Smartphone security issues

  • View

  • Download

Embed Size (px)


  • 1. Smartphone securityissuesWhat can you do? NCA Seminar, Krushevo, 2013 Aleksandra Gavrilovska

2. Losing your smartphone 2 3. What can you do ? Lock access to the phone with PIN or password Backup phone data in the cloud, computer, memory card Find My iPhone Wheres my Droid 3 4. Malicious software 4 5. Malicious software Easily distributed via applicaKon stores without security mechanism Pirated versions of legiKmate apps Fetch apps from links on the web (malverKzing) Install soSware which targets communicaKon, user locaKon or other personal data SMS trojan and premium SMS 5 6. What can you do ? Avoid changing phones factory seVngs Dont jailbreak or root your phone Install apps only from trusted sources Read app reviews Read permissions requested by applicaKon before installing it Install rmware updates provided by the manufacturer 6 7. 7 8. Malicious QR codes QR code usually contain web link Smartphone browser is automaKcally launched Install malware Link to phishing site Steal informaKon 8 9. What can you do ? Use app that has built in securiKes features (Norton Snap) Enable QR code review Check if it is sKcker (in real life) 9 10. Vulnerable wireless networks10 11. What can you do ? Dont transmit sensiKve data via public Wi-Fi, which is usually unencrypted Send sensiKve data to sites that you trust Check if it web address starts with haps Use secure, encrypted VPN to connect to corporate network 11 12. PANIC12 13. What can you do ? Use Mobile device security tools Mobile device management Sandboxing Secure browsers 13 14. because we developmobile applications 14 15. OWASP Mobile Security Project OWASP FoundaKon For developers and security teams How to build and maintain secure mobile apps Primary focus on applicaKon layer 15 16. OWASP Mobile Security Project Top Ten Mobile Risks Mobile security tesKng Mobile cheat sheet series Secure mobile development Top ten mobile controls and design principles 16 17. Thank you. 17