aitp presentation on mobile security
DESCRIPTION
Dr. John D. Johnson presents on mobile security to AITP chapter in Davenport, IA. October 2011.TRANSCRIPT
Mobile Security & Privacy
There’s An App For That!
Smart Phones
Gadgets
Functionality…
! Multimedia
! Voice & Video
! Photography
! Social Media
! Shopping
! Apps… Apps… Apps!
! Calendar
! Web Surfing
! Work
! Reading
! Games
….and more apps!! ….and more apps!!
…not your Dad’s PC
…or his mobile phone
…the future’s so bright
Technology for Humanity
Historical Perspective
…technology can come with unexpected consequences
…and of course
Wireless & Cellular
! Wi-Fi
! Hotspots
! Bluetooth
! Wi-Max
! 4G
! LTE
Big Brother
Does Privacy Exist?
! Personal information & photos on Facebook?
! Hackers trying to steal your data
! Corporations collecting and selling your info
! The government watching what you do
! Sensors in many of our consumer goods (cars, appliances, phones, clothing?)
Threats on the Move
! Botnets
! Mobile Zombie Networks
! Bad Apples
! Malware in App Stores
! Social Networks
! A vector for malware
! Spyware
! Apps or malware that steal info/GPS
! Bluetooth Hijacking
! Wi-Fi Attacks
! Spoofs and Phishing
! Spear Phishing
Mobile Threat Evolution
Securing your Mobile Device
! Tracking lost phones
! Antivirus, malware, spyware
! Encryption
! Where do you store/back up your data?
! Apps that use geo-location and access your info
! We often trade privacy for functionality/convenience
Consumer Solutions
! Lookout Mobile Security
! MyLookout.com
! McAfee Mobile Security
! McAfee.com
! Do you have any suggestions to share??
Enterprise MDM & Point Solutions ! McAfee Enterprise Mobility Management
! Enterproid – http://www.enterproid.com
! Touchdown for Android - http://www.nitrodesk.com/
! Symantec Mobile Security
! Good MDM
! Mobile Active Defense (like BlackBerry)
! RIM
Conclusion
! The bad guys can get what’s on your phone, even if you encrypt it and use a password
! The casual thief is who you want to protect against
! Don’t keep really sensitive stuff on your mobile device
! Use a tool that allows you to wipe your device if it is stolen (via a web page)
! Apply security policies that make sense: (encryption, PIN, locking, timeout, remote wipe…)
! Leverage good point solutions, even in the enterprise
Q&A
! Do your best and don’t lose sleep over it!
! Now you can go back to playing Angry Birds!!