Mobile Security – Smartphones and PDAs Articles
A summary of posts about Mobile Security – Smartphones and PDAs.
Mobile Malware | Wireless Protocol | Threats and Prevention
A simple defense against many forms of malware is to turn off Bluetooth, WiFi, infrared, and otherwireless interfaces until they are needed.
This is particularly important for Bluetooth devices due to the increased risk of encountering mobile malware in crowded settings, such as an airport, sports event, or concert, which offer a target-rich environment for an attack.
Being invisible prevents the device from being scanned and located, and its wireless interface used [..]
Handheld Device – Backup Data & Reduce Data Exposure
Backup Data
Using a handheld device as the sole repository for important information is an invitation for disaster. To protect valuable data residing on a handheld device, a restorable backup of the contents should be done regularly. Data may be synched with a desktop computer as a primary means of backup and also possible dual use. Data includes Personal Information Management data, electronic documents, including photos and music, applications, and network [..]
Mobile Device Security Solutions | Modes of Authentication
Verifying an individual’s claimed identity through user authentication is the first line of defense against unauthorized use of a mobile handheld device. Three basic techniques commonly used to verify identity involve either proof by knowledge (e.g., passwords), proof by possession (e.g., tokens, such as smart cards), or proof by property (e.g., fingerprints). Multiple modes of authentication that involve one or more basic authentication techniques are also a possibility.
Implementing authentication solutions [..]
Mobile | Electronic Tracking | Cloning | Server-Resident Data
Electronic Tracking
Several companies offer location tracking services for registered cell phones to allow the whereabouts of the user to be known by friends and family . It is also touted as a means to track employees’ whereabouts .
Registration can take place quickly, making temporary misplaced devices or unattended devices a possible target. Some tracking services periodically send the phone a notification for the user that monitoring is taking place, and [..]
Mobile – Electronic Eavesdropping
Attempts to access and eavesdrop on transmitted information are another possible threat. The most direct way is to install spy software onto a device to collect and forward information onto another phone or server .
Such applications exist for certain phone models and are commonly advertised as a means to monitor a spouse or child’s activities. The capability to remotely turn on the microphone and listen or record conversations in the [..]
Smartphones and PDAS – Threats
A simple way to consider threats to handheld devices is to compare them with those for desktop computers, which are more familiar to everyone and documented elsewhere. Essentially, the threat profile for handheld devices is a superset of the profile for desktop computers.
The additional threats for cellular handheld devices stem mainly from two sources:
- Their size and portability
- Their available wireless interfaces and associated services.
Size and portability can result in the loss [..]
PDA and Smartphones – Bluetooth Communications
Bluetooth Communications: Bluetooth is a Personal Area Network (PAN) standard that enables wirelessconnections between electronic devices in the 2.4 GHz range over short distances, as an alternative to cables.
Designed to be power efficient, Bluetooth has become a common feature in cell phones. Since wireless communications is inherently insecure, a number of basic security provisions have been defined for this standard to mitigate the risks involved. The three basic security services [..]
Security of Handheld Devices
Maintaining handheld device security requires constant effort, sufficient resources, and vigilance from an organization. Maintaining the security of a handheld device usually involves the following steps [..]
Smartphones | Security Management Practices and Controls
Appropriate management practices are essential to maintaining and operating a secure infrastructure that incorporates smartphones and PDAs. Security practices entail the identification of an organization’s information system assets and the development, documentation, and implementation of policies, procedures, standards, and guidelines that help to ensure the [..]