Mobile Computing: Securing your workforce
()
About this ebook
Related to Mobile Computing
Related ebooks
Complete Guide to Building an Information Security Program Rating: 0 out of 5 stars0 ratingsRisk and Cybersecurity Third Edition Rating: 0 out of 5 stars0 ratingsCybersecurity as a Fishing Game: Developing Cybersecurity in the Form of Fishing Game and What Top Management Should Understand Rating: 0 out of 5 stars0 ratingsCombat Ready IT and PIE: Cyber Security for Small Medium Business and Perpetual Improvement Everywhe Rating: 5 out of 5 stars5/5Seven Deadliest Social Network Attacks Rating: 0 out of 5 stars0 ratingsCybersecurity Charter Standard Requirements Rating: 0 out of 5 stars0 ratingsThirdParty Cybersecurity Risk Management A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratingsPenetration Testing: A guide for business and IT managers Rating: 0 out of 5 stars0 ratingsCybersecurity in Our Digital Lives Rating: 5 out of 5 stars5/5The Network Security Test Lab: A Step-by-Step Guide Rating: 0 out of 5 stars0 ratingsCyber Essentials: A guide to the Cyber Essentials and Cyber Essentials Plus certifications Rating: 0 out of 5 stars0 ratingsKali Linux, Ethical Hacking And Pen Testing For Beginners Rating: 0 out of 5 stars0 ratingsSecurity 2020: Reduce Security Risks This Decade Rating: 0 out of 5 stars0 ratingsAVIEN Malware Defense Guide for the Enterprise Rating: 0 out of 5 stars0 ratingsDigital Forensics A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsMaking Passwords Secure Rating: 0 out of 5 stars0 ratingsApple Secure Enclave Processor Rating: 0 out of 5 stars0 ratingsCybersecurity Risk Management A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsCEH v9: Certified Ethical Hacker Version 9 Study Guide Rating: 0 out of 5 stars0 ratingsSecure Your Network for Free Rating: 0 out of 5 stars0 ratingsDigital Privacy: Internet Security to Stop Big Companies From Tracking and Selling Your Data Rating: 0 out of 5 stars0 ratingsRussian Cyber Activity Rating: 0 out of 5 stars0 ratingsUNHACKABLE : Your Online Security Playbook: Recreating Cyber Security in an Unsecure World Rating: 0 out of 5 stars0 ratingsSoftware Transparency: Supply Chain Security in an Era of a Software-Driven Society Rating: 0 out of 5 stars0 ratingsSOC for Cybersecurity A Clear and Concise Reference Rating: 0 out of 5 stars0 ratingsNetwork Forensics A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsNessus, Snort, and Ethereal Power Tools: Customizing Open Source Security Applications Rating: 0 out of 5 stars0 ratingsClient-Side Attacks and Defense Rating: 0 out of 5 stars0 ratingsDigital Forensics A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratings
Security For You
Social Engineering: The Science of Human Hacking Rating: 3 out of 5 stars3/5The Hacker Crackdown: Law and Disorder on the Electronic Frontier Rating: 4 out of 5 stars4/5How to Be Invisible: Protect Your Home, Your Children, Your Assets, and Your Life Rating: 4 out of 5 stars4/5Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5How to Become Anonymous, Secure and Free Online Rating: 5 out of 5 stars5/5Practical Lock Picking: A Physical Penetration Tester's Training Guide Rating: 5 out of 5 stars5/5Cybersecurity For Dummies Rating: 4 out of 5 stars4/5Mike Meyers CompTIA Security+ Certification Passport, Sixth Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers Rating: 4 out of 5 stars4/5CompTIA Security+ Study Guide: Exam SY0-601 Rating: 5 out of 5 stars5/5Make Your Smartphone 007 Smart Rating: 4 out of 5 stars4/5Cybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity Rating: 5 out of 5 stars5/5Hacking For Dummies Rating: 4 out of 5 stars4/5Dark Territory: The Secret History of Cyber War Rating: 4 out of 5 stars4/5Wireless Hacking 101 Rating: 4 out of 5 stars4/5Remote/WebCam Notarization : Basic Understanding Rating: 3 out of 5 stars3/5Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5Network+ Study Guide & Practice Exams Rating: 4 out of 5 stars4/5Hacking: Ultimate Beginner's Guide for Computer Hacking in 2018 and Beyond: Hacking in 2018, #1 Rating: 4 out of 5 stars4/5Ethical Hacking 101 - How to conduct professional pentestings in 21 days or less!: How to hack, #1 Rating: 5 out of 5 stars5/5Tor and the Dark Art of Anonymity Rating: 5 out of 5 stars5/5Hacking : Guide to Computer Hacking and Penetration Testing Rating: 5 out of 5 stars5/5Hacking Essentials - The Beginner's Guide To Ethical Hacking And Penetration Testing Rating: 3 out of 5 stars3/5How to Hack Like a Pornstar Rating: 5 out of 5 stars5/5CompTIA Network+ Certification Guide (Exam N10-008): Unleash your full potential as a Network Administrator (English Edition) Rating: 0 out of 5 stars0 ratingsIAPP CIPP / US Certified Information Privacy Professional Study Guide Rating: 0 out of 5 stars0 ratingsCompTIA Network+ Review Guide: Exam N10-008 Rating: 0 out of 5 stars0 ratingsCompTIA Network+ Practice Tests: Exam N10-008 Rating: 0 out of 5 stars0 ratings
Reviews for Mobile Computing
0 ratings0 reviews
Book preview
Mobile Computing - BCS, The Chartered Institute for IT
CONTENTS
Foreword
1 EQUIPPING EMPLOYEES, MAXIMISING POTENTIAL - Nathan Marke
2 CONSUMER DEVICES IN THE WORKPLACE: A BEST PRACTICE SECURITY APPROACH – Steve Durbin
3 SECURITY ON THE MOVE – Andrew Cormack
4 MOBILE SECURITY: MINIMISING RISK, MAXIMISING AWARENESS – Stuart Dommett
5 DELIVERING SECURITY ON EMPLOYEES’ PERSONAL LAPTOPS – Nick Lowe
6 SAFETY TRAINING FOR THE WORKFORCE – Sean Glynn
7 CEOs IN THE DOCK – Sean Glynn
8 STOPPING THE MOBILE BOT THREAT – Lannon Rowan
9 PASSWORD SECURITY – Derek Melber and Anna E. Ryberg
10 ENCRYPTION IS SOMETIMES NOT ENOUGH Luther Martin
11 NFC: ANOTHER ONE FOR THE ACRONYM SOUP Andrea Simmons
12 NETWORK SECURITY WHEN GOING MOBILE – Gord Boyce
13 IMPROVING YOUR NETWORK AND APPLICATION ASSURANCE STRATEGY – Paul Vlissidis
14 MOBILE RULES FOR SECURITY OFFICERS: A ‘CASE STUDY’ Jane Grafton
USEFUL RESOURCES
FOREWORD
It’s been less than three decades since the first commercial handheld cellular phone hit the market. Costing some $3,995 and likened to a brick, it immediately gained a long waiting list. Price and size have come down in the intervening years and popularity has soared. The technology has moved from analogue to digital and the handsets can now do so much more than make and receive voice telephone calls.
We’ve seen the introduction of short message service (SMS), multi-media message service (MMS), PDA functions (address book, calendar, notes), email, browsing (WAP through to modern browsers), full internet access and applications. Each new capability has opened up additional potential exposures for users.
Modern smartphones combine elements of mobile phone, personal digital assistants (PDA) and laptop into a small, easily lost or stolen, high-value device. With e-wallets, NFC, tablets and so on, as well as storing more and more confidential information as storage capacity grows, its value – and impact when lost – increases even more.
Phones are not the only devices we’re mobile with either. PDAs, laptops, tablets all add to the complexity, as does the growth in employees using their own devices and bringing them into the enterprise. Organisations need to cope, educate and secure.
Although manufacturers, operators, OS/application vendors and businesses try and control and/or secure their platforms, there are limits to what is technically possible and acceptable to users. Many people are no longer content with a device that cannot perform the functions or run the applications they see others use. Indeed, some will take exception to any level of control or security and ‘jailbreak’ or ‘unlock’ their devices so that they can run what they want on whatever network is available.
Whatever portable device you use, this ebook contains some useful advice to consider to help improve your mobile security.
Gareth Niblett
Chairman, BCS Information Security Specialist Group
1 EQUIPPING EMPLOYEES, MAXIMISING POTENTIAL
Nathan Marke, March 2011
Organisations are striving to implement supportive information and communications infrastructures to maximise employee collaboration, increase productivity and achieve efficiency savings. Equipping employees with the tools to work remotely and flexibly allows businesses to provide the best possible experience for their employees and customers whilst reducing overall IT spend, says Nathan Marke, 2e2’s Chief Technology Officer.
WHAT IS A ‘BETTER CONNECTED’ WORKFORCE?
The IT industry has tended to use terms such as ‘unified communications’ or ‘unified communications and collaboration’ to define the ways in which the modern workforce can work together and collaborate. These abbreviations are fine, save that they tend to create a focus on technology rather than on people or process; hardly surprising given that they originate from the technical hierarchy in our IT organisations.
By using the term ‘better connected workforce’ we seek to draw attention to the ways in which technology may be used to provide a better working environment, one in which employees may be able to communicate via different media that are appropriate to the particular purpose (instant messaging for the quick, informal query; video conferencing for the discussion that may be enhanced by some level of personal contact; telepresence for the more immersive group interaction). In short, the better connected workforce is one that is not only equipped with the right tools, but one that is aware of how these tools can be used to make communication between individuals, groups and across organisations faster, more effective and more productive. The better connected workforce is thus able to be more costeffective and better placed to attain the benefits, not only of new technology, but of new and more flexible working patterns and structures.
‘PROSUMERISATION’
This trend is accentuated by the effects of what is becoming known as consumerisation and ‘prosumerisation’. These buzz words refer to the blurring of distinctions between consumer products and professional products. For example, whilst the iPhone would fit into the former camp and the BlackBerry into the latter, each is being used in the other’s territory. A further example is the use of social networking products in the work environment (Twitter for marketing, Facebook for group updates etc.).
As a result employees now expect to be able to replicate the efficiency and ease of use of home apps in the workplace and to be able to move seamlessly from home to work without connecting to different systems. As business applications become ever more web-savvy and accessible via mobile browsers, we are starting to see a move in IT departments towards the allocation of per capita budgets, with employees being able to provide (and getting support for) whatever devices they choose. There is a risk that this trend creates a widening information gap between the ‘haves’ and ‘have nots’ (which is a challenge for all organisations and which mirrors a similar gap in society at large), but the momentum would seem to be unstoppable.
WHAT ARE THE BUSINESS DRIVERS?
There are a