Fake Android Apps

Summary:

Android devices have a security problem. Android does not limit where or what applications can be downloaded and installed on a device. Most users will download from the official Google Play Store, but other application stores (such as AppBrain), and a wide range of websites where people may make an application to be downloaded exist. Many users believe that the Google Play Store holds applications that are safe and will not harm their device or expose information, but this is far from the truth.

HIPAA Compliance and Mobile Devices

Summary:

Mobile devices like tablets and smartphones are increasingly being used by healthcare professionals in the workplace. Health Care Professionals use mobile devices for patient real-time management of chronic diseases, which involves the patient collecting and transmitting information directly to the care provider, rather than requiring an office visit. For care providers, the uses can include in exam rooms, administrative areas, and in the field. Rural and disconnected users can collect the data to be transmitted to the medical providers once connectivity is established.

As mobile devices proliferate, so do the associated vectors of potential compromise. Added to this are the risks from employee negligence and organizational policies that have not kept pace with ever-changing technology.

SOX, GLBA and Mobile Devices

Summary:

The mobile computing revolution is in full swing as organizations look to leverage smartphones and tablet computers to gain a competitive advantage by enabling employees to be more productive. However, these devices are inherently mobile and can hold massive amounts of corporate data, making them highly vulnerable to data loss.

Financial companies have to take extra precautions to ensure compliance with Sarbanes-Oxley (SOX), which requires officers of the organization to attest to having proper security controls in place, and the Gramm-Leach-Bliley Act (GLB or GLBA), which requires organizations to protect consumer information stored in the digital realm. Both SOX and GLB extend to the mobile devices employees use to access corporate email and other services.

BYOD Policy Writing

Summary:

While mobile devices bring the benefit of increased productivity, they also introduce a wide range of dangers into the enterprise. Organizations are increasingly finding that they cannot “tech” their way out of many of these dangers, and that using a layered security approach is the only way to mitigate risk. Creating a strong backbone on which security layers rest is the first step. The basis of that backbone is a solid BYOD Mobile Security Policy. While each organization is unique and must create a policy specific to their data, employees, and risk appetite, the following information will get an organization started in the right direction.

ARMv8 Processors in Mobile Devices

Summary:

ARM architecture have been used in a variety of mobile devices, including several in the Samsung Galaxy series, some Motorola smartphone models, and several models of the iPhone. Until recently, the processors built using the ARM architecture have all been 32-bit processors. ARMv8 is the first ARM 64-bit architecture to be developed. The evolution of the ARM architecture to a 64 bit architecture has granted more processing power and new capabilities to mobile devices.

Contactless Mobile Payments Presentation

Summary:

We are seeing increased interest in contact-less payment systems with the integration of Near Field Communication’s technology in commercially available smartphones. Understanding the features, data transmission and vulnerabilities of these new “mobile wallets” will be important in maintaining data integrity. Get the presentation.

Why iOS & Android UDIDs Are Susceptible to Breach

Summary:

In a clearly worded acknowledgment, digital publishing firm Blue Toad confirmed that it was the source of Apple UDID leaks reported last week by Reuters. On September 3rd, under their AntiSec operation, the hacker group anonymous released over 1 million Apple Unique Device Identifiers (UDIDs). Blue Toad calls itself “the leading technology provider in the digital publishing industry.” It sells services to publishers that allow them to move content to mobile devices, including converting a magazine PDF into a Flash or HTML file or an iOS app. Get the white paper.

Mobile Device Management: A Survey

Summary:

Mobile Device Management is the software suite responsible for monitoring, administering and securing mobile devices such as Cellular Phones, Tablets, and Computers on a corporate environment. Mobile Device Management allows for not only corporate devices to be enrolled, but also BYOD (Bring Your Own Device) occurs in which a employee’™s personal device is enrolled into the corporate environment while also still able to access his personal data from the same mobile device. Get the white paper.

Android vs iOS

Summary:

The Operating Systems for Android and Apple are very different. Android is a Google based, open source operating system whereas iOS is completely controlled by Apple. Comparing the applications of the two Operating Systems, the Android OS has the potential for a lot more security vulnerabilities and issues since Google only very lightly regulates the applications to its Play Store. Apple has a vigorous authorization process that applications have to pass before they are approved for download on the App Store. This only means that iOS is formidable to traditional malware attacks but not impossible. Get the white paper.

iOS and Android Security: Mobile Device Plan for Enterprise

Summary:

PaRaBaL four step methodology for an enterprise to introduce mobile devices into their enterprise. Understanding iOS and Android security. Implementing a MDM (Mobile Device Management) Solution. Selecting the correct MDM for your enterprise. Controlling your Mobile Device Management Solution. Writing your Mobile Device Security Plan and Document. End User Training for iPad use in the Enterprise, iPhones for the business user, Android Devices for employees. Get the white paper.

Preventing Exploits with Security Enhanced Linux

Summary:

Early thinking on methodology in splitting the operating systems for mobile devices. Bifurcation of iOS or Android operating systems for the iPad, iPhone, Smartphones, or Tablets could allow for better security. Academic paper discusses splitting the Linux Kernel to prevent exploits. Same methodology could be applied to mobile device operating systems. Get the white paper.