Mobile Device Security- Part 1 PDF
Document Details
Uploaded by Deleted User
Tags
Related
- Mobile Device Management Concepts PDF
- EC-Council Certified Cybersecurity Technician Exam 212-82 Mobile Device Security PDF
- Mobile Device Security (Certified Cybersecurity Technician) Exam 212-82 PDF
- Chapter 12 - 05 - Mobile Security Management Solutions PDF
- Chapter 12 - 05 - Enterprise Mobile Security Management Solutions PDF
- EC Council Certified Cybersecurity Technician (CCT) Module 12-L PDF
Summary
This document covers the different methods of mobile device connection, including Wi-Fi, Bluetooth, and 5G Cellular technology. It also provides an overview of mobile device management (MDM) and its various functions, such as managing applications, content, and mobile email.
Full Transcript
Module 08 Mobile Device Security- Part1 Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited. Mobile Device Connection Methods (Cont’d)...
Module 08 Mobile Device Security- Part1 Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited. Mobile Device Connection Methods (Cont’d) 5G Cellular Bluetoot (Mobile) Wi-Fi h Communication It is a common It is a short-range, It is a broadband wireless high-speed, and low- cellular network technology used in power wireless that operates at high homes and office technology that enables bandwidth with low buildings to connect communication between latency and provides local devices devices connected high-speed data within the Bluetooth downloads range Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited. Mobile Device Connection Methods (Cont’d) It enables secure communication Point-to-point (P2P) between two mobile devices without data Connection encryption because they are connected through fixed paths without the interference of other devices Point-to- It allows one-to-many connections by multipoint Connection providing multiple paths from a single location to several other locations Radio-frequency It works on radio-frequency technology, Identification (RFID) which identifies a person or object using their tags (unique labels) Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited. Mobile Device Management (MDM) MDM provides platforms for over-the-air or wired distribution of applications, data and configuration settings for all types of mobile devices, including mobile phones, smartphones, tablet computers, etc. Mobile Application Mobile Content Context-aware Management A software Management that offers Authentication A software that is mostly used by It uses the contextual solutions to safeguard the IT admins to control and secure information of a user such as content or data on the organizational data. It offers geolocation, identity, and mobile devices. It provides features such as the remote behavior for enhancing data features to store and deliver activation or deactivation of security decisions data, offer the required devices, remote wiping in case of services, and permit theft or loss, etc. employees to access the organizational data remotely Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited. Mobile Device Management (MDM) (Cont’d) Mobile Security Mobile Email Management Management It offers secure access to It involves actions and organizational email precautionary steps for infrastructure and data on an securing the organizational employee’s mobile devices data and mobile devices used by employees Enterprise Mobility Remote Management Wipe It consists of tools and It is a technique used for technologies used in an securing and protecting data organization to secure the data from miscreants if a mobile in employees’ personal (BYOD) device used by an employee and organizational devices was lost. This feature allows the administrator to send a command that can erase all Copyright © by EC-Council. All Rights Reserved. Reproduction is the device data Strictly Prohibited. Mobile Device Management (MDM) (Cont’d) It is a feature in mobile devices that is used to Screen Lock secure data and prevent illegal access by perpetrators It protects private data of the employee Passwords and confidential information of the and PINs organization stored on a mobile device It is an advanced and unique security technology that utilizes an individual’s physical attributes Biometrics such as fingerprint, iris, face, voice, and behavior for verifying their identity It is a messaging feature that originates from Push a server and enables the delivery of data or a Notification message from an application to a mobile device Services without any explicit request from the user Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited. Mobile Device Management (MDM) (Cont’d) Full Device Geolocation It is a technology that Encryption It is a security feature can identify the real- that can encrypt all world geographical the information location of users or stored on any storage devices when medium within a mobile connected to the device Internet A geofence is a virtual Geofencing Containerization It is a technique in fence that is positioned which all personal and at a location and organizational data interacts with mobile are segregated on an users whenever they employee’s mobile cross the fence. device. It helps in This helps marketers improving the security gather sensitive data of organizational data and know about users’ offline activities from the Copyright © by EC-Council. All Rights Reserved. Reproduction is location data Strictly Prohibited. Mobile Use Approaches in Enterprise Organizations follow four types of approaches to grant permissions to employees to use mobile devices for business purposes. 1 2 BYOD (Bring COPE (Company Your Own Owned, Personally Device) Enabled) 3 4 COBO (Company CYOD (Choose Your Owned, Business Own Device) Only) Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited. Bring your own device (BYOD) refers to a policy that allows employees to bring their personal devices such as laptops, smartphones, and tablets to the workplace and use them for accessing the organizational resources based Bring on their access privileges Your Own The BYOD policy allows employees to use the devices that they are comfortable with and best fits their preferences Device and work purposes (BYOD) BYOD Benefits Increased Work 1 productivity 3 flexibility Employee Lower 2 satisfaction 4 costs Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited. BYOD Policy Implementation Decide how to Define the manage the requireme 1 2 employee devices nts and their data access Develop 3 policies Suppo rt 5 Securi 4 ty Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited. Choose Your Own Device (CYOD) Choose Your Own Device (CYOD) refers to a policy that allows employees to select devices such as laptops, smartphones, and tablets from the list of devices approved by the company. The company purchases the selected device, and the employees use it for accessing the organizational resources according to their access privileges CYOD Benefits Streamline device Devices compatible with the 1 options company security policy 3 Employee satisfaction with Lower cost compared to 2 company’s control COPE 4 Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited. CYOD Policy Implementation Define approved set of 1 devices Allow employees to select a device from 2 the approved set of devices and build a technology portfolio Develop 3 policies 4 Security 5 Support Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited. Corporate Owned, Personally Enabled (COPE) Corporate Owned, Personally Enabled (COPE) refers to a policy that allows employees to use and manage the devices purchased by the organization COPE Benefits 1 2 3 4 Greater Retains Less Prevents control and ownership of expensive employee from authority to the devices than BOYD carrying multiple the devices (phones) organization Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited. COPE Policy Implementation 1 2 3 Purchase Allow employees Develop computing to work with the policies resources and company-owned devices device (including personal work) and build a technology portfolio 4 5 Securi Supp ty ort Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited. Company Owned, Business Only (COBO) Company Owned, Business Only (COBO) refers to a policy that allows employees to use and manage the devices purchased by the organization but restrict their usage for business purposes only COBO Benefits Full control and Prevents data 1 leakage 2 authority to the organization Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited. Risk Associated with BYOD, CYOD, COPE, and COBO Sharing confidential Lost or stolen 1 data on unsecured devices 6 OPTION 01 networks Data leakage and Lack of 2 endpoint security awareness 7 OPTION 01 issues Ability to bypass the Improperly disposing of 3 devices network policy rules of 8 OPTION 01 the organization Supporting various Infrastructure 4 devices issues 9 OPTION 01 Disgruntled 5 Mixing personal and private data employees 10 OPTION 01 Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.
