Premium Essay

Case Study: Mobile Device Security and Other Threats

In:

Submitted By Naseem126
Words 1993
Pages 8
Case Study: Mobile Device Security and Other Threats
Strayer University

Authors Note
This paper was prepared for CIS 502 – Theories of Security Management

Abstract Mobile communication and computing devices are integral part of today’s business. This provides the executives the opportunity to work from virtually anywhere anytime and became one of the most valuable tools to make business communications. However, due to the nature and size of the device and communication methods, the devices are prone to be lost or compromised and can fall into the hands of unauthorized persons, which makes these devices a very big security concern for the businesses. In this paper the nature of IT related threats faced in 2014 are discussed along with the security issues of mobile devices.

a) Security threats presented within the “Security Threat Report 2014” report:

The security report of Sophos (Security Threat Report 2014 Smarter, Shadier, Stealthier Malware. (n.d.). Retrieved August 19, 2014, from https://blackboard.strayer.edu/bbcswebdav/institution/CIS/502/1144/Week8/sophos-security-threat-report-2014.pdf) highlights the emerging security risks in the world. It the report, they have identified the following concerns for 2014: a. More efficient Botnets: The botnets become more resilient and stealth by the year 2014. Along with many known attributes, the sharing and copying botnet codes have resulted in emerging new botnets which are being used for various attacks all over the world. Also the botnets managers are creating new codes to overcome the counter measures prepared by the antivirus companies and making their botnet more resilient from known security measures. b. Android Malware: Android devices are now enjoying more than 70% of smartphone market share. This caused the OS to become a lucrative target for the cyber attackers. As the

Similar Documents

Premium Essay

Mobile Security Threats

... Computer Science University of Venda 2014 ABSTRACT We live in a digital era where communication, information sharing and even business transactions is exchanged on mobile devices such as laptop computers, palmtops, tablet computers, smartphones and cell phones. The new age group of young people have never known a life without a mobile device with internet capabilities. Mobile Devices are an integral part of personal and social lives it is only logical that users should have awareness of security during the use of mobile devices. Individuals and organisations have both been beneficiaries on the rapid expansion of information and communication technologies (ICTs). Inevitably however, these offerings by mobile devices also bring about security vulnerabilities which users in Thohoyandou are not aware of. According to Lookout principal security analyst Marc Rogers, 2013, following simple precautions like sticking to the Google Play Store can ensure the security of a mobile device. This is rather not always the case as hackers and crackers make use of trustful applications to distribute malware. This study intends to outline security vulnerabilities and deliver clear recommendations on essential security technologies and practices to help mobile device users in Thohoyandou. Correct misconceptions or myths in order to bring about changes in attitudes and usage behaviour. INTRODUCTION The internet has transformed South Africa in just...

Words: 2908 - Pages: 12

Premium Essay

Mobile Devices

...Case I Study: Mobile Devices Ditty A. Kone Dr. Alaba Oluyomi CIS 333 Networking Security Fundamentals April 17, 2012 Case I Study: Mobile Devices Ditty A. Kone Dr. Alaba Oluyomi CIS 333 Networking Security Fundamentals April 17, 2012 Nowadays, wireless communication and devices are very flexible, convenient, and easy to use everywhere. With the introduction of wireless local area network (WLAN) many users find it very flexible to move laptops from one place to another within the office while maintaining connectivity with the network, sharing data and applications with network system and other users with compatible devices without been tied to printer cables and other peripheral device connection. This is very important in a doctor’s office because patients and doctors move from room to room depends on the type of test they are doing. Risks inherent in the use of wireless and mobile technologies Having mobile device makes it easier for them to do their jobs easier and it can even help cut wiring costs. In the other hand there are many risks inherent in using wireless and mobile technologies. Each wireless device, such as a laptop or PDA, that is equipped with a wireless card and is turned on is constantly sending out signals called "probes," indicating that it is seeking to "hook up" with a nearby access point. This probe automatically detects the nearest access point, called a hot spot. A screen is then displayed to instruct the user on how to...

Words: 789 - Pages: 4

Premium Essay

Cybersecurity

...Cyber Security by American Military University Professor Derrick Thomas June 22, 2014 Cyber security is a difficulty that everyone faces in today’s society. It is defined in a variety of ways by many. One definition is that cyber security focuses on protecting computer networks, systems, data, and programs from unwanted access. Cyber security is sometimes referred to as information security, information network security, cyberspace security, or even computer security. There are many viewpoints by highly educated people on cyber security but the purpose of this paper is to tell my viewpoint on the subject. Every aspect of a persons life has some sort of cyber dimension. People paying for bills online, cloud computing, and even online gaming. This year in 2014, everyone is bombarded with news headlines that say cyber threats are up. Many of these headlines always include some kind of phishing attack trying to steal someones identity, a hacker that breached the network of a company, a new technique that attacks mobile devices like smart phones, or a government trying to monitor and take secrets from another government!!br0ken!! The concern for cyber security is now a real-world concern globally. The concern over cyber security is what is driving the governments worldwide to make it priority one on their list's now. This is so, because technology is growing at a very fast and continuous pace. The technology field itself is very vast and has much variety. Cyber security in...

Words: 4041 - Pages: 17

Premium Essay

Cloud

...STRAYER UNIVERSITY Mobile Devices Security Week 7 Case Study Professor Gideon Nwatu CIS 502 – Theories of Security Management May 26, 2013 Mobile Devices Security 1. Describe the emerging cyber-security issues and vulnerabilities presented in the “Emerging Cyber Threats 2012” report. Emerging cyber-security issues and vulnerabilities presented in the “Emerging Cyber Threats 2012” report focused on mobile devices. The surge of mobile devices in all facets of human endeavors and its lack of adequate security highlighted the report. According to the report, emerging cyber-security issues that make mobile devices vulnerable are; * In order to improve usability for mobile devices, their applications depend on the browser, which presents exceptional challenges to security. Perfectly legitimate-looking images can hide a malicious link that, when touched, could give an attacker the capacity to spy or steal data. * Attacks target the use of SMS, e-mail and the mobile Web browser by mobile devices to launch an attack and steal data. * Increasingly, mobile devices are being used as storage devices just as USB flash drives and have therefore become the ideal medium to spread malware to protected systems. 2. Analyze vulnerabilities of mobile devices in regard to usability and scale based on your research and suggest methods to mitigate the vulnerabilities of mobile devices. Due to the fact that mobile devices are increasingly being used in the...

Words: 1994 - Pages: 8

Premium Essay

Upgrade Internet Edge

...Technical Writing Project Cover Sheet Capstone Proposal Project Name: Upgrading ABC Inc. Internet Edge Student Name: Michael Wakefield Degree Program: Bachelor of Science IT-Security Mentor Name: Signature Block Student’s Signature Mentor’s Signature Table of Contents Capstone Proposal Summary 1 Review of Other Work 8 Rationale and Systems Analysis 16 Goals and Objectives 22 Project Deliverables 26 Project Plan and Timelines 27 References 28 Appendix 1: Competency Matrix 4 Capstone Proposal Summary Internet of Everything (IoE) and “Big Data” equates to competitive advantages to the modern business landscape. Numerous white papers are circulating on the Internet highlighting the business case supporting the IoE initiative. For instance, in a white paper conducted by Cisco Inc. on the Value Index of IoE in 2013 reported the following: In February 2013, Cisco released a study predicting that $14.4 trillion of value (net profit) will be at stake globally over the next decade, driven by connecting the unconnected –people-to-people (P2P), machine-to-people (M2P), and machine-to-machine (M2M) - via the Internet of Everything (IoE). Cisco defines the Internet of Everything as the networked connection of people, process, data, and things. The IoE creates new “capabilities, richer experiences, and unprecedented economic opportunity for businesses, individuals, and countries” (The Internet of Everything, Cisco, Inc. 2014). With such a...

Words: 5523 - Pages: 23

Premium Essay

The Information Security Challenges and Threats of Private Banks: Evidence from Bangladesh.

...The Information Security Challenges and Threats of Private Banks: Evidence From Bangladesh. Submitted To: Abul Khayer Lecturer Department of International Business University of Dhaka Submitted By: Raju Ahmed (Id no. 5) Lima Nath (Id no. 19) Tanzin Ara (Id no. 26) Zuairiyah Mouli (Id no. 43) Syed Arman Ali (Id no. 57) Department of International Business (3rd Batch) University of Dhaka Letter of Transmittal 3rd november, 2013 Abul khayer Lecturer Department of International Business University of Dhaka Sir, This is to inform you that the report on “The information security challenges and threats of private Banks: evidence from Bangladesh” that you assigned us to prepare has been submitted already. We have tried our best to disscuss the findings. Hope our report will fulfill the purpose and encourage us to do further. We express our gratitude to you for your guidance and we hope that this report will fulfill your requirements. Any short of suggestion regarding this report will be greatly acknowledged and we will feel proud if our paper serves its purpose. Sincerely Yours, Raju Ahmed (Id no. 5) Lima Nath (Id no. 19) Tanzin Ara (Id no. 26) Zuairiyah Mouli (Id no. 43) Syed Arman Ali (Id no. 57) Department of International Business (3rd Batch) University of Dhaka Table of Contents Abstract 4 Executive summary 5 1. Introduction 6 2. Literature Review 7 3. Research Objectives 9 4. Methodology...

Words: 5178 - Pages: 21

Premium Essay

Wireless Devices

...TM 562: Wireless Devices and Applications Table of Contents Introduction 1 Background about Smartphones 1 Defined Smartphone 1 Different applications on a Smartphone 1 Problem Statement 3 Security Risks 3 Analysis 4 Viruses 4 Threats 5 Recommended Solution and Implementation 6 6 6 References 7 Introduction Statement If you've ever wondered exactly what a smartphone is, well, you're not alone. How is a smartphone different than a cell phone, what makes it so smart, and how secure is the device? Firstly, IBM designed the first smartphone in 1992. It was called Simon. The smartphone was presented that year as a concept device in Las Vegas at the computer industry trade show known as COMDEX. The first cell phone, on the other hand, was demonstrated 19 years before the first smartphone (Wikipedia). Smartphones are phones that provide a new genre of application than the standard cell phone. They provide phone plus Internet connectivity and storage, text and multimedia, and multi-tasking. In a nutshell, a smartphone is a device that lets you make telephone calls, but also adds in features that you might find on a personal digital assistant or a computer, such as the ability to send and receive e-mail, scheduling and contact management software, edit Office documents, as well as a built-in camera and mp3 capabilities. However, with the access to the Internet the phone is now subjected to more security issues. If a person can hack the...

Words: 2102 - Pages: 9

Premium Essay

Visual Data Security

...Visual Data Security White Paper Brian Honan, BH Consulting July 2012 1 Introduction Welcome to Secure’s White Paper on Visual Data Security. As data gets ever more versatile and mobile, we want to make sure that individuals, businesses, organisations and governments across Europe are aware of the threats posed by visual data security breaches. Simply put, visual data security is ensuring that information cannot be seen by unauthorised individuals. This is particularly important when dealing with private or sensitive information, and the threat of a breach has risen enormously with the shift in working practices towards increased mobility, flexibility and shared resources. This White Paper has been commissioned to give some background to visual data security and provide simple, easy to follow advice on how to prevent a breach and protect individuals’ personal data and organisations’ commercially sensitive information. It’s not about constraining people’s working habits or holding back the tide, but about embracing new trends and empowering employers and employees to take small steps to work in a safe and secure manner. By promoting a greater understanding of these risks and the behavioural and practical procedures that can be adopted to reduce them, we hope to enhance data security across the continent. We hope you find the Paper of interest. For any further information please don’t hesitate to contact us on info@visualdatasecurity.eu. Happy reading and stay secure...

Words: 4506 - Pages: 19

Premium Essay

Mobile Application Security

...SECURING A MOBILE WORLD Introduction Today’s smartphones and tablets are more than communication devices. They are hip-mounted personal computers, with more memory and processing power than your laptop of just a few years ago. They are an integrated part of our lives… personal and professional. The information they provide is so vital that the Army is piloting their use as standard field issue to every soldier, complete with combat-focused applications [1]. However, smartphones and tablets raise new security issues. They are more likely to be lost or stolen, exposing sensitive data. Malware risks are increased because they connect to the Internet directly rather than from behind corporate firewalls and intrusion-protection systems. Security of mobile devices focuses on controlling access through the use of device locks and hardware data encryption. While this may be sufficient for individual users, it is insufficient for defense needs. Many documented examples exist of hacking of the device lock, as well as defeats of the hardware-level encryption. Once the device is unlocked, there is generally unfettered access to all apps and their associated data. Military applications require additional application-level access controls to provide data security. Unfortunately, there are gaps in the application-level security model of the two predominant mobile operating systems: iOS from Apple and Google Android. Our ongoing research1 looks to address these gaps by developing innovative...

Words: 4009 - Pages: 17

Premium Essay

Citizen Participation of E-Government

...e-signature software are as valid and binding as traditional pen-and-paper documents. E-signatures have been upheld in numerous court cases and, in many situations, prove to be more defensible than pen signatures. This legal strength is due to the robust authentication data captured by online signature software, which provides digital evidence of who signed a document, as well as when, where, and how they did it. Electronic Signatures in Global and National Commerce Act (U.S) The E-SIGN Act, passed by Congress in June, 2000, is the premier federal law ensuring the legality of documents executed with e-signatures in the United States. The E-SIGN Act states that contracts with electronic signatures may not be denied legal effect or ruled unenforceable because they were created digitally. Uniform Electronic Transactions Act (U.S.) The National Conference of Commissioners of Uniform State Laws developed the UETA in order to bring consistency to potentially varying state laws regarding e-signatures and online document execution. Now adopted by 47 states thus far, the UETA works in unison with the federal E-SIGN Act to protect the legal enforceability of electronic contracts. Personal Information Protection and Electronic Documents Act (Canada) Canada’s PIPEDA specifies how businesses must handle consumer data to ensure privacy and security. The PIPEDA law is designed to clarify the legality and create the framework for efficient e-commerce, including e-signatures, and in...

Words: 8599 - Pages: 35

Free Essay

Technology Project

...NET 210 WAN TECHNOLOGY PROJECT ANALYSIS ON HOW TO SECURE REMOTE ACCESS FOR ENTERPRISE NETWORK SYSTEM Submitted to: Jacky Chao Min By: MARTHE M. NSABA 300682552 TABLE OF CONTENTS INTRODUCTION | 3 - 6 | PROTECTION OF CPE DEVICES | 7 - 9 | SECURE REMOTE ACCESS THROUGH DIFFERENT AUTHENTICATION | 10 - 15 | SECURE REMOTE ACCESS FOR MOBILE UTILIZATION | 16 - 17 | BIBIOGRAPHY | 18 | INTRODUCTION In this developing environment, we note that varying business utilise different kinds of networks according to the business structures and policies, so managing access to all those networks can be complicated and security threatening. It is a key objective that for an enterprise to operate efficiently, its accessibility should be unlimited and this is when remote access is introduced. As the volume of enterprise information and data is increasing exponentially, it is an expectation that this data is easily accessed and shared among each other. To enable this, smarter network access called Remote access was introduced to deliver various degrees of data efficiently through mobile devices, applications and machines in order to stimulate productivity. There are three main types of remote access, namely Basic, Advances and Enterprise. In this paper, we will focus on Enterprise Remote access. Some of the advantages of Enterprise Remote access are; Increased high availability required for different and high volume application Remote access maintains and controls...

Words: 3060 - Pages: 13

Free Essay

Web Quality

...Quality Attributes in mobile Web Application Development Axel Spriestersbach 1, Thomas Springer2 1 SAP-AG, Corporate Research, Germany axel.spriestersbach@sap.com 2 Dresden University of Technology, Germany springet@rn.inf.tu-dresden.de Abstract: This paper deals with a quality model for mobile web applications. The paper describes typical challenges in the development of mobile web application and decomposes the challenges into the quality of the ISO 9126 quality standard. This leads to an adjusted ISO model that focuses on those quality features that are important in order to assure the quality of mobile web applications. The proposed model may be used for analyzing the quality factors of mobile web applications, expert evaluation checklists and may be used for quality based content adaptation. Finally, the paper shows that challenges in mobile web application development may be solved by applying quality insurance methods to the development of those applications. Introduction The mobile Internet promised comparable flexibility and cost efficiency to the normal web. However, experiences indicate that the development of mobile web applications needs to consider special challenges in the areas of usability, development efficiency and runtime consideration. The major challenge of mobile application development is the heterogeneity of mobile devices and web browsers installed on the devices. The differences in the form factors and input capabilities strongly influence...

Words: 3672 - Pages: 15

Premium Essay

Wgu Itsecurity Capstone

...Student Name: Michael Wakefield Degree Program: BS- IT Security Mentor Name: Dave Huff Signature Block Student’s Signature Mentor’s Signature Table of Contents Capstone Summary 3 Review of Other Work 13 Rationale and Systems Analysis 19 Goals and Objectives 25 Project Deliverables 28 Project Plan and Timelines 30 Project Development…………………………………………………………………………………………………………………………….31 Additional Deliverables………………………………………………………………………………………………………………………….35 Conclusion…………………………………………………………………………………………………………………………………………….35 References 37 Appendix 1: Competency Matrix 38 Appendix 2: Cisco ASA 5555-X Firewall Specifications…………………………………………………………….40 Appendix 3: ABC Inc. Project Schedule…………………………………………………………………………………….44 Appendix 4: High-Availability Design Screenshots……………………………………………………………………45 Appendix 5: Screenshots of inside to outside access; outside to DMZ access; NAT rules and configurations; and performance graphs and performance results….........................................51 Capstone Report Summary Internet of Everything (IoE) and “Big Data” equates to competitive advantages to the modern business landscape. Numerous white papers are circulating on the Internet highlighting the business case supporting the IoE initiative. For instance, in a white paper conducted by Cisco Inc. on the Value Index of IoE in 2013 reported the following: In February 2013, Cisco released a study predicting that $14.4 trillion of value (net profit)...

Words: 9337 - Pages: 38

Premium Essay

Test

...Degree Master of Science in Information Security Assurance January 9, 2014 1 SECURING WI-FI ROGUE ACESS WITHIN AN ENTERPRISE SETTING 2 A1 - Abstract Since 1999 wireless devices have become a necessity in enterprises. While increasing convenience, connectivity, and productivity, they also pose an unprecedented threat to network security guarding, which has literally taken to the airwaves. This paper will deal with vulnerabilities and risks regarding access points (APs) in a wireless network (WLAN) connecting to a wired local area network (LAN) in enterprises. Data for this paper will come from published academic papers, industry publications including white papers and surveys, and industry specialists. It will also include definitions of terms, policy and procedures that affect access points, and current practices regarding rogue APs. A case study will be presented for a fictional enterprise with multiple locations that has standard procedures, policies, and protocols in place, but recent events have questioned their ability to control access points with the discovery of rogue devices hidden in several office locations. Industry warnings about access points span the past thirteen years, and still new articles appear saying similar warnings, with only the solutions evolving with the technology. Suggested solutions will include security literacy regarding APs and their devices and their compliance; security audits to re-evaluate configurations of current...

Words: 18577 - Pages: 75

Free Essay

Voip and Unified Communications Via Wi-Fi Handset

...This paper gives the information on the VOIP-voice over internet protocol which is the technology that is been used for the voice communications by using the different types of the IP based networks in order to deploy the devices of the VOIP users. The VOIP technology is having different types of the security issues in the VOIP and Wi-Fi along with the security measures. This paper will deal with the VOIP technology, unified communications and Wi-Fi handset. Table of contents Chapter 1 Introduction to the research………………………………………………………………6 1.1 Aim 1.2 Objectives 1.3 Introduction 1.4 VOIP deployment 1.5 The threats and attacks in the VoIP System 1.5.1 Spoofing 1.5.2 The interception or eavesdropping 1.5.3 The denial of service 1.5.4 The spam over VoIP Chapter 2 Literature review……………………………………………………………………………10 2.1 The security methods 2.2 Call Setup and VoIP Registration 2.3 The Protocol selection 2.4 The Mobile VOIP 2.5 The VOIP handset 2.6 The IP telephony 2.7 The Protocols of VOIP Chapter 3 Research Methodology……………………………………………………………………….15 3.1 Introduction 3.2 Research methodology chosen 3.3 Qualitative research methodology 3.4 Quantitative research methodology 3.5 Research design: Case study approach 3.6 Case study approach 3.7 Data collection methods 3.8 Primary source of data 3.9 Secondary source of Information 3.10 Ethical issues in the research process 3.11 Methodology selected Chapter 4 Data and Research Analysis………………………………………………………………23 ...

Words: 10967 - Pages: 44