reflection 3
Implementing Secure Mobile Solutions
Lesson 13
1
Implement Mobile Device Management
Topic 13A
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
2
2
3.5 Given a scenario, implement secure mobile solutions
Syllabus Objectives Covered
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
3
Mobile Device Deployment Models
Bring your own device (BYOD)
Corporate owned, business only (COBO)
Corporate owned, personally-enabled (COPE)
Choose your own device (CYOD)
Virtual desktop infrastructure (VDI)
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
4
Enterprise Mobility Management
Apply security policies to the use of mobile devices in the enterprise
Visibility over use and configuration
Enterprise mobility management (EMM)
Mobile device management (MDM)
Network enrollment
Manage device functions
Mobile application management (MAM)
Install and monitor corporate apps and data
Unified endpoint management (UEM)
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
5
iOS in the Enterprise
App development
Software Development Kit (macOS only)
App Store
Device Enrollment Program
Volume Purchase Program
Developer Enterprise Program
iOS vulnerabilities and patch management
Screenshot used with permission from Microsoft.
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
6
Android in the Enterprise
App stores and developer programs
Android vulnerabilities and patch management
Security Enhanced Android (SEAndroid)
App permissions
Android is a trademark of Google LLC.
Android is a trademark of Google LLC.
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
7
Mobile Access Control Systems
Smartphone authentication
Password
PIN
Swipe pattern
Biometric
Screen lock
Context-aware authentication
Screenshot used with permission from Microsoft.
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
8
Remote Wipe
“Kill switch”
Sets device to factory defaults or clears storage (or storage segment)
Initiated from enterprise management software
Thief might be able to keep device from receiving the wipe command
Screenshot used with permission from Intermedia.
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
9
Full Device Encryption and External Media
iOS device encryption
Secure erase encryption
Data protection
Android device encryption
From version 10, only uses file-level encryption of user data
External media
MicroSD HSM
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
10
Location Services
Geolocation
Location Services
Global Positioning System (GPS)
Indoor Positioning Systems (IPS)
Geofencing to apply location-based policies automatically
Disable on-board camera/video through MDM/EMM controls
GPS tagging
Risks to personal information
Track movements (assist social engineering)
Android is a trademark of Google LLC.
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
11
Application Management
MDM/EMM application use policies
Corporate workspaces
Restricting third-party app stores
Enterprise app development and fulfillment
Sideloading
Screenshot used with permission from Microsoft.
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
12
Content Management
Privately owned but corporate use issues
Data ownership
Privacy
Containerization sets up a corporate workspace segmented from the employee’s private apps and data
Storage segmentation ensures separation of data
Enforcing content management/DLP policies
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
13
13
Rooting and Jailbreaking
Rooting
Principally Android
Custom firmware/ROM
Jailbreaking
Principally iOS
Patched kernel
Tethered jailbreak
Carrier unlocking
Risks to enterprise management
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
14
Mobile Device Management
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
15
Review Activity
Implement Secure Mobile Device Connections
Topic 13B
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
16
16
1.4 Given a scenario, analyze potential indicators associated with network attacks
3.5 Given a scenario, implement secure mobile solutions
Syllabus Objectives Covered
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
17
Cellular and GPS Connection Methods
Disable cellular data if unmonitored or unfiltered
Prevent use for data exfiltration
Attacks on cellular connections
Global Positioning System (GPS)
Screenshot used with permission from Microsoft.
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
18
Wi-Fi and Tethering Connection Methods
Risks from Wi-Fi
Legacy security methods
Open access points
Rogue access points
Personal Area Network (PAN) technologies
Wi-Fi Direct
Ad hoc networks
Soft access point
Wireless mesh networking
Tethering and hotspots
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
19
Bluetooth Connection Methods
Device discovery
Authentication and authorization
Pairing mechanism
Malware and exploits
Bluebourne
Bluejacking
Bluesnarfing
Rogue firmware peripheral devices
Screenshot used with permission from Microsoft.
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
20
Infrared and RFID Connection Methods
Infrared
IR blaster
IR sensor
Radio Frequency ID (RFID)
(Usually) unpowered tags
Transmit when in range of reader
Skimming attack
Encrypt sensitive information
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
21
Near Field Communications and Mobile Payment Services
Near Field Communications (NFC)
Connection configuration/bump
Mobile wallet apps
Eavesdropping/skimming
Denial of service
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
22
USB Connection Methods
USB OTG allows a port to function as a device or hub
USB with malicious firmware might be able to perform an exploit
Spread malware between computers using the device as a vector
Install or run malware to try to compromise the smartphone itself
Juice jacking
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
23
SMS/MMS/RCS and Push Notifications
Short message service (SMS)
Exploits against 2-step verification
Multimedia message service (MMS)
Rich communication services (RCS)
Exploits against handling of attachments or rich formatting
Push notifications
Potential vector for spam, phishing, or hoaxing
Make sure developer account credentials are kept secure
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
24
Firmware Over-the-Air Updates
Baseband updates and radio firmware
Over the Air (OTA) update delivery
Risks from rooted/jailbroken devices
Risks from highly targeted attacks
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
25
Microwave Radio Connection Methods
Backhaul link from cell tower to provider network
Private links between premises
Point-to-point (P2P) microwave
High gain directional antenna
Point-to-multipoint (P2M) microwave
Smaller sectoral antennas
Links multiple sites/mobile subscribers to a single hub
Other types of multipoint
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
26
Secure Mobile Device Connections
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
27
Review Activity
Summary
Lesson 13
CompTIA Security+ Lesson 13 | Copyright © 2020 CompTIA Properties, LLC. All Rights Reserved. | CompTIA.org
28
28