SlideShare uma empresa Scribd logo

Smartphone security issues

Aleksandra Gavrilovska
Aleksandra Gavrilovska
TecnologiaNegócios
1 de 17
Baixar para ler offline
Smartphone security issues What can you do?   NCA  Seminar,  Krushevo,  2013   Aleksandra  Gavrilovska  
Losing your smartphone 2  
What can you do ?   •  Lock  access  to  the  phone  with  PIN  or   password   •  Backup  phone  data  in  the  cloud,  computer,   memory  card   •  Find  My  iPhone   •  Where’s  my  Droid   3  
Malicious software 4  
Malicious software •  Easily  distributed  via  applicaKon  stores   without  security  mechanism   •  Pirated  versions  of  legiKmate  apps   •  Fetch  apps  from  links  on  the  web   (“malverKzing”)   •  Install  soSware  which  targets  communicaKon,   user  locaKon  or  other  personal  data   •  SMS  trojan  and  premium  SMS   5  
What can you do ?   •  Avoid  changing  phone’s  factory  seVngs   •  Don’t  jailbreak  or  root  your  phone   •  Install  apps  only  from  trusted  sources   •  Read  app  reviews     •  Read  permissions  requested  by  applicaKon   before  installing  it   •  Install  firmware  updates  provided  by  the   manufacturer     6  
7  
Malicious QR codes •  QR  code  usually  contain  web  link   •  Smartphone  browser  is  automaKcally   launched   •  Install  malware   •  Link  to  phishing  site   •  Steal  informaKon   8  
What can you do ?   •  Use  app  that  has  built  in  securiKes  features   (Norton  Snap)   •  Enable  QR  code  review   •  Check  if  it  is  sKcker  (in  real  life)   9  
Vulnerable wireless networks 10  
What can you do ?   •  Don’t  transmit  sensiKve  data  via  public  Wi-­‐Fi,   which  is  usually  unencrypted   •  Send  sensiKve  data  to  sites  that  you  trust   •  Check  if  it  web  address  starts  with  haps   •  Use  secure,  encrypted  VPN  to  connect  to   corporate  network   11  
PANIC 12  
What can you do ?   •  Use  Mobile  device  security  tools   –  Mobile  device  management   –  Sandboxing   –  Secure  browsers   13  
…because we develop mobile applications… 14  
OWASP Mobile Security Project •  OWASP  FoundaKon   •  For  developers  and  security  teams   •  How  to  build  and  maintain  secure  mobile  apps   •  Primary  focus  on  applicaKon  layer   15  
OWASP Mobile Security Project   •  Top  Ten  Mobile  Risks   •  Mobile  security  tesKng   •  Mobile  cheat  sheet  series   •  Secure  mobile  development   •  Top  ten  mobile  controls  and  design  principles   16  
Thank you.   17  

Recomendados

Smartphone Security Guide: The Easiest Way to Keep Your Phone & Data Secure
Smartphone Security Guide: The Easiest Way to Keep Your Phone & Data SecureSmartphone Security Guide: The Easiest Way to Keep Your Phone & Data Secure
Smartphone Security Guide: The Easiest Way to Keep Your Phone & Data SecureHeimdal Security
 
Smartphone security
Smartphone security Smartphone security
Smartphone security Nash Atan
 
Mobile protection
Mobile protection Mobile protection
Mobile protection preetpatel72
 
Mobile security
Mobile securityMobile security
Mobile securitydilipdubey5
 
Mobile security
Mobile securityMobile security
Mobile securityMphasis
 
Smartphone Ownage: The state of mobile botnets and rootkits
Smartphone Ownage: The state of mobile botnets and rootkitsSmartphone Ownage: The state of mobile botnets and rootkits
Smartphone Ownage: The state of mobile botnets and rootkitsJimmy Shah
 
Mobile security
Mobile securityMobile security
Mobile securityNaveen Kumar
 
Mobile security first round (1st rank)
Mobile security first round (1st rank)Mobile security first round (1st rank)
Mobile security first round (1st rank)Hîmãlåy Làdhä
 

Recomendados

Smartphone Security Guide: The Easiest Way to Keep Your Phone & Data Secure
Smartphone Security Guide: The Easiest Way to Keep Your Phone & Data SecureSmartphone Security Guide: The Easiest Way to Keep Your Phone & Data Secure
Smartphone Security Guide: The Easiest Way to Keep Your Phone & Data SecureHeimdal Security
 
Smartphone security
Smartphone security Smartphone security
Smartphone security Nash Atan
 
Mobile protection
Mobile protection Mobile protection
Mobile protection preetpatel72
 
Mobile security
Mobile securityMobile security
Mobile securitydilipdubey5
 
Mobile security
Mobile securityMobile security
Mobile securityMphasis
 
Smartphone Ownage: The state of mobile botnets and rootkits
Smartphone Ownage: The state of mobile botnets and rootkitsSmartphone Ownage: The state of mobile botnets and rootkits
Smartphone Ownage: The state of mobile botnets and rootkitsJimmy Shah
 
Mobile security
Mobile securityMobile security
Mobile securityNaveen Kumar
 
Mobile security first round (1st rank)
Mobile security first round (1st rank)Mobile security first round (1st rank)
Mobile security first round (1st rank)Hîmãlåy Làdhä
 
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual Jay Nagar
 
Communication security 2021
Communication security 2021Communication security 2021
Communication security 2021MuhammadusmanRana10
 
OPSEC for OMBUDSMEN
OPSEC for OMBUDSMENOPSEC for OMBUDSMEN
OPSEC for OMBUDSMENNaval OPSEC
 
MOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYMOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYJASHU JASWANTH
 
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!EMBplc.com
 
ICT and end user security awareness slides
ICT and end user security awareness slidesICT and end user security awareness slides
ICT and end user security awareness slidesjubke
 
Dos and Don'ts of Internet Security
Dos and Don'ts of Internet SecurityDos and Don'ts of Internet Security
Dos and Don'ts of Internet SecurityQuick Heal Technologies Ltd.
 
Network basic security
Network basic securityNetwork basic security
Network basic securityMohamed Radji
 
Jeopardy
JeopardyJeopardy
Jeopardyzed_o07
 
WISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurityWISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurityWISE KIDS
 
Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14Naval OPSEC
 
Mobile app security
Mobile app securityMobile app security
Mobile app securitywhitecryption
 
Smartphone
SmartphoneSmartphone
SmartphoneNaval OPSEC
 
Spyware risk it's time to get smart
Spyware risk it's time to get smartSpyware risk it's time to get smart
Spyware risk it's time to get smartKanha Sahu
 
User's Guide to Online Privacy
User's Guide to Online PrivacyUser's Guide to Online Privacy
User's Guide to Online Privacycdunk12
 
Security awareness
Security awarenessSecurity awareness
Security awarenessJosh Chandler
 
Mobile security by Tajwar khan
Mobile security by Tajwar khanMobile security by Tajwar khan
Mobile security by Tajwar khanTajwar khan
 
Cyber security
Cyber securityCyber security
Cyber securityPihu Goel
 
Presentation about security I.T.
Presentation about security I.T.Presentation about security I.T.
Presentation about security I.T.HugoBarrionuevoSobri
 
Smartphone & Security
Smartphone & SecuritySmartphone & Security
Smartphone & Security15215822
 
Smartphone security
Smartphone securitySmartphone security
Smartphone securityMuthu Kumar
 
Communication
CommunicationCommunication
Communicationyamingd
 

Mais conteúdo relacionado

Mais procurados

Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual Jay Nagar
 
OPSEC for OMBUDSMEN
OPSEC for OMBUDSMENOPSEC for OMBUDSMEN
OPSEC for OMBUDSMENNaval OPSEC
 
MOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYMOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYJASHU JASWANTH
 
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!EMBplc.com
 
ICT and end user security awareness slides
ICT and end user security awareness slidesICT and end user security awareness slides
ICT and end user security awareness slidesjubke
 
Network basic security
Network basic securityNetwork basic security
Network basic securityMohamed Radji
 
Jeopardy
JeopardyJeopardy
Jeopardyzed_o07
 
WISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurityWISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurityWISE KIDS
 
Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14Naval OPSEC
 
Spyware risk it's time to get smart
Spyware risk it's time to get smartSpyware risk it's time to get smart
Spyware risk it's time to get smartKanha Sahu
 
User's Guide to Online Privacy
User's Guide to Online PrivacyUser's Guide to Online Privacy
User's Guide to Online Privacycdunk12
 
Mobile security by Tajwar khan
Mobile security by Tajwar khanMobile security by Tajwar khan
Mobile security by Tajwar khanTajwar khan
 
Cyber security
Cyber securityCyber security
Cyber securityPihu Goel
 

Mais procurados (19)

Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
 
Communication security 2021
Communication security 2021Communication security 2021
Communication security 2021
 
OPSEC for OMBUDSMEN
OPSEC for OMBUDSMENOPSEC for OMBUDSMEN
OPSEC for OMBUDSMEN
 
MOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYMOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITY
 
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
 
ICT and end user security awareness slides
ICT and end user security awareness slidesICT and end user security awareness slides
ICT and end user security awareness slides
 
Dos and Don'ts of Internet Security
Dos and Don'ts of Internet SecurityDos and Don'ts of Internet Security
Dos and Don'ts of Internet Security
 
Network basic security
Network basic securityNetwork basic security
Network basic security
 
Jeopardy
JeopardyJeopardy
Jeopardy
 
WISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurityWISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurity
 
Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14
 
Mobile app security
Mobile app securityMobile app security
Mobile app security
 
Smartphone
SmartphoneSmartphone
Smartphone
 
Spyware risk it's time to get smart
Spyware risk it's time to get smartSpyware risk it's time to get smart
Spyware risk it's time to get smart
 
User's Guide to Online Privacy
User's Guide to Online PrivacyUser's Guide to Online Privacy
User's Guide to Online Privacy
 
Security awareness
Security awarenessSecurity awareness
Security awareness
 
Mobile security by Tajwar khan
Mobile security by Tajwar khanMobile security by Tajwar khan
Mobile security by Tajwar khan
 
Cyber security
Cyber securityCyber security
Cyber security
 
Presentation about security I.T.
Presentation about security I.T.Presentation about security I.T.
Presentation about security I.T.
 

Destaque

Smartphone & Security
Smartphone & SecuritySmartphone & Security
Smartphone & Security15215822
 
Smartphone security
Smartphone securitySmartphone security
Smartphone securityMuthu Kumar
 
Communication
CommunicationCommunication
Communicationyamingd
 
Dave Briggs - Engaging Change
Dave Briggs - Engaging ChangeDave Briggs - Engaging Change
Dave Briggs - Engaging ChangePaul McElvaney
 
Pobedite 10 slabosti u poslu koje EU ne trpi
Pobedite 10 slabosti u poslu koje EU ne trpiPobedite 10 slabosti u poslu koje EU ne trpi
Pobedite 10 slabosti u poslu koje EU ne trpiMaja Vujovic
 
Introduction to chef framework
Introduction to chef frameworkIntroduction to chef framework
Introduction to chef frameworkmorgoth
 
Dispara tu carrera profesional: por qué unirse a una Comunidad
Dispara tu carrera profesional: por qué unirse a una ComunidadDispara tu carrera profesional: por qué unirse a una Comunidad
Dispara tu carrera profesional: por qué unirse a una ComunidadAgustin Benito Bethencourt
 
Fip lezing Istanbul deel 1
Fip lezing Istanbul deel 1Fip lezing Istanbul deel 1
Fip lezing Istanbul deel 1Sjef Kerkhofs
 
lezing Online netwerken
lezing Online netwerkenlezing Online netwerken
lezing Online netwerkenSjef Kerkhofs
 
Aag presentatie 3 februari
Aag presentatie 3 februariAag presentatie 3 februari
Aag presentatie 3 februariSjef Kerkhofs
 
产品思考
产品思考产品思考
产品思考yamingd
 
A pilot study to evaluate nutritional influences on gastrointestinal symptoms...
A pilot study to evaluate nutritional influences on gastrointestinal symptoms...A pilot study to evaluate nutritional influences on gastrointestinal symptoms...
A pilot study to evaluate nutritional influences on gastrointestinal symptoms...ivdacruz
 
Learning Pool Webinar: Creating, editing and using images
Learning Pool Webinar: Creating, editing and using imagesLearning Pool Webinar: Creating, editing and using images
Learning Pool Webinar: Creating, editing and using imagesPaul McElvaney
 
Learning Pool's Mark Lynch and Kevin Gallagher on 'Next Generation DLE'.
Learning Pool's Mark Lynch and Kevin Gallagher on 'Next Generation DLE'.Learning Pool's Mark Lynch and Kevin Gallagher on 'Next Generation DLE'.
Learning Pool's Mark Lynch and Kevin Gallagher on 'Next Generation DLE'.Paul McElvaney
 

Destaque (20)

Smartphone & Security
Smartphone & SecuritySmartphone & Security
Smartphone & Security
 
Smartphone security
Smartphone securitySmartphone security
Smartphone security
 
Communication
CommunicationCommunication
Communication
 
Dave Briggs - Engaging Change
Dave Briggs - Engaging ChangeDave Briggs - Engaging Change
Dave Briggs - Engaging Change
 
Lecture 7
Lecture 7Lecture 7
Lecture 7
 
My Learning Pool
My Learning PoolMy Learning Pool
My Learning Pool
 
Scotweb Presentation
Scotweb PresentationScotweb Presentation
Scotweb Presentation
 
Nilga Feb 2009
Nilga Feb 2009Nilga Feb 2009
Nilga Feb 2009
 
Pobedite 10 slabosti u poslu koje EU ne trpi
Pobedite 10 slabosti u poslu koje EU ne trpiPobedite 10 slabosti u poslu koje EU ne trpi
Pobedite 10 slabosti u poslu koje EU ne trpi
 
Lezing Xerox
Lezing XeroxLezing Xerox
Lezing Xerox
 
Introduction to chef framework
Introduction to chef frameworkIntroduction to chef framework
Introduction to chef framework
 
Dispara tu carrera profesional: por qué unirse a una Comunidad
Dispara tu carrera profesional: por qué unirse a una ComunidadDispara tu carrera profesional: por qué unirse a una Comunidad
Dispara tu carrera profesional: por qué unirse a una Comunidad
 
Fip lezing Istanbul deel 1
Fip lezing Istanbul deel 1Fip lezing Istanbul deel 1
Fip lezing Istanbul deel 1
 
lezing Online netwerken
lezing Online netwerkenlezing Online netwerken
lezing Online netwerken
 
Aag presentatie 3 februari
Aag presentatie 3 februariAag presentatie 3 februari
Aag presentatie 3 februari
 
产品思考
产品思考产品思考
产品思考
 
A pilot study to evaluate nutritional influences on gastrointestinal symptoms...
A pilot study to evaluate nutritional influences on gastrointestinal symptoms...A pilot study to evaluate nutritional influences on gastrointestinal symptoms...
A pilot study to evaluate nutritional influences on gastrointestinal symptoms...
 
Learning Pool Webinar: Creating, editing and using images
Learning Pool Webinar: Creating, editing and using imagesLearning Pool Webinar: Creating, editing and using images
Learning Pool Webinar: Creating, editing and using images
 
Learning Pool's Mark Lynch and Kevin Gallagher on 'Next Generation DLE'.
Learning Pool's Mark Lynch and Kevin Gallagher on 'Next Generation DLE'.Learning Pool's Mark Lynch and Kevin Gallagher on 'Next Generation DLE'.
Learning Pool's Mark Lynch and Kevin Gallagher on 'Next Generation DLE'.
 
Ana Virtual Worlds
Ana Virtual WorldsAna Virtual Worlds
Ana Virtual Worlds
 

Semelhante a Smartphone security issues

Mobile Security - Dutch Mobile .Net Developers
Mobile Security - Dutch Mobile .Net DevelopersMobile Security - Dutch Mobile .Net Developers
Mobile Security - Dutch Mobile .Net DevelopersAlberto Aguzzi
 
Creating secure apps using the salesforce mobile sdk
Creating secure apps using the salesforce mobile sdkCreating secure apps using the salesforce mobile sdk
Creating secure apps using the salesforce mobile sdkMartin Vigo
 
Mobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
Mobile security, OWASP Mobile Top 10, OWASP SeraphimdroidMobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
Mobile security, OWASP Mobile Top 10, OWASP SeraphimdroidNikola Milosevic
 
Developing secure mobile apps by Alexandru Catariov Endava
Developing secure mobile apps by Alexandru Catariov EndavaDeveloping secure mobile apps by Alexandru Catariov Endava
Developing secure mobile apps by Alexandru Catariov EndavaMoldova ICT Summit
 
iOS Application Security.pdf
iOS Application Security.pdfiOS Application Security.pdf
iOS Application Security.pdfRavi Aggarwal
 
Mobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the AttackerMobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the Attackerbugcrowd
 
Debunking the Top 5 Myths About Mobile AppSec
Debunking the Top 5 Myths About Mobile AppSecDebunking the Top 5 Myths About Mobile AppSec
Debunking the Top 5 Myths About Mobile AppSecNowSecure
 
Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015
Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015
Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015Sina Manavi
 
Android Camp 2011 @ Silicon India
Android Camp 2011 @ Silicon IndiaAndroid Camp 2011 @ Silicon India
Android Camp 2011 @ Silicon IndiaAvinash Birnale
 
Analysis and research of system security based on android
Analysis and research of system security based on androidAnalysis and research of system security based on android
Analysis and research of system security based on androidRavishankar Kumar
 
How to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’tsHow to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’tsNowSecure
 
Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.AlgoSec
 
Defending Behind the Mobile Device
Defending Behind the Mobile DeviceDefending Behind the Mobile Device
Defending Behind the Mobile DeviceTyler Shields
 
android Security
android Security android Security
android Security darkC0de
 
Mobile Threats and Owasp Top 10 Risks
Mobile Threats and Owasp Top 10 RisksMobile Threats and Owasp Top 10 Risks
Mobile Threats and Owasp Top 10 RisksSantosh Satam
 
Lumension Security - Adjusting our defenses for 2012
Lumension Security - Adjusting our defenses for 2012Lumension Security - Adjusting our defenses for 2012
Lumension Security - Adjusting our defenses for 2012Andris Soroka
 
Hacking By Nirmal
Hacking By NirmalHacking By Nirmal
Hacking By NirmalNIRMAL RAJ
 

Semelhante a Smartphone security issues (20)

Mobile Security - Dutch Mobile .Net Developers
Mobile Security - Dutch Mobile .Net DevelopersMobile Security - Dutch Mobile .Net Developers
Mobile Security - Dutch Mobile .Net Developers
 
Creating secure apps using the salesforce mobile sdk
Creating secure apps using the salesforce mobile sdkCreating secure apps using the salesforce mobile sdk
Creating secure apps using the salesforce mobile sdk
 
Mobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
Mobile security, OWASP Mobile Top 10, OWASP SeraphimdroidMobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
Mobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
 
Developing secure mobile apps by Alexandru Catariov Endava
Developing secure mobile apps by Alexandru Catariov EndavaDeveloping secure mobile apps by Alexandru Catariov Endava
Developing secure mobile apps by Alexandru Catariov Endava
 
iOS Application Security.pdf
iOS Application Security.pdfiOS Application Security.pdf
iOS Application Security.pdf
 
Mobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the AttackerMobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the Attacker
 
Debunking the Top 5 Myths About Mobile AppSec
Debunking the Top 5 Myths About Mobile AppSecDebunking the Top 5 Myths About Mobile AppSec
Debunking the Top 5 Myths About Mobile AppSec
 
Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015
Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015
Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015
 
Android Camp 2011 @ Silicon India
Android Camp 2011 @ Silicon IndiaAndroid Camp 2011 @ Silicon India
Android Camp 2011 @ Silicon India
 
Hacking Mobile Apps
Hacking Mobile AppsHacking Mobile Apps
Hacking Mobile Apps
 
Mobile Apps Security
Mobile Apps SecurityMobile Apps Security
Mobile Apps Security
 
Analysis and research of system security based on android
Analysis and research of system security based on androidAnalysis and research of system security based on android
Analysis and research of system security based on android
 
Android security
Android securityAndroid security
Android security
 
How to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’tsHow to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’ts
 
Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.
 
Defending Behind the Mobile Device
Defending Behind the Mobile DeviceDefending Behind the Mobile Device
Defending Behind the Mobile Device
 
android Security
android Security android Security
android Security
 
Mobile Threats and Owasp Top 10 Risks
Mobile Threats and Owasp Top 10 RisksMobile Threats and Owasp Top 10 Risks
Mobile Threats and Owasp Top 10 Risks
 
Lumension Security - Adjusting our defenses for 2012
Lumension Security - Adjusting our defenses for 2012Lumension Security - Adjusting our defenses for 2012
Lumension Security - Adjusting our defenses for 2012
 
Hacking By Nirmal
Hacking By NirmalHacking By Nirmal
Hacking By Nirmal
 

Último

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 

Último (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 

Smartphone security issues

  • 1. Smartphone security issues What can you do?   NCA  Seminar,  Krushevo,  2013   Aleksandra  Gavrilovska  
  • 3. What can you do ?   •  Lock  access  to  the  phone  with  PIN  or   password   •  Backup  phone  data  in  the  cloud,  computer,   memory  card   •  Find  My  iPhone   •  Where’s  my  Droid   3  
  • 5. Malicious software •  Easily  distributed  via  applicaKon  stores   without  security  mechanism   •  Pirated  versions  of  legiKmate  apps   •  Fetch  apps  from  links  on  the  web   (“malverKzing”)   •  Install  soSware  which  targets  communicaKon,   user  locaKon  or  other  personal  data   •  SMS  trojan  and  premium  SMS   5  
  • 6. What can you do ?   •  Avoid  changing  phone’s  factory  seVngs   •  Don’t  jailbreak  or  root  your  phone   •  Install  apps  only  from  trusted  sources   •  Read  app  reviews     •  Read  permissions  requested  by  applicaKon   before  installing  it   •  Install  firmware  updates  provided  by  the   manufacturer     6  
  • 8. Malicious QR codes •  QR  code  usually  contain  web  link   •  Smartphone  browser  is  automaKcally   launched   •  Install  malware   •  Link  to  phishing  site   •  Steal  informaKon   8  
  • 9. What can you do ?   •  Use  app  that  has  built  in  securiKes  features   (Norton  Snap)   •  Enable  QR  code  review   •  Check  if  it  is  sKcker  (in  real  life)   9  
  • 10. Vulnerable wireless networks 10  
  • 11. What can you do ?   •  Don’t  transmit  sensiKve  data  via  public  Wi-­‐Fi,   which  is  usually  unencrypted   •  Send  sensiKve  data  to  sites  that  you  trust   •  Check  if  it  web  address  starts  with  haps   •  Use  secure,  encrypted  VPN  to  connect  to   corporate  network   11  
  • 12. PANIC 12  
  • 13. What can you do ?   •  Use  Mobile  device  security  tools   –  Mobile  device  management   –  Sandboxing   –  Secure  browsers   13  
  • 14. …because we develop mobile applications… 14  
  • 15. OWASP Mobile Security Project •  OWASP  FoundaKon   •  For  developers  and  security  teams   •  How  to  build  and  maintain  secure  mobile  apps   •  Primary  focus  on  applicaKon  layer   15  
  • 16. OWASP Mobile Security Project   •  Top  Ten  Mobile  Risks   •  Mobile  security  tesKng   •  Mobile  cheat  sheet  series   •  Secure  mobile  development   •  Top  ten  mobile  controls  and  design  principles   16  
  • 17. Thank you.   17