Mobile Security: A Pocket Guide
()
About this ebook
This pocket guide gives you clear and reliable guidance on how to protect the information contained in your mobile phone. Written by one of the country’s top academic experts on information security, the guide covers such topics as safeguarding data through encryption, establishing a virtual private network (VPN) to create a secure way for your staff to connect to the server on a remote device, and countering the growing threat on mobile platforms of SMS-phishing and malware. Rather than trying to ban the Blackberry, the solution proposed is for organisations to factor mobile devices into their overall information security policy.
Steve Furnell
Professor Steven Furnell is the head of the Centre for Information Security & Network Research at the University of Plymouth. He has been active in security-related research since 1992, and his interests include computer crime, user authentication and security usability. He is the Editor-in-Chief of the journal Information Management & Computer Security, a Fellow and Branch Chair of the British Computer Society (BCS), and a Senior Member of the Institute of Electrical and Electronic Engineers (IEEE).
Related to Mobile Security
Related ebooks
Mobile Security: How to secure, privatize and recover your devices Rating: 5 out of 5 stars5/5Android Forensics: Investigation, Analysis and Mobile Security for Google Android Rating: 3 out of 5 stars3/5Mobile Security and Privacy: Advances, Challenges and Future Research Directions Rating: 5 out of 5 stars5/5Cloud Storage Forensics Rating: 4 out of 5 stars4/5How to Defeat Advanced Malware: New Tools for Protection and Forensics Rating: 0 out of 5 stars0 ratingsMobile Malware Attacks and Defense Rating: 5 out of 5 stars5/5Computer Forensics: A Pocket Guide Rating: 4 out of 5 stars4/5Mastering Mobile Forensics Rating: 0 out of 5 stars0 ratingsThe Little Book of Cybersecurity Rating: 0 out of 5 stars0 ratingsBuilding a Practical Information Security Program Rating: 5 out of 5 stars5/5Virtualization and Forensics: A Digital Forensic Investigator’s Guide to Virtual Environments Rating: 4 out of 5 stars4/5Nmap A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratingsAVIEN Malware Defense Guide for the Enterprise Rating: 0 out of 5 stars0 ratingsContemporary Digital Forensic Investigations of Cloud and Mobile Applications Rating: 0 out of 5 stars0 ratingsEthical Hacking A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratings#HACKED: 10 Practical Cybersecurity Tips to Help Protect Personal or Business Inform Rating: 0 out of 5 stars0 ratingsAsterisk Hacking Rating: 0 out of 5 stars0 ratingsMobile Malware Protection Third Edition Rating: 0 out of 5 stars0 ratingsDigital Forensics A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsHack Proofing XML Rating: 0 out of 5 stars0 ratingsCyber Security Risk Management A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratingsThe Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics Rating: 4 out of 5 stars4/5Certified Ethical Hacker (CEH) Rating: 0 out of 5 stars0 ratingsHacking Web Apps: Detecting and Preventing Web Application Security Problems Rating: 0 out of 5 stars0 ratingsInformation Security A Practical Guide: Bridging the gap between IT and management Rating: 5 out of 5 stars5/5Common Windows, Linux and Web Server Systems Hacking Techniques Rating: 0 out of 5 stars0 ratingsDigital Forensics Basics: A Practical Guide Using Windows OS Rating: 0 out of 5 stars0 ratingsSnort Intrusion Detection 2.0 Rating: 4 out of 5 stars4/5CompTIA Security+ Review Guide: Exam SY0-601 Rating: 0 out of 5 stars0 ratings
Security For You
Social Engineering: The Science of Human Hacking Rating: 3 out of 5 stars3/5The Hacker Crackdown: Law and Disorder on the Electronic Frontier Rating: 4 out of 5 stars4/5How to Be Invisible: Protect Your Home, Your Children, Your Assets, and Your Life Rating: 4 out of 5 stars4/5Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5How to Become Anonymous, Secure and Free Online Rating: 5 out of 5 stars5/5Practical Lock Picking: A Physical Penetration Tester's Training Guide Rating: 5 out of 5 stars5/5Cybersecurity For Dummies Rating: 4 out of 5 stars4/5Mike Meyers CompTIA Security+ Certification Passport, Sixth Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers Rating: 4 out of 5 stars4/5CompTIA Security+ Study Guide: Exam SY0-601 Rating: 5 out of 5 stars5/5Make Your Smartphone 007 Smart Rating: 4 out of 5 stars4/5Cybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity Rating: 5 out of 5 stars5/5Hacking For Dummies Rating: 4 out of 5 stars4/5Dark Territory: The Secret History of Cyber War Rating: 4 out of 5 stars4/5Wireless Hacking 101 Rating: 4 out of 5 stars4/5Remote/WebCam Notarization : Basic Understanding Rating: 3 out of 5 stars3/5Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5Network+ Study Guide & Practice Exams Rating: 4 out of 5 stars4/5Hacking: Ultimate Beginner's Guide for Computer Hacking in 2018 and Beyond: Hacking in 2018, #1 Rating: 4 out of 5 stars4/5Ethical Hacking 101 - How to conduct professional pentestings in 21 days or less!: How to hack, #1 Rating: 5 out of 5 stars5/5Tor and the Dark Art of Anonymity Rating: 5 out of 5 stars5/5Hacking : Guide to Computer Hacking and Penetration Testing Rating: 5 out of 5 stars5/5Hacking Essentials - The Beginner's Guide To Ethical Hacking And Penetration Testing Rating: 3 out of 5 stars3/5How to Hack Like a Pornstar Rating: 5 out of 5 stars5/5CompTIA Network+ Certification Guide (Exam N10-008): Unleash your full potential as a Network Administrator (English Edition) Rating: 0 out of 5 stars0 ratingsIAPP CIPP / US Certified Information Privacy Professional Study Guide Rating: 0 out of 5 stars0 ratingsCompTIA Network+ Review Guide: Exam N10-008 Rating: 0 out of 5 stars0 ratingsCompTIA Network+ Practice Tests: Exam N10-008 Rating: 0 out of 5 stars0 ratings
Reviews for Mobile Security
0 ratings0 reviews
Book preview
Mobile Security - Steve Furnell
978-1-84928-122-5
PREFACE
Mobile devices represent an increasingly important proportion of the technology market, with laptops, PDAs and smartphones all offering substantial opportunities to improve personal communications and business flexibility. In addition, removable storage, such as memory sticks, now enables enormous quantities of data to be carried around, making it available to use on demand in any location. However, such undoubted advantages can also bring considerable risks, with devices being physically vulnerable to loss, theft and damage, as well as potentially exposed to various forms of electronic attack. As such, there is a significant and growing need for protection, in order to enable us to get the best out of the kit in an otherwise dangerous digital world.
The book provides a concise reference to the key security issues affecting those that deploy and use mobile technologies to support their organisations. It aims to raise awareness of the threats to which mobile devices, users and data are exposed, as well as to provide advice on how to address the problems.
The key themes tackled in the chapters are as follows:
• the importance of mobile technologies
• physical threats in the outside world
• dealing with network connectivity
• authenticating the user
• other mechanisms for protecting mobile data
• attacks facing mobile devices and users
• the potential limitations of mobile security features.
The content is essentially applicable to anyone using and deploying mobile devices, but particularly relevant to those wanting guidance on why protection is required and what should be done to achieve it (while at the same time noting that it is not a detailed how-to guide for any particular technology platform). In addition to the main discussion and evidence, each chapter concludes with a series of ‘takeaways’ that summarise the key messages, and can be used as high-level reminders of the points that we need to remember.
ABOUT THE AUTHOR
Prof. Steven Furnell is the head of the Centre for Information Security & Network Research at the University of Plymouth in the United Kingdom, and an Adjunct Professor with Edith Cowan University in Western Australia. He has been active in security-related research since 1992, with interests including security management, computer crime, user authentication and security usability.
During his academic career to date, Prof. Furnell has authored over 190 papers in refereed international journals and conference proceedings, as well as a number of books including Cybercrime: Vandalizing the Information Society (Addison Wesley, 2001) and Computer Insecurity: Risking the System (Springer, 2005). He is also the editor-in-chief of Information Management & Computer Security, and an associate editor for other journals including Computers & Security and Security & Communication Networks. In addition, he is the co-chair of the Human Aspects of Information Security & Assurance (HAISA) symposium, and he has served as a programme committee member for over 120 other international conference events.
Prof. Furnell is a Fellow and Branch Chair of the British Computer Society (BCS) and a Senior Member of the Institute of Electrical and Electronics Engineers (IEEE). He is also active as a UK representative in International Federation for Information Processing (IFIP) working groups relating to Information Security Management (of which he is the current chair) and Information Security Education.
Further details can be found at www.plymouth.ac.uk/cisnr.
ACKNOWLEDGEMENTS
Thanks are due to Dr Nathan Clarke for his helpful feedback on the draft version of the manuscript, as well as for his contribution to some of the underlying work referenced in the guide. Thanks are also due to Sevasti Karatzouni and Reinhardt Botha for their valued collaboration on some of the related research.
CONTENTS
CHAPTER 1:
GETTING MOBILE
As an introduction to the topic area, this chapter identifies the range and increasing capabilities of mobile devices, including laptops/notebooks, PDAs, mobile phones, media players and removable storage. The discussion emphasises that while mobility is an undoubted asset to the business, it does serve to open up a new range of risks through both the technology and the ways it is used. This will set the scene for the more focused chapters that follow.
Mobile technology has transformed the nature of our personal and business lives, with laptop computers, Personal Digital Assistants (PDAs), and mobile phones all having made the transition from being high-end executive items to everyday technologies in the mass market. As just one example, by 2005 mobile phones had already reached 80% penetration across the OECD area, with 14 countries having exceeded 100% (i.e. having more active mobile accounts than their total population).¹ Not only do more people have them, they can also do more with