeted sub-domain. Location-based content delivery provides content to mobile devices based on their current physical location. EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security UEM Components CMT: CMT provides IT infrastructure to ensure the efficient working of mobile enterprises while enhancing the service to end users. MDM: MDM provides a foundation for UEM solutions by allowing the IT team to; 1 Secure corporate email 2 Certificate-based security 3 Automatic device configuration 4 Allow employees to be productive on the mobile devices they like to use 5 Wipe enterprise data from mobile devices selectively without interfering with personal data 6 Secure and manage mobile devices across multiple OSes (Android, iOS, macOS, and Windows 10) MAM: MAM provides IT infrastructure to; 1 Protect applications on any device 2 Create and manage an enterprise app store 3 Provide authentication for end users on a device 4 Separate business and personal apps on mobile devices MCM: MCM provides IT infrastructure to 1 Encrypt email attachments 2 Establish DLP controls to secure corporate content 3 Secure corporate data distribution to mobile devices by applying content level policies (device-independent encryption keys, authentication, and file sharing) EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM MODULE 12 Mobile Device Security EC-COUNCIL CCT: CERTIFIED CYBERSECURITY TECHNICIAN BY EMMANUEL AYAMBA @CDR AYAM
