Presentation is loading. Please wait.

Presentation is loading. Please wait.

Tips on Securing Mobile Devices October 5, 2012 Preston Wiley, Network Security Manager, CISSP Mike Hill, Project Manager / Systems Analyst, CISSP.

Similar presentations


Presentation on theme: "Tips on Securing Mobile Devices October 5, 2012 Preston Wiley, Network Security Manager, CISSP Mike Hill, Project Manager / Systems Analyst, CISSP."— Presentation transcript:

1 Tips on Securing Mobile Devices October 5, 2012 Preston Wiley, Network Security Manager, CISSP Mike Hill, Project Manager / Systems Analyst, CISSP

2 W HAT IS A M OBILE D EVICE ? Highly Portable Constantly connected to the Internet Able to run a variety of applications Easily stolen or misplaced Smartphones, Tablets Personally managed

3 M OBILE D EVICE O PERATING S YSTEMS iOS iPad iPhone iPod Touch Android Nexus 7 Samsung Galaxy HTC One, Desire, Evo, etc. Motorola RAZR MANY MANY MANY Others Blackberry, Symbian, Windows

4 W HY DO WE HAVE M OBILE D EVICES ? Highly Portable Convenient Always Stay Connected Remain Productive Coolness Factor

5 W HY SHOULD WE SECURE THEM ? As mobile devices become ingrained into our life, we store more and more data in them, such as: o o Contacts o Photos and we use various apps to make our lives easier: o Social: Facebook, Twitter, LinkedIn o Financial: Paypal, eBay, Amazon o Cloud Storage: Dropbox, Google Drive o Maps: Mapquest, Google Maps o Games: Angry Birds, Bad Piggies

6 T IP #1: L OCK D EVICE Passcodes o Pins o Pattern (Android) o Facial Recognition (Android 4) o Passwords Auto-Lock (Screen Timeout) o 1 minute to 5 minutes o Shorter time is more secure o Be aware of apps that can be accessed when locked

7 T IP #2: U PDATE A PPS Keep apps up-to-date using official sites o Apple App Store (iOS) o Google Play (Android) Be wary of 3rd party apps from unofficial sites (Android) o When you allow unknown apps on Android, you allow them from ALL sources o Only turn this option on if you need it and turn it off when you don't need it. o There are legitimate stores other than Google Play that require this to be turned on: Amazon App Store

8 T IP #3: D ISABLE N ETWORK S ERVICES Benefits to disabling services o These services can pose security risks o Can also extend battery life WiFi o Constantly scans for WiFi networks o Beware of open networks (unencrypted) Bluetooth o Turn off or set to non-discoverable if not needed o Used for hands free devices and wireless keyboards o Can be used to view your contacts and make calls with your phone.

9 T IP #4: B EWARE OF QR CODES Which QR code is the malicious one?

10 Tips 5-10

11 T IP #5: U PDATE O PERATING S YSTEM Update OS to latest version available to you o iOS 6 o Android 4.1 (Jelly Bean) o BlackBerry 7.1 OS o Windows Phone 7.5 *Data as of October 1, 2012*Data as of September 30, 2012

12 T IP #6: C ONFIGURE L OCATION S ERVICES Popular features of location services o Photos - geotagging o Maps - turn by turn navigation Beware of disclosing location publicly o Please Rob Me (2010) o U.S. Army warns about geotagging (2007) Recommended Configuration o Disable if not needed o Only enable for specific apps when needed

13 T IP #7: B ACKUP D EVICE

14 Backup your device o Device should not be sole source of this data o Data can be encrypted during backup to iTunes (iOS) o Backups based on Google Account (Android) Be aware of any sensitive data on device o Financial documents o Tax records o Health records o Passwords

15 T IP #8: W IPE D EVICE Erase data on device before o Return o Repair o Resale Auto-Wipe o Erases data after 10 failed attempts (iOS) o Autowipe app (Android 2.2+) Remote Wipe o Gives you the ability to remotely wipe device

16 T IP #9: F IND D EVICE Find My iPhone (iOS) o Requires iOS 5+ o Locate your device on a map o Display custom message o Remotely lock or wipe device o Lost Mode (iOS 6) LocateMyDroid (Android) o Available on Android OS 2.2+ o Visually see your phone on a map o Remotely lock/wipe phone (admin) Create ICE for lock screen

17 T IP #10: S ECURE B ROWSER S ETTINGS Recommended Settings o Block Pop-ups o Enable Private Browsing o Enable Fraud Warning (iOS) o Disable AutoFill o Disable Location Services o Clear history and cookies

18 W RAP -U P 10 Tips for Increased Security 1. Lock Device 2. Update Apps 3. Disable Network Services 4. Beware of QR Codes 5. Update Operating System 6. Configure Location Services 7. Backup Device 8. Wipe Device 9. Find Device 10. Secure Browser Settings

19 S ERIOUS ABOUT S ECURITY P ODCAST New episodes recorded every two weeks

20 Q&A Preston Wiley Mike Hill

21 R EFERENCES Android Distribution Chart https://developer.android.com/about/dashboards/index.html iOS Distribution Chart Permission to use Dilbert comics provided by Universal Uclick Please Rob Me U.S. Army warns about the risks of geotagging the-risks-of-geotagging/


Download ppt "Tips on Securing Mobile Devices October 5, 2012 Preston Wiley, Network Security Manager, CISSP Mike Hill, Project Manager / Systems Analyst, CISSP."

Similar presentations


Ads by Google