SlideShare una empresa de Scribd logo

Top 10 Things to Secure on iOS and Android to Protect Corporate Information

Descargar como PPTX, PDF
Lumension
Lumension

This document discusses how to secure corporate information on iOS and Android devices. It outlines 9 key areas to focus on: 1) unattended device control 2) password complexity 3) encryption 4) remote lock 5) remote wipe 6) detection of jailbroken/rooted devices 7) hardware/software inventory 8) restricting device features 9) using policies to enable desired features. For each area, it describes considerations and options for securing iOS and Android devices. It emphasizes the importance of device health monitoring, password/encryption enforcement, remote wipe capabilities, and using mobile device management software to consistently manage mobile endpoints.

Tecnología
1 de 18
Sponsored by Top 8Things toSecure on iOS andAndroid to Protect Corporate Information © 2013 Monterey Technology Group Inc.
Thanks to © 2013 Monterey Technology Group Inc. www.Lumension.com
Preview of Key Points 1. Unattended control 2. Password complexity 3. Encryption 4. Remote lock 5. Remote wipe 6. Jailbroken/rooted detection 7. Hardware/software inventory 8. Device feature restrictions 9. The Carrot
RealityCheck  Biggest risk  Lost and stolen devices  Legal issue  BYOD with MDM
1 Unattended control (akaPIN/Password) iOS  Options  PIN  Password  Touch ID  When to kick in  Single threshold  Brute force defense  Optional erase after 10 entries  Increasing delay Android  Options  PIN  Password  Pattern  Face  When to kick in  More sophisticated  Brute force defense  Optional erase after X entries  Increasing delay  Auto account wipe
2 Password complexity iOS  Allow simple value  Require alphanumeric value  Minimum passcode length  Minimum number of complex characters  Maximum passcode age  Passcode history  Auto-lock timeout  Grace period for device lock  Maximum number of failed attempts  AllowTouch ID Android  Password enabled  Minimum password length  Alphanumeric password required  Complex password required  Minimum letters required in password  Minimum lowercase letters required in password  Minimum non-letter characters required in password  Minimum numerical digits required in password  Minimum symbols required in password  Minimum uppercase letters required in password  Password expiration timeout  Password history restriction  Maximum failed password attempts  Maximum inactivity time lock
3 Encryption iOS  This is complicated  2 levels or encryption  First level encrypts all storage  But only for purpose of quickly wiping – doesn’t protect data  2nd level encrypts data of supporting applications  Such as email  Unclear whether jailbreaking can defeat encryption Android  Based on tried and tested Linux dm-crypt  Encryption ultimately based on passcode  Only encrypts /data partition  Some devices offer SD card encryption This is not your PC’s BitLocker
4 Remote lock iOS  Protect lost phones in hopes of recovering  Unlikely to defend against jailbreaking Android  Same purpose  Unclear how secure
5 Remote wipe iOS  Wipes encryption key used to encrypted entire device  Fast and effective  To defeat, must jailbreak before wipe instruction received Android  Does a fast erase and not a secure erase of the SD card
6 Jailbroken/ rooted detection iOS  Important to detect because jailbroken devices can run software from any source Android  Rooted  Unlocked boot loader  Custom recovery  USB debugging enabled (allows ADB)
7 Hardware/ software inventory Health iOS  Important because different devices have different vulnerabilities and jailbreak options Android  Important because different devices have different vulnerabilities and security compliance  Android security features vary by version  But more importantly by brand because of fragmentation  Encryption fails on multi- user devices
8 Device feature restrictions iOS  App installs, camera use, screen capture, iTunes store usage, in app purchases  Force encrypted backups  JavaScript  AllowTouch ID  Supervised restrictions  Other store usage, allow app removal Android  Require storage encryption  Disable camera
9 TheCarrot iOS  WiFi configuration  Exchange configuration Android  WiFi configuration  Exchange configuration
Bottom line  Key requirements  Stay up on device health and inventory  Enforce password and encryption  Discourage older devices  Remote wipe  Hone procedure  Use carrots  Mobile Device Management  Another security solution to manage?  Mobile devices are just another type of endpoint  Manage iOS and Android devices along withWindows endpoints on the same pane of glass
L.E.M.S.S. Mobile Device Management 17 June 2014 Dee Liebenstein Vice President Product Management
Unifies workflows and technologies to deliver enhanced capabilities in the management of endpoint operations, security and compliance Lumension Platform Benefits 16 Endpoint Operations Endpoint Security Device Control Asset Management Software Management Power Management Configuration Management Mobile Device Management Reporting Data Encryption Antivirus/Spyware Patch Management Application Control Firewall Management Mobile Devices Desktops Laptops Servers
Lumension MDM Capabilities Overview 17 L.E.M.S.S. Integration Device Management Device & Data Security Integrated Management iOS / Android Enrollment via App Remote Lock Localized Console & Apps AD Authentication Remote Wipe Per-device Licensing Device Administration (Delete/Disable/Offline) Password Enablement (Enforcement / Clearing) Role-based Access Control (RBAC) Check-in Interval: Configurable and On-Demand Password Complexity Configuration Manage Mobile Endpoints Hardware Inventory Device Encryption Enforcement iOS and Android Support Managed Devices Dashboard / Reporting Device Feature Restrictions Consistent Policy Workflow Root/Jailbreak Detection (Device Health) Exchange Configuration (iOS) Over the Air Management Action Traceability Wi-Fi Configuration
Free Device Scanner tool – discover all the devices being used in your network ~/Resources/Security-Tools More on BYOD issues and solutions in the Lumension Optimal Security blog at blog.lumension.com/tag/byod More Information at www.lumension.com 1 8 More information on the Lumension MDM at ~/mobile-device-management-software Get the 2013 BYOD Survey Report at ~/more-info/BYOD-and-Mobile-Security

Recomendados

2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide
Lumension
 
2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary Results2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary Results
Lumension
 
2014 Ultimate Buyers Guide to Endpoint Security Solutions
2014 Ultimate Buyers Guide to Endpoint Security Solutions2014 Ultimate Buyers Guide to Endpoint Security Solutions
2014 Ultimate Buyers Guide to Endpoint Security Solutions
Lumension
 
Multifactor Authentication
Multifactor AuthenticationMultifactor Authentication
Multifactor Authentication
Ronnie Isherwood
 
Intro to Smart Cards & Multi-Factor Authentication
Intro to Smart Cards & Multi-Factor AuthenticationIntro to Smart Cards & Multi-Factor Authentication
Intro to Smart Cards & Multi-Factor Authentication
hon1nbo
 
BYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO'sBYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO's
Patrick Angel - MBA, CISSP(c) CISM(c) CRISC(c) CISA(c)
 
Tips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile AppsTips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile Apps
TechWell
 
Application Security: What do we need to know?
Application Security: What do we need to know?Application Security: What do we need to know?
Application Security: What do we need to know?
Jose L. Quiñones-Borrero
 

Recomendados

2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide2015 Endpoint and Mobile Security Buyers Guide
2015 Endpoint and Mobile Security Buyers Guide
Lumension
 
2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary Results2014 BYOD and Mobile Security Survey Preliminary Results
2014 BYOD and Mobile Security Survey Preliminary Results
Lumension
 
2014 Ultimate Buyers Guide to Endpoint Security Solutions
2014 Ultimate Buyers Guide to Endpoint Security Solutions2014 Ultimate Buyers Guide to Endpoint Security Solutions
2014 Ultimate Buyers Guide to Endpoint Security Solutions
Lumension
 
Multifactor Authentication
Multifactor AuthenticationMultifactor Authentication
Multifactor Authentication
Ronnie Isherwood
 
Intro to Smart Cards & Multi-Factor Authentication
Intro to Smart Cards & Multi-Factor AuthenticationIntro to Smart Cards & Multi-Factor Authentication
Intro to Smart Cards & Multi-Factor Authentication
hon1nbo
 
BYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO'sBYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO's
Patrick Angel - MBA, CISSP(c) CISM(c) CRISC(c) CISA(c)
 
Tips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile AppsTips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile Apps
TechWell
 
Application Security: What do we need to know?
Application Security: What do we need to know?Application Security: What do we need to know?
Application Security: What do we need to know?
Jose L. Quiñones-Borrero
 
Session 4 Enterprise Mobile Security
Session 4 Enterprise Mobile SecuritySession 4 Enterprise Mobile Security
Session 4 Enterprise Mobile Security
Santosh Satam
 
Mobile Security for the Enterprise
Mobile Security for the EnterpriseMobile Security for the Enterprise
Mobile Security for the Enterprise
Will Adams
 
2012 12-04 --ncc_group_-_mobile_threat_war_room
2012 12-04 --ncc_group_-_mobile_threat_war_room2012 12-04 --ncc_group_-_mobile_threat_war_room
2012 12-04 --ncc_group_-_mobile_threat_war_room
NCC Group
 
​Understanding the Internet of Things
​Understanding the Internet of Things​Understanding the Internet of Things
​Understanding the Internet of Things
David Strom
 
Understanding passwordless technologies
Understanding passwordless technologiesUnderstanding passwordless technologies
Understanding passwordless technologies
David Strom
 
Mobile phone Data Hacking
Mobile phone Data HackingMobile phone Data Hacking
Mobile phone Data Hacking
Md Abu Syeem Dipu
 
Qualcomm ® Snapdragon Sense ™ ID 3D Fingerprint Technology
Qualcomm ® Snapdragon Sense ™ ID 3D Fingerprint TechnologyQualcomm ® Snapdragon Sense ™ ID 3D Fingerprint Technology
Qualcomm ® Snapdragon Sense ™ ID 3D Fingerprint Technology
FIDO Alliance
 
Two Factor Authentication
Two Factor AuthenticationTwo Factor Authentication
Two Factor Authentication
Nikhil Shaw
 
Secure enterprise mobility
Secure enterprise mobilitySecure enterprise mobility
Secure enterprise mobility
DATA SECURITY SOLUTIONS
 
Seminar-Two Factor Authentication
Seminar-Two Factor AuthenticationSeminar-Two Factor Authentication
Seminar-Two Factor Authentication
Dilip Kr. Jangir
 
New VIPRE_DS_EndpointSecurity_2016
New VIPRE_DS_EndpointSecurity_2016 New VIPRE_DS_EndpointSecurity_2016
New VIPRE_DS_EndpointSecurity_2016
Cyd Isaak Francisco
 
Tips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile AppsTips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile Apps
TechWell
 
Security Testing for IoT Systems
Security Testing for IoT SystemsSecurity Testing for IoT Systems
Security Testing for IoT Systems
Security Innovation
 
How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012
hemantchaskar
 
Security Imeprative for iOS and Android Apps
Security Imeprative for iOS and Android AppsSecurity Imeprative for iOS and Android Apps
Security Imeprative for iOS and Android Apps
Symosis Security (Previously C-Level Security)
 
Mobile Security Qualcom mr. patrick tsie - qualcomm
Mobile Security Qualcom mr. patrick tsie - qualcommMobile Security Qualcom mr. patrick tsie - qualcomm
Mobile Security Qualcom mr. patrick tsie - qualcomm
Tien Hoang
 
3 steps security
3 steps security3 steps security
3 steps security
brightfire-slides
 
Two Factor Authentication: Easy Setup, Major Impact
Two Factor Authentication: Easy Setup, Major ImpactTwo Factor Authentication: Easy Setup, Major Impact
Two Factor Authentication: Easy Setup, Major Impact
Salesforce Admins
 
How Intel Security Ensures Identity Protection - Infographic
How Intel Security Ensures Identity Protection - InfographicHow Intel Security Ensures Identity Protection - Infographic
How Intel Security Ensures Identity Protection - Infographic
Intel IT Center
 
Internet & iot security
Internet & iot securityInternet & iot security
Internet & iot security
Usman Anjum
 
Android vs iOS encryption systems
Android vs iOS encryption systemsAndroid vs iOS encryption systems
Android vs iOS encryption systems
Birju Tank
 
Android security
Android securityAndroid security
Android security
Midhun P Gopi
 

Más contenido relacionado

La actualidad más candente

2012 12-04 --ncc_group_-_mobile_threat_war_room
2012 12-04 --ncc_group_-_mobile_threat_war_room2012 12-04 --ncc_group_-_mobile_threat_war_room
2012 12-04 --ncc_group_-_mobile_threat_war_room
NCC Group
 
Seminar-Two Factor Authentication
Seminar-Two Factor AuthenticationSeminar-Two Factor Authentication
Seminar-Two Factor Authentication
Dilip Kr. Jangir
 
New VIPRE_DS_EndpointSecurity_2016
New VIPRE_DS_EndpointSecurity_2016 New VIPRE_DS_EndpointSecurity_2016
New VIPRE_DS_EndpointSecurity_2016
Cyd Isaak Francisco
 
Tips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile AppsTips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile Apps
TechWell
 

La actualidad más candente (20)

Session 4 Enterprise Mobile Security
Session 4 Enterprise Mobile SecuritySession 4 Enterprise Mobile Security
Session 4 Enterprise Mobile Security
 
Mobile Security for the Enterprise
Mobile Security for the EnterpriseMobile Security for the Enterprise
Mobile Security for the Enterprise
 
2012 12-04 --ncc_group_-_mobile_threat_war_room
2012 12-04 --ncc_group_-_mobile_threat_war_room2012 12-04 --ncc_group_-_mobile_threat_war_room
2012 12-04 --ncc_group_-_mobile_threat_war_room
 
​Understanding the Internet of Things
​Understanding the Internet of Things​Understanding the Internet of Things
​Understanding the Internet of Things
 
Understanding passwordless technologies
Understanding passwordless technologiesUnderstanding passwordless technologies
Understanding passwordless technologies
 
Mobile phone Data Hacking
Mobile phone Data HackingMobile phone Data Hacking
Mobile phone Data Hacking
 
Qualcomm ® Snapdragon Sense ™ ID 3D Fingerprint Technology
Qualcomm ® Snapdragon Sense ™ ID 3D Fingerprint TechnologyQualcomm ® Snapdragon Sense ™ ID 3D Fingerprint Technology
Qualcomm ® Snapdragon Sense ™ ID 3D Fingerprint Technology
 
Two Factor Authentication
Two Factor AuthenticationTwo Factor Authentication
Two Factor Authentication
 
Secure enterprise mobility
Secure enterprise mobilitySecure enterprise mobility
Secure enterprise mobility
 
Seminar-Two Factor Authentication
Seminar-Two Factor AuthenticationSeminar-Two Factor Authentication
Seminar-Two Factor Authentication
 
New VIPRE_DS_EndpointSecurity_2016
New VIPRE_DS_EndpointSecurity_2016 New VIPRE_DS_EndpointSecurity_2016
New VIPRE_DS_EndpointSecurity_2016
 
Tips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile AppsTips and Tricks for Building Secure Mobile Apps
Tips and Tricks for Building Secure Mobile Apps
 
Security Testing for IoT Systems
Security Testing for IoT SystemsSecurity Testing for IoT Systems
Security Testing for IoT Systems
 
How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012
 
Security Imeprative for iOS and Android Apps
Security Imeprative for iOS and Android AppsSecurity Imeprative for iOS and Android Apps
Security Imeprative for iOS and Android Apps
 
Mobile Security Qualcom mr. patrick tsie - qualcomm
Mobile Security Qualcom mr. patrick tsie - qualcommMobile Security Qualcom mr. patrick tsie - qualcomm
Mobile Security Qualcom mr. patrick tsie - qualcomm
 
3 steps security
3 steps security3 steps security
3 steps security
 
Two Factor Authentication: Easy Setup, Major Impact
Two Factor Authentication: Easy Setup, Major ImpactTwo Factor Authentication: Easy Setup, Major Impact
Two Factor Authentication: Easy Setup, Major Impact
 
How Intel Security Ensures Identity Protection - Infographic
How Intel Security Ensures Identity Protection - InfographicHow Intel Security Ensures Identity Protection - Infographic
How Intel Security Ensures Identity Protection - Infographic
 
Internet & iot security
Internet & iot securityInternet & iot security
Internet & iot security
 

Similar a Top 10 Things to Secure on iOS and Android to Protect Corporate Information

LANDesk Mobility Manager
LANDesk Mobility ManagerLANDesk Mobility Manager
LANDesk Mobility Manager
InfraVision
 
Mobile Security Training, Mobile Device Security Training
Mobile Security Training, Mobile Device Security TrainingMobile Security Training, Mobile Device Security Training
Mobile Security Training, Mobile Device Security Training
Tonex
 
Security testing of mobile applications
Security testing of mobile applicationsSecurity testing of mobile applications
Security testing of mobile applications
GTestClub
 
Hacking and Securing iOS Applications by Satish Bomisstty
Hacking and Securing iOS Applications by Satish BomissttyHacking and Securing iOS Applications by Satish Bomisstty
Hacking and Securing iOS Applications by Satish Bomisstty
ClubHack
 
Faux Disk Encryption....by Drew Suarez & Daniel Mayer
Faux Disk Encryption....by Drew Suarez & Daniel MayerFaux Disk Encryption....by Drew Suarez & Daniel Mayer
Faux Disk Encryption....by Drew Suarez & Daniel Mayer
Shakacon
 

Similar a Top 10 Things to Secure on iOS and Android to Protect Corporate Information (20)

Android vs iOS encryption systems
Android vs iOS encryption systemsAndroid vs iOS encryption systems
Android vs iOS encryption systems
 
Android security
Android securityAndroid security
Android security
 
Windows 10: Security Focus (part II)
Windows 10: Security Focus (part II)Windows 10: Security Focus (part II)
Windows 10: Security Focus (part II)
 
LANDesk Mobility Manager
LANDesk Mobility ManagerLANDesk Mobility Manager
LANDesk Mobility Manager
 
Mobility manager 90
Mobility manager 90Mobility manager 90
Mobility manager 90
 
Mobiflage deniable encryption for mobile devices
Mobiflage deniable encryption for mobile devicesMobiflage deniable encryption for mobile devices
Mobiflage deniable encryption for mobile devices
 
Dell Solutions Tour 2015 - Reduce IT admin work load and reduce complexity an...
Dell Solutions Tour 2015 - Reduce IT admin work load and reduce complexity an...Dell Solutions Tour 2015 - Reduce IT admin work load and reduce complexity an...
Dell Solutions Tour 2015 - Reduce IT admin work load and reduce complexity an...
 
Mobile Security Training, Mobile Device Security Training
Mobile Security Training, Mobile Device Security TrainingMobile Security Training, Mobile Device Security Training
Mobile Security Training, Mobile Device Security Training
 
Untitled 1
Untitled 1Untitled 1
Untitled 1
 
Security testing of mobile applications
Security testing of mobile applicationsSecurity testing of mobile applications
Security testing of mobile applications
 
Hacking and Securing iOS Applications by Satish Bomisstty
Hacking and Securing iOS Applications by Satish BomissttyHacking and Securing iOS Applications by Satish Bomisstty
Hacking and Securing iOS Applications by Satish Bomisstty
 
Hacking and Securing iOS Applications
Hacking and Securing iOS ApplicationsHacking and Securing iOS Applications
Hacking and Securing iOS Applications
 
Mobile Device Encryption Systems
Mobile Device Encryption SystemsMobile Device Encryption Systems
Mobile Device Encryption Systems
 
Mobile security
Mobile securityMobile security
Mobile security
 
Symantec Mobile Security Whitepaper June 2011
Symantec Mobile Security Whitepaper June 2011Symantec Mobile Security Whitepaper June 2011
Symantec Mobile Security Whitepaper June 2011
 
Mobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetMobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring Budget
 
Android App Hacking - Erez Metula, AppSec
Android App Hacking - Erez Metula, AppSecAndroid App Hacking - Erez Metula, AppSec
Android App Hacking - Erez Metula, AppSec
 
Faux Disk Encryption....by Drew Suarez & Daniel Mayer
Faux Disk Encryption....by Drew Suarez & Daniel MayerFaux Disk Encryption....by Drew Suarez & Daniel Mayer
Faux Disk Encryption....by Drew Suarez & Daniel Mayer
 
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016
Outsmarting Hackers before your App gets Hacked - iOS Conf SG 2016
 
apsec 7 Golden Rules Data Leakage Prevention / DLP
apsec 7 Golden Rules Data Leakage Prevention / DLPapsec 7 Golden Rules Data Leakage Prevention / DLP
apsec 7 Golden Rules Data Leakage Prevention / DLP
 

Más de Lumension

Using SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and MacsUsing SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and Macs
Lumension
 
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Lumension
 
Careto: Unmasking a New Level in APT-ware
Careto: Unmasking a New Level in APT-ware Careto: Unmasking a New Level in APT-ware
Careto: Unmasking a New Level in APT-ware
Lumension
 
Securing Your Point of Sale Systems: Stopping Malware and Data Theft
Securing Your Point of Sale Systems: Stopping Malware and Data TheftSecuring Your Point of Sale Systems: Stopping Malware and Data Theft
Securing Your Point of Sale Systems: Stopping Malware and Data Theft
Lumension
 
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
Lumension
 
2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and Analysis2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and Analysis
Lumension
 
Greatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
Greatest It Security Risks of 2014: 5th Annual State of Endpoint RiskGreatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
Greatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
Lumension
 
Windows XP is Coming to an End: How to Stay Secure Before You Migrate
Windows XP is Coming to an End: How to Stay Secure Before You MigrateWindows XP is Coming to an End: How to Stay Secure Before You Migrate
Windows XP is Coming to an End: How to Stay Secure Before You Migrate
Lumension
 
Adobe Hacked Again: What Does It Mean for You?
Adobe Hacked Again: What Does It Mean for You? Adobe Hacked Again: What Does It Mean for You?
Adobe Hacked Again: What Does It Mean for You?
Lumension
 
Real World Defense Strategies for Targeted Endpoint Threats
Real World Defense Strategies for Targeted Endpoint Threats Real World Defense Strategies for Targeted Endpoint Threats
Real World Defense Strategies for Targeted Endpoint Threats
Lumension
 
APTs: The State of Server Side Risk and Steps to Minimize Risk
APTs: The State of Server Side Risk and Steps to Minimize RiskAPTs: The State of Server Side Risk and Steps to Minimize Risk
APTs: The State of Server Side Risk and Steps to Minimize Risk
Lumension
 
Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?
Lumension
 
Java Insecurity: How to Deal with the Constant Vulnerabilities
Java Insecurity: How to Deal with the Constant VulnerabilitiesJava Insecurity: How to Deal with the Constant Vulnerabilities
Java Insecurity: How to Deal with the Constant Vulnerabilities
Lumension
 
3 Executive Strategies to Reduce Your IT Risk
3 Executive Strategies to Reduce Your IT Risk3 Executive Strategies to Reduce Your IT Risk
3 Executive Strategies to Reduce Your IT Risk
Lumension
 
2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?
Lumension
 
Greatest IT Security Risks of 2013: Annual State of the Endpoint Report
Greatest IT Security Risks of 2013: Annual State of the Endpoint ReportGreatest IT Security Risks of 2013: Annual State of the Endpoint Report
Greatest IT Security Risks of 2013: Annual State of the Endpoint Report
Lumension
 

Más de Lumension (20)

Using SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and MacsUsing SCCM 2012 r2 to Patch Linux, UNIX and Macs
Using SCCM 2012 r2 to Patch Linux, UNIX and Macs
 
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...
 
Careto: Unmasking a New Level in APT-ware
Careto: Unmasking a New Level in APT-ware Careto: Unmasking a New Level in APT-ware
Careto: Unmasking a New Level in APT-ware
 
Securing Your Point of Sale Systems: Stopping Malware and Data Theft
Securing Your Point of Sale Systems: Stopping Malware and Data TheftSecuring Your Point of Sale Systems: Stopping Malware and Data Theft
Securing Your Point of Sale Systems: Stopping Malware and Data Theft
 
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...
 
2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and Analysis2014 Data Protection Maturity Survey: Results and Analysis
2014 Data Protection Maturity Survey: Results and Analysis
 
Greatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
Greatest It Security Risks of 2014: 5th Annual State of Endpoint RiskGreatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
Greatest It Security Risks of 2014: 5th Annual State of Endpoint Risk
 
Windows XP is Coming to an End: How to Stay Secure Before You Migrate
Windows XP is Coming to an End: How to Stay Secure Before You MigrateWindows XP is Coming to an End: How to Stay Secure Before You Migrate
Windows XP is Coming to an End: How to Stay Secure Before You Migrate
 
Adobe Hacked Again: What Does It Mean for You?
Adobe Hacked Again: What Does It Mean for You? Adobe Hacked Again: What Does It Mean for You?
Adobe Hacked Again: What Does It Mean for You?
 
Real World Defense Strategies for Targeted Endpoint Threats
Real World Defense Strategies for Targeted Endpoint Threats Real World Defense Strategies for Targeted Endpoint Threats
Real World Defense Strategies for Targeted Endpoint Threats
 
APTs: The State of Server Side Risk and Steps to Minimize Risk
APTs: The State of Server Side Risk and Steps to Minimize RiskAPTs: The State of Server Side Risk and Steps to Minimize Risk
APTs: The State of Server Side Risk and Steps to Minimize Risk
 
Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?Data Protection Rules are Changing: What Can You Do to Prepare?
Data Protection Rules are Changing: What Can You Do to Prepare?
 
Java Insecurity: How to Deal with the Constant Vulnerabilities
Java Insecurity: How to Deal with the Constant VulnerabilitiesJava Insecurity: How to Deal with the Constant Vulnerabilities
Java Insecurity: How to Deal with the Constant Vulnerabilities
 
BYOD & Mobile Security: How to Respond to the Security Risks
BYOD & Mobile Security: How to Respond to the Security RisksBYOD & Mobile Security: How to Respond to the Security Risks
BYOD & Mobile Security: How to Respond to the Security Risks
 
3 Executive Strategies to Reduce Your IT Risk
3 Executive Strategies to Reduce Your IT Risk3 Executive Strategies to Reduce Your IT Risk
3 Executive Strategies to Reduce Your IT Risk
 
The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...
The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...
The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...
 
Defending Your Corporate Endpoints How to Go Beyond Anti-Virus
Defending Your Corporate Endpoints How to Go Beyond Anti-VirusDefending Your Corporate Endpoints How to Go Beyond Anti-Virus
Defending Your Corporate Endpoints How to Go Beyond Anti-Virus
 
2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?2013 Data Protection Maturity Trends: How Do You Compare?
2013 Data Protection Maturity Trends: How Do You Compare?
 
Greatest IT Security Risks of 2013: Annual State of the Endpoint Report
Greatest IT Security Risks of 2013: Annual State of the Endpoint ReportGreatest IT Security Risks of 2013: Annual State of the Endpoint Report
Greatest IT Security Risks of 2013: Annual State of the Endpoint Report
 
Weaponised Malware & APT Attacks: Protect Against Next-Generation Threats
Weaponised Malware & APT Attacks: Protect Against Next-Generation ThreatsWeaponised Malware & APT Attacks: Protect Against Next-Generation Threats
Weaponised Malware & APT Attacks: Protect Against Next-Generation Threats
 

Último

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 

Último (20)

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 

Top 10 Things to Secure on iOS and Android to Protect Corporate Information

  • 1. Sponsored by Top 8Things toSecure on iOS andAndroid to Protect Corporate Information © 2013 Monterey Technology Group Inc.
  • 2. Thanks to © 2013 Monterey Technology Group Inc. www.Lumension.com
  • 3. Preview of Key Points 1. Unattended control 2. Password complexity 3. Encryption 4. Remote lock 5. Remote wipe 6. Jailbroken/rooted detection 7. Hardware/software inventory 8. Device feature restrictions 9. The Carrot
  • 4. RealityCheck  Biggest risk  Lost and stolen devices  Legal issue  BYOD with MDM
  • 5. 1 Unattended control (akaPIN/Password) iOS  Options  PIN  Password  Touch ID  When to kick in  Single threshold  Brute force defense  Optional erase after 10 entries  Increasing delay Android  Options  PIN  Password  Pattern  Face  When to kick in  More sophisticated  Brute force defense  Optional erase after X entries  Increasing delay  Auto account wipe
  • 6. 2 Password complexity iOS  Allow simple value  Require alphanumeric value  Minimum passcode length  Minimum number of complex characters  Maximum passcode age  Passcode history  Auto-lock timeout  Grace period for device lock  Maximum number of failed attempts  AllowTouch ID Android  Password enabled  Minimum password length  Alphanumeric password required  Complex password required  Minimum letters required in password  Minimum lowercase letters required in password  Minimum non-letter characters required in password  Minimum numerical digits required in password  Minimum symbols required in password  Minimum uppercase letters required in password  Password expiration timeout  Password history restriction  Maximum failed password attempts  Maximum inactivity time lock
  • 7. 3 Encryption iOS  This is complicated  2 levels or encryption  First level encrypts all storage  But only for purpose of quickly wiping – doesn’t protect data  2nd level encrypts data of supporting applications  Such as email  Unclear whether jailbreaking can defeat encryption Android  Based on tried and tested Linux dm-crypt  Encryption ultimately based on passcode  Only encrypts /data partition  Some devices offer SD card encryption This is not your PC’s BitLocker
  • 8. 4 Remote lock iOS  Protect lost phones in hopes of recovering  Unlikely to defend against jailbreaking Android  Same purpose  Unclear how secure
  • 9. 5 Remote wipe iOS  Wipes encryption key used to encrypted entire device  Fast and effective  To defeat, must jailbreak before wipe instruction received Android  Does a fast erase and not a secure erase of the SD card
  • 10. 6 Jailbroken/ rooted detection iOS  Important to detect because jailbroken devices can run software from any source Android  Rooted  Unlocked boot loader  Custom recovery  USB debugging enabled (allows ADB)
  • 11. 7 Hardware/ software inventory Health iOS  Important because different devices have different vulnerabilities and jailbreak options Android  Important because different devices have different vulnerabilities and security compliance  Android security features vary by version  But more importantly by brand because of fragmentation  Encryption fails on multi- user devices
  • 12. 8 Device feature restrictions iOS  App installs, camera use, screen capture, iTunes store usage, in app purchases  Force encrypted backups  JavaScript  AllowTouch ID  Supervised restrictions  Other store usage, allow app removal Android  Require storage encryption  Disable camera
  • 13. 9 TheCarrot iOS  WiFi configuration  Exchange configuration Android  WiFi configuration  Exchange configuration
  • 14. Bottom line  Key requirements  Stay up on device health and inventory  Enforce password and encryption  Discourage older devices  Remote wipe  Hone procedure  Use carrots  Mobile Device Management  Another security solution to manage?  Mobile devices are just another type of endpoint  Manage iOS and Android devices along withWindows endpoints on the same pane of glass
  • 15. L.E.M.S.S. Mobile Device Management 17 June 2014 Dee Liebenstein Vice President Product Management
  • 16. Unifies workflows and technologies to deliver enhanced capabilities in the management of endpoint operations, security and compliance Lumension Platform Benefits 16 Endpoint Operations Endpoint Security Device Control Asset Management Software Management Power Management Configuration Management Mobile Device Management Reporting Data Encryption Antivirus/Spyware Patch Management Application Control Firewall Management Mobile Devices Desktops Laptops Servers
  • 17. Lumension MDM Capabilities Overview 17 L.E.M.S.S. Integration Device Management Device & Data Security Integrated Management iOS / Android Enrollment via App Remote Lock Localized Console & Apps AD Authentication Remote Wipe Per-device Licensing Device Administration (Delete/Disable/Offline) Password Enablement (Enforcement / Clearing) Role-based Access Control (RBAC) Check-in Interval: Configurable and On-Demand Password Complexity Configuration Manage Mobile Endpoints Hardware Inventory Device Encryption Enforcement iOS and Android Support Managed Devices Dashboard / Reporting Device Feature Restrictions Consistent Policy Workflow Root/Jailbreak Detection (Device Health) Exchange Configuration (iOS) Over the Air Management Action Traceability Wi-Fi Configuration
  • 18. Free Device Scanner tool – discover all the devices being used in your network ~/Resources/Security-Tools More on BYOD issues and solutions in the Lumension Optimal Security blog at blog.lumension.com/tag/byod More Information at www.lumension.com 1 8 More information on the Lumension MDM at ~/mobile-device-management-software Get the 2013 BYOD Survey Report at ~/more-info/BYOD-and-Mobile-Security