Term
|
Definition
-Cellular -NFC
-WiFi -ANT
-SATCOM -Infrared
-Bluetooth -USB |
|
|
Term
| Mobile Phone Security Risks |
|
Definition
-No Password / PIN
-Unpatched OS or Apps
-Jailbreaking or Rooting
-Unauthorized Applications
-Malware |
|
|
Term
| Methods to Secure Mobile Devices |
|
Definition
-Two factor auth
-Biometric
-Verify and authenticate downloaded apps
-AntiMalware Software
-Firewalls
-Remote disable / Remote wipe
-Encryption |
|
|
Term
| Near Field Communications NFC |
|
Definition
-Contactless payment systems
-3 foot range
-Eavesdropping
-Data corruption / manipulation
-Interception |
|
|
Term
|
Definition
|
|
Term
| Mobile Device Attack Vectors |
|
Definition
-Intercepting Data
-MiTM attacks
-Data Corruption
-ANT+ Gym Equipment
-Infrared
-Bluejacking and Bluesnarfing
-SATCOM |
|
|
Term
|
Definition
-Lost/stolen
-Compromised on Public WiFi
-Asset Tracking
-App Management |
|
|
Term
|
Definition
Policies to be enforced:
-strong passwords
-Lock Screens
-Disable Unneeded services
-App/Software Control |
|
|
Term
| MDM Security Threat Mitigation |
|
Definition
-Full Device Encryption
-Remote Wipe
-GPS Enabled
-MDM Software |
|
|
Term
|
Definition
Authentication
Geo-Tagging
Biometrics
Push Notification Services
Encryption
Key / Credential Management |
|
|
Term
| Key / Credential Management |
|
Definition
-Managing device content, access, and authentication
-Digital Certificates to Authenticate |
|
|
Term
|
Definition
-PKI / Digital Certs
-Enforce password policies
-VPN / Two Factor Auth (RSA) |
|
|
Term
|
Definition
-Tagged with coordinates where it is made
-Pictures and documents
-Security Risk: pinpoint location |
|
|
Term
|
Definition
| Tagging document with Lat, Long, and Alt |
|
|
Term
| Context-Aware Authentication |
|
Definition
Type of two factor Auth (2FA) that provides for a more friction-less experience
-Predefined Rules to determine auth or if a more stringent challenge should be used
-Can be device finger printing, geo-location, geo-fencing, or geo-velocity
-User is denied or required higher level auth |
|
|
Term
| Enforcement and Monitoring |
|
Definition
-Third party app stores
-rooting / jailbreaking
-side loading apps
-Custom firmware
-Carrier unlocking
-Firmware OTA updates
-Camera use
-SMS/MMS
-External Media
-USB or On the go (OTG)
-Microphone
-Policies to control GPS Tagging
-Policies for WiFi direct/ad hoc
-Policy for tethering
-Payment Methods |
|
|
Term
|
Definition
Challenges:
-Monitoring
-Patch Management
-Access to Data |
|
|
Term
| COPE (Corporate Owned Personally Enabled) |
|
Definition
| Bridges Gap between device for corporate owned resources and employees personal tasks |
|
|
Term
| CYOD (Choose Your Own Device) |
|
Definition
| Enables employees to select from a list of company approved choices in mobile devices |
|
|
Term
|
Definition
-Corporate Owned
-VDI thin client to user
-Desktop resides on a server |
|
|
Term
|
Definition
| VDI where desktop stays the way a user configured it |
|
|
Term
|
Definition
| Desktop where the user gets a clean newly installed desktop every time they log in. |
|
|
Term
|
Definition
-Data Ownership
-Support Ownership
-Patch management
-AV MAnagement
-Forensics access to whole device?
-Privacy: What is considered private data? When it is personally owned?
-On boarding / Off boarding policies
-Adherence to Policies
-User Acceptance
-Infrastructure Considerations
-Legal concern acceptable use
-On board cameras or video |
|
|
Term
|
Definition
| A corporate mobile device strategy that requires the user to have their own mobile device |
|
|
Term
|
Definition
| A mobile device strategy that allows personal use of devices owned by the corporate |
|
|
Term
|
Definition
| A mobile device strategy where the corporation owns the equipment and personal use of the device is not allowed. |
|
|
Term
|
Definition
| A mobile device strategy where the corporation would provide the end user with a number of different options for a mobile device, and let the user choose one. |
|
|
Term
|
Definition
| A mobile device strategy that provides remote access to server based infrastructure. Applications are written for that infrastructure and accessed from many types of devices. The apps and data reside on the host. |
|
|
Term
| Windows System File integrity checker |
|
Definition
|
|
Term
|
Definition
|
|
