Securing Mobile Devices in the Enterprise: Mobile Security Threats

Enterprise network engineers and managers; network security engineers and managers; anyone tasked with providing secure access to company resources from mobile devices

Prerequisite
None

Expected Duration
117 minutes

Description
Mobile security threats are among the most serious threats to the enterprise, as mobile attacks are often a gateway to a wider attack on connected resources. The Open Web Application Security Project tracks the top 10 security concerns for mobile devices and applications, and this course uses those risks as a basis for discussing mobile security. In this course, you will learn about some best practices for securely handling mobile devices.

Objective

Mobile Security Overview

  • |INS start the course |/INS
  • describe current mobile devices and form factors
  • describe the current state of mobile device security
  • describe mobile security considerations

Device Risks

  • describe the process to determine risk in a mobile environment
  • describe sensitive mobile assets
  • describe sensitive usage scenarios for mobile devices
  • describe how mobile data is stored and transported

Device and Back-end Threats

  • list the OWASP top 10 mobile risks, and describe how weak server-side controls affect mobile device back-end systems
  • describe how insecure data storage affects mobile device front-end and back-end systems
  • describe how insufficient transport layer protection affects mobile device front-end and back-end systems
  • describe how unintended data leakage affects mobile device front-end and back-end systems
  • describe how poor authorization and authentication affects mobile device front-end and back-end systems
  • describe how broken cryptography affects mobile device front-end and back-end systems
  • describe how client-side injection affects mobile device front-end systems
  • describe how security decisions via untrusted inputs affect mobile device back-end systems
  • describe how improper session handling affects mobile device front-end systems
  • describe how lack of binary protections affects mobile device front-end systems

Impact of Exploits

  • describe the potential technical impacts of mobile exploits
  • describe the potential business impacts of mobile exploits

Secure Device Requirements

  • describe requirements for secure device data handling
  • describe requirements for secure device authorization and authentication
  • describe requirements for secure device sensors, jailbreaking, and mobile device management systems
  • describe requirements for secure device connectivity and apps
  • describe requirements for users of secure devices

Practice: Threats

  • assess threats from OWASP top 10 and their impact on mobile systems

MONTHLY SUBSCRIPTION

$129/month
 

ANNUAL SUBSCRIPTION

$1295/year

Multi-license discounts available for Annual and Monthly subscriptions.