SlideShare une entreprise Scribd logo

Mobile Device Security

Télécharger en tant que PPT, PDF
John Rhoton
John Rhoton

Microsoft ExchangeConnections, Orlando, 2008

Technologie
1  sur  43
Mobile Device Security John Rhoton Hewlett Packard [email_address]
But just what is mobility ? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Mobility: Challenges
Where is confidential data most vulnerable? Source: ESG Research Report
Facets of Mobile Security management devices air transmissions PAN LAN WAN public networks private networks applications mobility wireless traditional security 1 2 3 VPN 4
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],1 2 3 4
Device Security (Windows Mobile)
Threats to Mobile Devices ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Source: Trend Micro
Windows Mobile Content Protection Access Control Approaches ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
iPAQ Content Protection Access Control Solutions ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Centralized Provisioning and Configuration
Enterprise Requirements ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Air Interfaces: Bluetooth
Pairing & Authentication ,[object Object],[object Object],[object Object],Pairing Based on stored keys No user intervention Authentication
Bluetooth Security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],K AD A B C D M K MC K MA K MD K MB
Multi-tiered security
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Bluetooth vulnerability
Air Interfaces: WLAN
Needs determine security SSID MAC Filter WEP WPA/802.11i
[object Object],[object Object],MAC Filters
Equipment of a Wi-Fi freeloader ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Increasing the transmission range DEFCON 2005 WiFi Shootout ,[object Object],[object Object],[object Object],200 km
Bringing the “War” to War Driving
Tools ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Ten-minute WEP crack ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Source: tom’s networking
Wireless LAN security evolution 1999 2003 2005+ WEP WPA 802.11i / WPA2 Timeline Privacy: 40 bit RC4 with 24 bit IV Auth: SSID and Shared key Integrity: CRC Privacy: Per packet keying (RC4) with 48 bit IV Auth: 802.1x+ EAP Integrity: MIC Privacy: AES Auth: 802.1x+ EAP Integrity: MIC Security
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],802.11i / WPA2
IEEE 802.1x Explanation ,[object Object],[object Object],Supplicant Authentication Server Authenticator Client Access Point RADIUS Server RADIUS 802.1x EAP EAP TKIP / MIC
WiFi Protect Access (WPA) ,[object Object],[object Object],[object Object],[object Object],Require Non-Trivial Client Configuration
Enterprise WLAN Security Options ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Rogue and Decoy Access Points ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Internet Intranet Access
Air Interfaces: WWAN
Wireless WAN (Wide Area Network) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],GPRS phone GPRS iPAQ e-mail pager GSM/GPRS PC card http://h18004.www1.hp.com/products/wireless/wwan/WWAN-Security.pdf
Multiple interfaces maximize flexibility 1 1 2 2 4 PAN Zone WLAN Zone 3G Zone GPRS Zone Surfing: Person 1 improves bandwidth by moving into a 3G area MP3 Download: Person 2 saves time and money by scheduling the download in a public WLAN hotspot Peer-to-peer: Person 3 sends an MP3 file over a Bluetooth link free of charge to Person 4 3 Satellite Zone At sea: Person 5 maintains coverage via satellite after leaving GPRS range 5 5 Columbitech Birdstep Ecutel
Unauthorized Wireless Bridge Prevented through Policy
Perimeter Security
[object Object],[object Object],[object Object],Perimeter Evolution Role Schedule Location User Access Control IP Address Port Time VLAN
Credant OTA Sync Control Exchange 2003 Local ActiveSync HANDHELD App Servers Provides automatic network detection and remediation of mobile devices attempting to synchronize with Microsoft Exchange Gatekeeper Local Gatekeeper can detect devices which sync via local connection Internet Server ActiveSync Exchange Server OTA Sync Control OTA Sync Control detects devices which sync via Server Activesync. Based on ISAPI extension
Trust Digital Mobile Edge Perimeter Security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
HP Enterprise Mobility Suite WW Wireless Operator Networks HP Enterprise Devices HP Worldwide Hosting Facilities Enterprise HTTPS Internet HTTPS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Existing IT Systems FOR ENTERPRISE Leading OEM Device Manufacturers SMS TCP/IP SMS TCP/IP HTTPS
Mobile Device Security Management ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Security Usability
Summary ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Questions? Contact me at: john.rhoton@hp.com
Your Feedback is Important ,[object Object],[object Object]

Recommandé

BYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO'sBYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO'sPatrick Angel - MBA, CISSP(c) CISM(c) CRISC(c) CISA(c)
 
Mobile device security
Mobile device securityMobile device security
Mobile device securityLisa Herrera
 
Ensuring Mobile Device Security
Ensuring Mobile Device SecurityEnsuring Mobile Device Security
Ensuring Mobile Device SecurityQuick Heal Technologies Ltd.
 
Mobile security
Mobile securityMobile security
Mobile securitypriyanka pandey
 
Mobile Device Management & Data Protection
Mobile Device Management & Data ProtectionMobile Device Management & Data Protection
Mobile Device Management & Data ProtectionGeekTek IT Services
 
Mobile security
Mobile securityMobile security
Mobile securityCyberoamAcademy
 
C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2Santosh Satam
 
Mobile Security Research Projects Help
Mobile Security Research Projects HelpMobile Security Research Projects Help
Mobile Security Research Projects HelpNetwork Simulation Tools
 

Recommandé

BYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO'sBYOD / Mobile-Device Security Guidelines for CxO's
BYOD / Mobile-Device Security Guidelines for CxO'sPatrick Angel - MBA, CISSP(c) CISM(c) CRISC(c) CISA(c)
 
Mobile device security
Mobile device securityMobile device security
Mobile device securityLisa Herrera
 
Ensuring Mobile Device Security
Ensuring Mobile Device SecurityEnsuring Mobile Device Security
Ensuring Mobile Device SecurityQuick Heal Technologies Ltd.
 
Mobile security
Mobile securityMobile security
Mobile securitypriyanka pandey
 
Mobile Device Management & Data Protection
Mobile Device Management & Data ProtectionMobile Device Management & Data Protection
Mobile Device Management & Data ProtectionGeekTek IT Services
 
Mobile security
Mobile securityMobile security
Mobile securityCyberoamAcademy
 
C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2Santosh Satam
 
Mobile Security Research Projects Help
Mobile Security Research Projects HelpMobile Security Research Projects Help
Mobile Security Research Projects HelpNetwork Simulation Tools
 
2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer ConferenceFabio Pietrosanti
 
Mobile security article
Mobile security articleMobile security article
Mobile security articleKulani Mahadewa
 
Cn35499502
Cn35499502Cn35499502
Cn35499502IJERA Editor
 
Mobile security - Intense overview
Mobile security - Intense overviewMobile security - Intense overview
Mobile security - Intense overviewPrivateWave Italia SpA
 
Endpoint Protection
Endpoint ProtectionEndpoint Protection
Endpoint ProtectionSophos
 
5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and More5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and MoreCommunity IT Innovators
 
Mobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistantMobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistantVladimir Jirasek
 
Personal Data Protection
Personal Data ProtectionPersonal Data Protection
Personal Data ProtectionCreatorsCircle
 
Securing the Enterprise Mobile Perimeter
Securing the Enterprise Mobile PerimeterSecuring the Enterprise Mobile Perimeter
Securing the Enterprise Mobile PerimeterBrian Gleeson
 
Cyber security vs information assurance
Cyber security vs information assuranceCyber security vs information assurance
Cyber security vs information assuranceVaughan Olufemi ACIB, AICEN, ANIM
 
Securing Devices at Home
Securing Devices at HomeSecuring Devices at Home
Securing Devices at HomeSymptai Consulting Limited
 
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Jiunn-Jer Sun
 
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkSecuring Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkIBM Security
 
Data security
Data securityData security
Data securitySoumen Mondal
 
презентация1
презентация1презентация1
презентация1sagidullaa01
 
The sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceThe sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceIcomm Technologies
 
3 steps security
3 steps security3 steps security
3 steps securitybrightfire-slides
 
The Zero Trust Model of Information Security
The Zero Trust Model of Information Security The Zero Trust Model of Information Security
The Zero Trust Model of Information Security Tripwire
 
Corporate America is Being ATTACKED and the Entry Vector May be Surprising
Corporate America is Being ATTACKED and the Entry Vector May be SurprisingCorporate America is Being ATTACKED and the Entry Vector May be Surprising
Corporate America is Being ATTACKED and the Entry Vector May be SurprisingSignals Defense, LLC
 
Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]Sharpe Smith
 
A secure communication in smart phones using two factor authentication
A secure communication in smart phones using two factor authenticationA secure communication in smart phones using two factor authentication
A secure communication in smart phones using two factor authenticationeSAT Journals
 
Security Compliance Web Application Risk Management
Security Compliance Web Application Risk ManagementSecurity Compliance Web Application Risk Management
Security Compliance Web Application Risk ManagementMarco Morana
 

Contenu connexe

Tendances

2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer ConferenceFabio Pietrosanti
 
Endpoint Protection
Endpoint ProtectionEndpoint Protection
Endpoint ProtectionSophos
 
5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and More5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and MoreCommunity IT Innovators
 
Mobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistantMobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistantVladimir Jirasek
 
Personal Data Protection
Personal Data ProtectionPersonal Data Protection
Personal Data ProtectionCreatorsCircle
 
Securing the Enterprise Mobile Perimeter
Securing the Enterprise Mobile PerimeterSecuring the Enterprise Mobile Perimeter
Securing the Enterprise Mobile PerimeterBrian Gleeson
 
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Jiunn-Jer Sun
 
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkSecuring Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkIBM Security
 
презентация1
презентация1презентация1
презентация1sagidullaa01
 
The sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceThe sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceIcomm Technologies
 
The Zero Trust Model of Information Security
The Zero Trust Model of Information Security The Zero Trust Model of Information Security
The Zero Trust Model of Information Security Tripwire
 
Corporate America is Being ATTACKED and the Entry Vector May be Surprising
Corporate America is Being ATTACKED and the Entry Vector May be SurprisingCorporate America is Being ATTACKED and the Entry Vector May be Surprising
Corporate America is Being ATTACKED and the Entry Vector May be SurprisingSignals Defense, LLC
 
Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]Sharpe Smith
 

Tendances (20)

2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference
 
Mobile security article
Mobile security articleMobile security article
Mobile security article
 
Cn35499502
Cn35499502Cn35499502
Cn35499502
 
Mobile security - Intense overview
Mobile security - Intense overviewMobile security - Intense overview
Mobile security - Intense overview
 
Endpoint Protection
Endpoint ProtectionEndpoint Protection
Endpoint Protection
 
5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and More5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and More
 
Mobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistantMobile phone as Trusted identity assistant
Mobile phone as Trusted identity assistant
 
Personal Data Protection
Personal Data ProtectionPersonal Data Protection
Personal Data Protection
 
Securing the Enterprise Mobile Perimeter
Securing the Enterprise Mobile PerimeterSecuring the Enterprise Mobile Perimeter
Securing the Enterprise Mobile Perimeter
 
Cyber security vs information assurance
Cyber security vs information assuranceCyber security vs information assurance
Cyber security vs information assurance
 
Securing Devices at Home
Securing Devices at HomeSecuring Devices at Home
Securing Devices at Home
 
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
Build A Solid Foundation For Industrial Network Security - Cybersecurity Webi...
 
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkSecuring Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
 
Data security
Data securityData security
Data security
 
презентация1
презентация1презентация1
презентация1
 
The sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceThe sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work force
 
3 steps security
3 steps security3 steps security
3 steps security
 
The Zero Trust Model of Information Security
The Zero Trust Model of Information Security The Zero Trust Model of Information Security
The Zero Trust Model of Information Security
 
Corporate America is Being ATTACKED and the Entry Vector May be Surprising
Corporate America is Being ATTACKED and the Entry Vector May be SurprisingCorporate America is Being ATTACKED and the Entry Vector May be Surprising
Corporate America is Being ATTACKED and the Entry Vector May be Surprising
 
Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]
 

En vedette

A secure communication in smart phones using two factor authentication
A secure communication in smart phones using two factor authenticationA secure communication in smart phones using two factor authentication
A secure communication in smart phones using two factor authenticationeSAT Journals
 
Security Compliance Web Application Risk Management
Security Compliance Web Application Risk ManagementSecurity Compliance Web Application Risk Management
Security Compliance Web Application Risk ManagementMarco Morana
 
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...Ingram Micro Cloud
 
Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingPriyanka Aash
 
PCI DSS and Logging: What You Need To Know by Dr. Anton Chuvakin
PCI DSS and Logging: What You Need To Know by Dr. Anton ChuvakinPCI DSS and Logging: What You Need To Know by Dr. Anton Chuvakin
PCI DSS and Logging: What You Need To Know by Dr. Anton ChuvakinAnton Chuvakin
 
Symantec Mobile Security Whitepaper June 2011
Symantec Mobile Security Whitepaper June 2011Symantec Mobile Security Whitepaper June 2011
Symantec Mobile Security Whitepaper June 2011Symantec
 
Data-Driven DevOps: Mining Machine Data for 'Metrics that Matter' in a DevOps...
Data-Driven DevOps: Mining Machine Data for 'Metrics that Matter' in a DevOps...Data-Driven DevOps: Mining Machine Data for 'Metrics that Matter' in a DevOps...
Data-Driven DevOps: Mining Machine Data for 'Metrics that Matter' in a DevOps...Splunk
 
Info Security - Vulnerability Assessment
Info Security - Vulnerability AssessmentInfo Security - Vulnerability Assessment
Info Security - Vulnerability AssessmentMarcelo Silva
 
Static Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and YouStatic Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and YouKevin Fealey
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control PresentationWajahat Rajab
 
neural network
neural networkneural network
neural networkSTUDENT
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Security
 
Neural network & its applications
Neural network & its applications Neural network & its applications
Neural network & its applications Ahmed_hashmi
 
Mobile security... The next challenge
Mobile security... The next challengeMobile security... The next challenge
Mobile security... The next challengeB.A.
 

En vedette (16)

A secure communication in smart phones using two factor authentication
A secure communication in smart phones using two factor authenticationA secure communication in smart phones using two factor authentication
A secure communication in smart phones using two factor authentication
 
Security Compliance Web Application Risk Management
Security Compliance Web Application Risk ManagementSecurity Compliance Web Application Risk Management
Security Compliance Web Application Risk Management
 
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...
 
Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat Modelling
 
PCI DSS and Logging: What You Need To Know by Dr. Anton Chuvakin
PCI DSS and Logging: What You Need To Know by Dr. Anton ChuvakinPCI DSS and Logging: What You Need To Know by Dr. Anton Chuvakin
PCI DSS and Logging: What You Need To Know by Dr. Anton Chuvakin
 
Symantec Mobile Security Whitepaper June 2011
Symantec Mobile Security Whitepaper June 2011Symantec Mobile Security Whitepaper June 2011
Symantec Mobile Security Whitepaper June 2011
 
Data-Driven DevOps: Mining Machine Data for 'Metrics that Matter' in a DevOps...
Data-Driven DevOps: Mining Machine Data for 'Metrics that Matter' in a DevOps...Data-Driven DevOps: Mining Machine Data for 'Metrics that Matter' in a DevOps...
Data-Driven DevOps: Mining Machine Data for 'Metrics that Matter' in a DevOps...
 
Info Security - Vulnerability Assessment
Info Security - Vulnerability AssessmentInfo Security - Vulnerability Assessment
Info Security - Vulnerability Assessment
 
Static Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and YouStatic Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and You
 
Email security
Email securityEmail security
Email security
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control Presentation
 
Email
EmailEmail
Email
 
neural network
neural networkneural network
neural network
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security Overview
 
Neural network & its applications
Neural network & its applications Neural network & its applications
Neural network & its applications
 
Mobile security... The next challenge
Mobile security... The next challengeMobile security... The next challenge
Mobile security... The next challenge
 

Similaire à Mobile Device Security

Windows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best PracticesWindows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best PracticesJohn Rhoton
 
Concentris Systems Overview
Concentris Systems OverviewConcentris Systems Overview
Concentris Systems Overviewlgalluzi
 
Alvarion Wi Mesh Wi2 Presentation
Alvarion Wi Mesh Wi2 PresentationAlvarion Wi Mesh Wi2 Presentation
Alvarion Wi Mesh Wi2 PresentationMonark Goel
 
System Center Mobile Device Manager
System Center Mobile Device ManagerSystem Center Mobile Device Manager
System Center Mobile Device ManagerJohn Rhoton
 
Wireless Security and Mobile DevicesChapter 12Princi.docx
Wireless Security and Mobile DevicesChapter 12Princi.docxWireless Security and Mobile DevicesChapter 12Princi.docx
Wireless Security and Mobile DevicesChapter 12Princi.docxadolphoyonker
 
Wifi Security for SOHOs: Cyberoam UTM CR15wi
Wifi Security for SOHOs: Cyberoam UTM CR15wiWifi Security for SOHOs: Cyberoam UTM CR15wi
Wifi Security for SOHOs: Cyberoam UTM CR15winiravmahida
 
wireless lan security.ppt
wireless lan security.pptwireless lan security.ppt
wireless lan security.pptSagarBedarkar3
 
PLNOG16: When and Why use Fortinet Infrastructure Wireless solution, Brian An...
PLNOG16: When and Why use Fortinet Infrastructure Wireless solution, Brian An...PLNOG16: When and Why use Fortinet Infrastructure Wireless solution, Brian An...
PLNOG16: When and Why use Fortinet Infrastructure Wireless solution, Brian An...PROIDEA
 
Wireless LAN Deployment Best Practices
Wireless LAN Deployment Best PracticesWireless LAN Deployment Best Practices
Wireless LAN Deployment Best PracticesMichael Boman
 
Wireless Device and Network level security
Wireless Device and Network level securityWireless Device and Network level security
Wireless Device and Network level securityChetan Kumar S
 
1.3-IoT Security Technologies (1).pdf
1.3-IoT Security Technologies (1).pdf1.3-IoT Security Technologies (1).pdf
1.3-IoT Security Technologies (1).pdfTouhemiJamel
 
CNG 256 wireless wi-fi and bluetooth
CNG 256 wireless wi-fi and bluetoothCNG 256 wireless wi-fi and bluetooth
CNG 256 wireless wi-fi and bluetoothFrank Victory
 
Introduction To Networking
Introduction To NetworkingIntroduction To Networking
Introduction To Networkingtsmithnasd
 
12 Understanding V P Ns
12 Understanding V P Ns12 Understanding V P Ns
12 Understanding V P NsAamirAziz
 
Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Rishabh Dangwal
 
Acit Mumbai - understanding vpns
Acit Mumbai - understanding vpnsAcit Mumbai - understanding vpns
Acit Mumbai - understanding vpnsSleek International
 
Secure Communications
Secure CommunicationsSecure Communications
Secure Communicationschriscavallo
 

Similaire à Mobile Device Security (20)

Windows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best PracticesWindows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best Practices
 
Concentris Systems Overview
Concentris Systems OverviewConcentris Systems Overview
Concentris Systems Overview
 
Alvarion Wi Mesh Wi2 Presentation
Alvarion Wi Mesh Wi2 PresentationAlvarion Wi Mesh Wi2 Presentation
Alvarion Wi Mesh Wi2 Presentation
 
System Center Mobile Device Manager
System Center Mobile Device ManagerSystem Center Mobile Device Manager
System Center Mobile Device Manager
 
Wireless Security and Mobile DevicesChapter 12Princi.docx
Wireless Security and Mobile DevicesChapter 12Princi.docxWireless Security and Mobile DevicesChapter 12Princi.docx
Wireless Security and Mobile DevicesChapter 12Princi.docx
 
Accessing remote networks
Accessing remote networksAccessing remote networks
Accessing remote networks
 
Wifi Security for SOHOs: Cyberoam UTM CR15wi
Wifi Security for SOHOs: Cyberoam UTM CR15wiWifi Security for SOHOs: Cyberoam UTM CR15wi
Wifi Security for SOHOs: Cyberoam UTM CR15wi
 
Wi Fi Technology
Wi Fi TechnologyWi Fi Technology
Wi Fi Technology
 
wireless lan security.ppt
wireless lan security.pptwireless lan security.ppt
wireless lan security.ppt
 
Ruckus brief customer_Medley
Ruckus brief customer_MedleyRuckus brief customer_Medley
Ruckus brief customer_Medley
 
PLNOG16: When and Why use Fortinet Infrastructure Wireless solution, Brian An...
PLNOG16: When and Why use Fortinet Infrastructure Wireless solution, Brian An...PLNOG16: When and Why use Fortinet Infrastructure Wireless solution, Brian An...
PLNOG16: When and Why use Fortinet Infrastructure Wireless solution, Brian An...
 
Wireless LAN Deployment Best Practices
Wireless LAN Deployment Best PracticesWireless LAN Deployment Best Practices
Wireless LAN Deployment Best Practices
 
Wireless Device and Network level security
Wireless Device and Network level securityWireless Device and Network level security
Wireless Device and Network level security
 
1.3-IoT Security Technologies (1).pdf
1.3-IoT Security Technologies (1).pdf1.3-IoT Security Technologies (1).pdf
1.3-IoT Security Technologies (1).pdf
 
CNG 256 wireless wi-fi and bluetooth
CNG 256 wireless wi-fi and bluetoothCNG 256 wireless wi-fi and bluetooth
CNG 256 wireless wi-fi and bluetooth
 
Introduction To Networking
Introduction To NetworkingIntroduction To Networking
Introduction To Networking
 
12 Understanding V P Ns
12 Understanding V P Ns12 Understanding V P Ns
12 Understanding V P Ns
 
Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...
 
Acit Mumbai - understanding vpns
Acit Mumbai - understanding vpnsAcit Mumbai - understanding vpns
Acit Mumbai - understanding vpns
 
Secure Communications
Secure CommunicationsSecure Communications
Secure Communications
 

Plus de John Rhoton

Cloud Computing: New Approaches for Security
Cloud Computing: New Approaches for SecurityCloud Computing: New Approaches for Security
Cloud Computing: New Approaches for SecurityJohn Rhoton
 
Cloud Computing 2013: Status and Trends
Cloud Computing 2013: Status and TrendsCloud Computing 2013: Status and Trends
Cloud Computing 2013: Status and TrendsJohn Rhoton
 
Cloud Deployment Strategy: Challenges to consider
Cloud Deployment Strategy: Challenges to considerCloud Deployment Strategy: Challenges to consider
Cloud Deployment Strategy: Challenges to considerJohn Rhoton
 
Cloud Computing Challenges - Beamap
Cloud Computing Challenges - BeamapCloud Computing Challenges - Beamap
Cloud Computing Challenges - BeamapJohn Rhoton
 
Business Perspectives on Cloud Computing
Business Perspectives on Cloud ComputingBusiness Perspectives on Cloud Computing
Business Perspectives on Cloud ComputingJohn Rhoton
 
Cloud Computing Explained: Guide to Enterprise Implementation
Cloud Computing Explained: Guide to Enterprise ImplementationCloud Computing Explained: Guide to Enterprise Implementation
Cloud Computing Explained: Guide to Enterprise ImplementationJohn Rhoton
 
Optimizing Cloud Computing with IPv6
Optimizing Cloud Computing with IPv6Optimizing Cloud Computing with IPv6
Optimizing Cloud Computing with IPv6John Rhoton
 
Securing Cloud Services
Securing Cloud ServicesSecuring Cloud Services
Securing Cloud ServicesJohn Rhoton
 
Clouds in the Enterprise
Clouds in the EnterpriseClouds in the Enterprise
Clouds in the EnterpriseJohn Rhoton
 
Enterprise Preparation for IPv6
Enterprise Preparation for IPv6Enterprise Preparation for IPv6
Enterprise Preparation for IPv6John Rhoton
 
Unauthorized Wireless Network Connections
Unauthorized Wireless Network ConnectionsUnauthorized Wireless Network Connections
Unauthorized Wireless Network ConnectionsJohn Rhoton
 
ISSE Mobile Device Policy Enforcement
ISSE Mobile Device Policy EnforcementISSE Mobile Device Policy Enforcement
ISSE Mobile Device Policy EnforcementJohn Rhoton
 
RSA - WLAN Hacking
RSA - WLAN HackingRSA - WLAN Hacking
RSA - WLAN HackingJohn Rhoton
 
Cloud Computing: Hindernisse und Chancen für Großunternehmen
Cloud Computing: Hindernisse und Chancen für GroßunternehmenCloud Computing: Hindernisse und Chancen für Großunternehmen
Cloud Computing: Hindernisse und Chancen für GroßunternehmenJohn Rhoton
 
Peer-based Enterprise Document Workflow
Peer-based Enterprise Document WorkflowPeer-based Enterprise Document Workflow
Peer-based Enterprise Document WorkflowJohn Rhoton
 
A Critical Analysis of Microsoft Data Protection Solutions
A Critical Analysis of Microsoft Data Protection SolutionsA Critical Analysis of Microsoft Data Protection Solutions
A Critical Analysis of Microsoft Data Protection SolutionsJohn Rhoton
 
IPv6 for the Enterprise
IPv6 for the EnterpriseIPv6 for the Enterprise
IPv6 for the EnterpriseJohn Rhoton
 
Mobile Device Management
Mobile Device ManagementMobile Device Management
Mobile Device ManagementJohn Rhoton
 

Plus de John Rhoton (18)

Cloud Computing: New Approaches for Security
Cloud Computing: New Approaches for SecurityCloud Computing: New Approaches for Security
Cloud Computing: New Approaches for Security
 
Cloud Computing 2013: Status and Trends
Cloud Computing 2013: Status and TrendsCloud Computing 2013: Status and Trends
Cloud Computing 2013: Status and Trends
 
Cloud Deployment Strategy: Challenges to consider
Cloud Deployment Strategy: Challenges to considerCloud Deployment Strategy: Challenges to consider
Cloud Deployment Strategy: Challenges to consider
 
Cloud Computing Challenges - Beamap
Cloud Computing Challenges - BeamapCloud Computing Challenges - Beamap
Cloud Computing Challenges - Beamap
 
Business Perspectives on Cloud Computing
Business Perspectives on Cloud ComputingBusiness Perspectives on Cloud Computing
Business Perspectives on Cloud Computing
 
Cloud Computing Explained: Guide to Enterprise Implementation
Cloud Computing Explained: Guide to Enterprise ImplementationCloud Computing Explained: Guide to Enterprise Implementation
Cloud Computing Explained: Guide to Enterprise Implementation
 
Optimizing Cloud Computing with IPv6
Optimizing Cloud Computing with IPv6Optimizing Cloud Computing with IPv6
Optimizing Cloud Computing with IPv6
 
Securing Cloud Services
Securing Cloud ServicesSecuring Cloud Services
Securing Cloud Services
 
Clouds in the Enterprise
Clouds in the EnterpriseClouds in the Enterprise
Clouds in the Enterprise
 
Enterprise Preparation for IPv6
Enterprise Preparation for IPv6Enterprise Preparation for IPv6
Enterprise Preparation for IPv6
 
Unauthorized Wireless Network Connections
Unauthorized Wireless Network ConnectionsUnauthorized Wireless Network Connections
Unauthorized Wireless Network Connections
 
ISSE Mobile Device Policy Enforcement
ISSE Mobile Device Policy EnforcementISSE Mobile Device Policy Enforcement
ISSE Mobile Device Policy Enforcement
 
RSA - WLAN Hacking
RSA - WLAN HackingRSA - WLAN Hacking
RSA - WLAN Hacking
 
Cloud Computing: Hindernisse und Chancen für Großunternehmen
Cloud Computing: Hindernisse und Chancen für GroßunternehmenCloud Computing: Hindernisse und Chancen für Großunternehmen
Cloud Computing: Hindernisse und Chancen für Großunternehmen
 
Peer-based Enterprise Document Workflow
Peer-based Enterprise Document WorkflowPeer-based Enterprise Document Workflow
Peer-based Enterprise Document Workflow
 
A Critical Analysis of Microsoft Data Protection Solutions
A Critical Analysis of Microsoft Data Protection SolutionsA Critical Analysis of Microsoft Data Protection Solutions
A Critical Analysis of Microsoft Data Protection Solutions
 
IPv6 for the Enterprise
IPv6 for the EnterpriseIPv6 for the Enterprise
IPv6 for the Enterprise
 
Mobile Device Management
Mobile Device ManagementMobile Device Management
Mobile Device Management
 

Dernier

Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 

Dernier (20)

Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 

Mobile Device Security

  • 1. Mobile Device Security John Rhoton Hewlett Packard [email_address]
  • 2.
  • 4. Where is confidential data most vulnerable? Source: ESG Research Report
  • 5. Facets of Mobile Security management devices air transmissions PAN LAN WAN public networks private networks applications mobility wireless traditional security 1 2 3 VPN 4
  • 6.
  • 8.
  • 9.
  • 10.
  • 11.
  • 13.
  • 14.
  • 16.
  • 18. Needs determine security SSID MAC Filter WEP WPA/802.11i
  • 19.
  • 20.
  • 21.
  • 22. Bringing the “War” to War Driving
  • 23.
  • 24.
  • 25. Wireless LAN security evolution 1999 2003 2005+ WEP WPA 802.11i / WPA2 Timeline Privacy: 40 bit RC4 with 24 bit IV Auth: SSID and Shared key Integrity: CRC Privacy: Per packet keying (RC4) with 48 bit IV Auth: 802.1x+ EAP Integrity: MIC Privacy: AES Auth: 802.1x+ EAP Integrity: MIC Security
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.
  • 32.
  • 33. Multiple interfaces maximize flexibility 1 1 2 2 4 PAN Zone WLAN Zone 3G Zone GPRS Zone Surfing: Person 1 improves bandwidth by moving into a 3G area MP3 Download: Person 2 saves time and money by scheduling the download in a public WLAN hotspot Peer-to-peer: Person 3 sends an MP3 file over a Bluetooth link free of charge to Person 4 3 Satellite Zone At sea: Person 5 maintains coverage via satellite after leaving GPRS range 5 5 Columbitech Birdstep Ecutel
  • 34. Unauthorized Wireless Bridge Prevented through Policy
  • 36.
  • 37. Credant OTA Sync Control Exchange 2003 Local ActiveSync HANDHELD App Servers Provides automatic network detection and remediation of mobile devices attempting to synchronize with Microsoft Exchange Gatekeeper Local Gatekeeper can detect devices which sync via local connection Internet Server ActiveSync Exchange Server OTA Sync Control OTA Sync Control detects devices which sync via Server Activesync. Based on ISAPI extension
  • 38.
  • 39.
  • 40.
  • 41.
  • 42. Questions? Contact me at: john.rhoton@hp.com
  • 43.

Notes de l'éditeur

  1. Microsoft ASP.NET Connections Updates will be available at http://www.devconnections.com/updates/LasVegas _06/ASP_Connections