SlideShare uma empresa Scribd logo

Smartphone security issues

Aleksandra Gavrilovska
Aleksandra Gavrilovska
TecnologiaNegócios
1 de 17
Baixar para ler offline
Smartphone security issues What can you do?   NCA  Seminar,  Krushevo,  2013   Aleksandra  Gavrilovska  
Losing your smartphone 2  
What can you do ?   •  Lock  access  to  the  phone  with  PIN  or   password   •  Backup  phone  data  in  the  cloud,  computer,   memory  card   •  Find  My  iPhone   •  Where’s  my  Droid   3  
Malicious software 4  
Malicious software •  Easily  distributed  via  applicaKon  stores   without  security  mechanism   •  Pirated  versions  of  legiKmate  apps   •  Fetch  apps  from  links  on  the  web   (“malverKzing”)   •  Install  soSware  which  targets  communicaKon,   user  locaKon  or  other  personal  data   •  SMS  trojan  and  premium  SMS   5  
What can you do ?   •  Avoid  changing  phone’s  factory  seVngs   •  Don’t  jailbreak  or  root  your  phone   •  Install  apps  only  from  trusted  sources   •  Read  app  reviews     •  Read  permissions  requested  by  applicaKon   before  installing  it   •  Install  firmware  updates  provided  by  the   manufacturer     6  
7  
Malicious QR codes •  QR  code  usually  contain  web  link   •  Smartphone  browser  is  automaKcally   launched   •  Install  malware   •  Link  to  phishing  site   •  Steal  informaKon   8  
What can you do ?   •  Use  app  that  has  built  in  securiKes  features   (Norton  Snap)   •  Enable  QR  code  review   •  Check  if  it  is  sKcker  (in  real  life)   9  
Vulnerable wireless networks 10  
What can you do ?   •  Don’t  transmit  sensiKve  data  via  public  Wi-­‐Fi,   which  is  usually  unencrypted   •  Send  sensiKve  data  to  sites  that  you  trust   •  Check  if  it  web  address  starts  with  haps   •  Use  secure,  encrypted  VPN  to  connect  to   corporate  network   11  
PANIC 12  
What can you do ?   •  Use  Mobile  device  security  tools   –  Mobile  device  management   –  Sandboxing   –  Secure  browsers   13  
…because we develop mobile applications… 14  
OWASP Mobile Security Project •  OWASP  FoundaKon   •  For  developers  and  security  teams   •  How  to  build  and  maintain  secure  mobile  apps   •  Primary  focus  on  applicaKon  layer   15  
OWASP Mobile Security Project   •  Top  Ten  Mobile  Risks   •  Mobile  security  tesKng   •  Mobile  cheat  sheet  series   •  Secure  mobile  development   •  Top  ten  mobile  controls  and  design  principles   16  
Thank you.   17  

Recomendados

Smartphone Security Guide: The Easiest Way to Keep Your Phone & Data Secure
Smartphone Security Guide: The Easiest Way to Keep Your Phone & Data SecureSmartphone Security Guide: The Easiest Way to Keep Your Phone & Data Secure
Smartphone Security Guide: The Easiest Way to Keep Your Phone & Data Secure
Heimdal Security
 
Smartphone security
Smartphone security Smartphone security
Smartphone security
Nash Atan
 
Mobile protection
Mobile protection Mobile protection
Mobile protection
preetpatel72
 
Mobile security
Mobile securityMobile security
Mobile security
dilipdubey5
 
Mobile security
Mobile securityMobile security
Mobile security
Mphasis
 
Smartphone Ownage: The state of mobile botnets and rootkits
Smartphone Ownage: The state of mobile botnets and rootkitsSmartphone Ownage: The state of mobile botnets and rootkits
Smartphone Ownage: The state of mobile botnets and rootkits
Jimmy Shah
 
Mobile security
Mobile securityMobile security
Mobile security
Naveen Kumar
 
Mobile security first round (1st rank)
Mobile security first round (1st rank)Mobile security first round (1st rank)
Mobile security first round (1st rank)
Hîmãlåy Làdhä
 

Recomendados

Smartphone Security Guide: The Easiest Way to Keep Your Phone & Data Secure
Smartphone Security Guide: The Easiest Way to Keep Your Phone & Data SecureSmartphone Security Guide: The Easiest Way to Keep Your Phone & Data Secure
Smartphone Security Guide: The Easiest Way to Keep Your Phone & Data Secure
Heimdal Security
 
Smartphone security
Smartphone security Smartphone security
Smartphone security
Nash Atan
 
Mobile protection
Mobile protection Mobile protection
Mobile protection
preetpatel72
 
Mobile security
Mobile securityMobile security
Mobile security
dilipdubey5
 
Mobile security
Mobile securityMobile security
Mobile security
Mphasis
 
Smartphone Ownage: The state of mobile botnets and rootkits
Smartphone Ownage: The state of mobile botnets and rootkitsSmartphone Ownage: The state of mobile botnets and rootkits
Smartphone Ownage: The state of mobile botnets and rootkits
Jimmy Shah
 
Mobile security
Mobile securityMobile security
Mobile security
Naveen Kumar
 
Mobile security first round (1st rank)
Mobile security first round (1st rank)Mobile security first round (1st rank)
Mobile security first round (1st rank)
Hîmãlåy Làdhä
 
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Jay Nagar
 
Communication security 2021
Communication security 2021Communication security 2021
Communication security 2021
MuhammadusmanRana10
 
OPSEC for OMBUDSMEN
OPSEC for OMBUDSMENOPSEC for OMBUDSMEN
OPSEC for OMBUDSMEN
Naval OPSEC
 
MOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYMOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITY
JASHU JASWANTH
 
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
EMBplc.com
 
ICT and end user security awareness slides
ICT and end user security awareness slidesICT and end user security awareness slides
ICT and end user security awareness slides
jubke
 
Dos and Don'ts of Internet Security
Dos and Don'ts of Internet SecurityDos and Don'ts of Internet Security
Dos and Don'ts of Internet Security
Quick Heal Technologies Ltd.
 
Network basic security
Network basic securityNetwork basic security
Network basic security
Mohamed Radji
 
Jeopardy
JeopardyJeopardy
Jeopardy
zed_o07
 
WISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurityWISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurity
WISE KIDS
 
Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14
Naval OPSEC
 
Mobile app security
Mobile app securityMobile app security
Mobile app security
whitecryption
 
Smartphone
SmartphoneSmartphone
Smartphone
Naval OPSEC
 
Spyware risk it's time to get smart
Spyware risk it's time to get smartSpyware risk it's time to get smart
Spyware risk it's time to get smart
Kanha Sahu
 
User's Guide to Online Privacy
User's Guide to Online PrivacyUser's Guide to Online Privacy
User's Guide to Online Privacy
cdunk12
 
Security awareness
Security awarenessSecurity awareness
Security awareness
Josh Chandler
 
Mobile security by Tajwar khan
Mobile security by Tajwar khanMobile security by Tajwar khan
Mobile security by Tajwar khan
Tajwar khan
 
Cyber security
Cyber securityCyber security
Cyber security
Pihu Goel
 
Presentation about security I.T.
Presentation about security I.T.Presentation about security I.T.
Presentation about security I.T.
HugoBarrionuevoSobri
 
Smartphone & Security
Smartphone & SecuritySmartphone & Security
Smartphone & Security
15215822
 
Smartphone security
Smartphone securitySmartphone security
Smartphone security
Muthu Kumar
 
Communication
CommunicationCommunication
Communication
yamingd
 

Mais conteúdo relacionado

Mais procurados

Network basic security
Network basic securityNetwork basic security
Network basic security
Mohamed Radji
 
WISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurityWISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurity
WISE KIDS
 
User's Guide to Online Privacy
User's Guide to Online PrivacyUser's Guide to Online Privacy
User's Guide to Online Privacy
cdunk12
 

Mais procurados (19)

Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
 
Communication security 2021
Communication security 2021Communication security 2021
Communication security 2021
 
OPSEC for OMBUDSMEN
OPSEC for OMBUDSMENOPSEC for OMBUDSMEN
OPSEC for OMBUDSMEN
 
MOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITYMOBILE PHONE SECURITY./ MOBILE SECURITY
MOBILE PHONE SECURITY./ MOBILE SECURITY
 
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
 
ICT and end user security awareness slides
ICT and end user security awareness slidesICT and end user security awareness slides
ICT and end user security awareness slides
 
Dos and Don'ts of Internet Security
Dos and Don'ts of Internet SecurityDos and Don'ts of Internet Security
Dos and Don'ts of Internet Security
 
Network basic security
Network basic securityNetwork basic security
Network basic security
 
Jeopardy
JeopardyJeopardy
Jeopardy
 
WISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurityWISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurity
 
Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14
 
Mobile app security
Mobile app securityMobile app security
Mobile app security
 
Smartphone
SmartphoneSmartphone
Smartphone
 
Spyware risk it's time to get smart
Spyware risk it's time to get smartSpyware risk it's time to get smart
Spyware risk it's time to get smart
 
User's Guide to Online Privacy
User's Guide to Online PrivacyUser's Guide to Online Privacy
User's Guide to Online Privacy
 
Security awareness
Security awarenessSecurity awareness
Security awareness
 
Mobile security by Tajwar khan
Mobile security by Tajwar khanMobile security by Tajwar khan
Mobile security by Tajwar khan
 
Cyber security
Cyber securityCyber security
Cyber security
 
Presentation about security I.T.
Presentation about security I.T.Presentation about security I.T.
Presentation about security I.T.
 

Destaque

Smartphone security
Smartphone securitySmartphone security
Smartphone security
Muthu Kumar
 
Learning Pool's Mark Lynch and Kevin Gallagher on 'Next Generation DLE'.
Learning Pool's Mark Lynch and Kevin Gallagher on 'Next Generation DLE'.Learning Pool's Mark Lynch and Kevin Gallagher on 'Next Generation DLE'.
Learning Pool's Mark Lynch and Kevin Gallagher on 'Next Generation DLE'.
Paul McElvaney
 

Destaque (20)

Smartphone & Security
Smartphone & SecuritySmartphone & Security
Smartphone & Security
 
Smartphone security
Smartphone securitySmartphone security
Smartphone security
 
Communication
CommunicationCommunication
Communication
 
Dave Briggs - Engaging Change
Dave Briggs - Engaging ChangeDave Briggs - Engaging Change
Dave Briggs - Engaging Change
 
Lecture 7
Lecture 7Lecture 7
Lecture 7
 
My Learning Pool
My Learning PoolMy Learning Pool
My Learning Pool
 
Scotweb Presentation
Scotweb PresentationScotweb Presentation
Scotweb Presentation
 
Nilga Feb 2009
Nilga Feb 2009Nilga Feb 2009
Nilga Feb 2009
 
Pobedite 10 slabosti u poslu koje EU ne trpi
Pobedite 10 slabosti u poslu koje EU ne trpiPobedite 10 slabosti u poslu koje EU ne trpi
Pobedite 10 slabosti u poslu koje EU ne trpi
 
Lezing Xerox
Lezing XeroxLezing Xerox
Lezing Xerox
 
Introduction to chef framework
Introduction to chef frameworkIntroduction to chef framework
Introduction to chef framework
 
Dispara tu carrera profesional: por qué unirse a una Comunidad
Dispara tu carrera profesional: por qué unirse a una ComunidadDispara tu carrera profesional: por qué unirse a una Comunidad
Dispara tu carrera profesional: por qué unirse a una Comunidad
 
Fip lezing Istanbul deel 1
Fip lezing Istanbul deel 1Fip lezing Istanbul deel 1
Fip lezing Istanbul deel 1
 
lezing Online netwerken
lezing Online netwerkenlezing Online netwerken
lezing Online netwerken
 
Aag presentatie 3 februari
Aag presentatie 3 februariAag presentatie 3 februari
Aag presentatie 3 februari
 
产品思考
产品思考产品思考
产品思考
 
A pilot study to evaluate nutritional influences on gastrointestinal symptoms...
A pilot study to evaluate nutritional influences on gastrointestinal symptoms...A pilot study to evaluate nutritional influences on gastrointestinal symptoms...
A pilot study to evaluate nutritional influences on gastrointestinal symptoms...
 
Learning Pool Webinar: Creating, editing and using images
Learning Pool Webinar: Creating, editing and using imagesLearning Pool Webinar: Creating, editing and using images
Learning Pool Webinar: Creating, editing and using images
 
Learning Pool's Mark Lynch and Kevin Gallagher on 'Next Generation DLE'.
Learning Pool's Mark Lynch and Kevin Gallagher on 'Next Generation DLE'.Learning Pool's Mark Lynch and Kevin Gallagher on 'Next Generation DLE'.
Learning Pool's Mark Lynch and Kevin Gallagher on 'Next Generation DLE'.
 
Ana Virtual Worlds
Ana Virtual WorldsAna Virtual Worlds
Ana Virtual Worlds
 

Semelhante a Smartphone security issues

Developing secure mobile apps by Alexandru Catariov Endava
Developing secure mobile apps by Alexandru Catariov EndavaDeveloping secure mobile apps by Alexandru Catariov Endava
Developing secure mobile apps by Alexandru Catariov Endava
Moldova ICT Summit
 
Debunking the Top 5 Myths About Mobile AppSec
Debunking the Top 5 Myths About Mobile AppSecDebunking the Top 5 Myths About Mobile AppSec
Debunking the Top 5 Myths About Mobile AppSec
NowSecure
 
Analysis and research of system security based on android
Analysis and research of system security based on androidAnalysis and research of system security based on android
Analysis and research of system security based on android
Ravishankar Kumar
 
How to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’tsHow to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’ts
NowSecure
 
Hacking By Nirmal
Hacking By NirmalHacking By Nirmal
Hacking By Nirmal
NIRMAL RAJ
 

Semelhante a Smartphone security issues (20)

Mobile Security - Dutch Mobile .Net Developers
Mobile Security - Dutch Mobile .Net DevelopersMobile Security - Dutch Mobile .Net Developers
Mobile Security - Dutch Mobile .Net Developers
 
Creating secure apps using the salesforce mobile sdk
Creating secure apps using the salesforce mobile sdkCreating secure apps using the salesforce mobile sdk
Creating secure apps using the salesforce mobile sdk
 
Mobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
Mobile security, OWASP Mobile Top 10, OWASP SeraphimdroidMobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
Mobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
 
Developing secure mobile apps by Alexandru Catariov Endava
Developing secure mobile apps by Alexandru Catariov EndavaDeveloping secure mobile apps by Alexandru Catariov Endava
Developing secure mobile apps by Alexandru Catariov Endava
 
iOS Application Security.pdf
iOS Application Security.pdfiOS Application Security.pdf
iOS Application Security.pdf
 
Mobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the AttackerMobile Application Security Threats through the Eyes of the Attacker
Mobile Application Security Threats through the Eyes of the Attacker
 
Debunking the Top 5 Myths About Mobile AppSec
Debunking the Top 5 Myths About Mobile AppSecDebunking the Top 5 Myths About Mobile AppSec
Debunking the Top 5 Myths About Mobile AppSec
 
Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015
Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015
Android Application Security Awareness Talk, OWASP MEETUP Q3, 2015
 
Android Camp 2011 @ Silicon India
Android Camp 2011 @ Silicon IndiaAndroid Camp 2011 @ Silicon India
Android Camp 2011 @ Silicon India
 
Hacking Mobile Apps
Hacking Mobile AppsHacking Mobile Apps
Hacking Mobile Apps
 
Mobile Apps Security
Mobile Apps SecurityMobile Apps Security
Mobile Apps Security
 
Analysis and research of system security based on android
Analysis and research of system security based on androidAnalysis and research of system security based on android
Analysis and research of system security based on android
 
Android security
Android securityAndroid security
Android security
 
How to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’tsHow to make Android apps secure: dos and don’ts
How to make Android apps secure: dos and don’ts
 
Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.Compliance made easy. Pass your audits stress-free.
Compliance made easy. Pass your audits stress-free.
 
Defending Behind the Mobile Device
Defending Behind the Mobile DeviceDefending Behind the Mobile Device
Defending Behind the Mobile Device
 
android Security
android Security android Security
android Security
 
Mobile Threats and Owasp Top 10 Risks
Mobile Threats and Owasp Top 10 RisksMobile Threats and Owasp Top 10 Risks
Mobile Threats and Owasp Top 10 Risks
 
Lumension Security - Adjusting our defenses for 2012
Lumension Security - Adjusting our defenses for 2012Lumension Security - Adjusting our defenses for 2012
Lumension Security - Adjusting our defenses for 2012
 
Hacking By Nirmal
Hacking By NirmalHacking By Nirmal
Hacking By Nirmal
 

Último

Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
CzechDreamin
 
In-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsIn-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT Professionals
Expeed Software
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
UXDXConf
 
Transforming The New York Times: Empowering Evolution through UX
Transforming The New York Times: Empowering Evolution through UXTransforming The New York Times: Empowering Evolution through UX
Transforming The New York Times: Empowering Evolution through UX
UXDXConf
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
David Michel
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
Femke de Vroome
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
ScyllaDB
 

Último (20)

Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
 
In-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsIn-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT Professionals
 
Enterprise Security Monitoring, And Log Management.
Enterprise Security Monitoring, And Log Management.Enterprise Security Monitoring, And Log Management.
Enterprise Security Monitoring, And Log Management.
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
 
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
 
Transforming The New York Times: Empowering Evolution through UX
Transforming The New York Times: Empowering Evolution through UXTransforming The New York Times: Empowering Evolution through UX
Transforming The New York Times: Empowering Evolution through UX
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutes
 
10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka Doktorová10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka Doktorová
 
Demystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyDemystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John Staveley
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Intelligent Gimbal FINAL PAPER Engineering.pdf
Intelligent Gimbal FINAL PAPER Engineering.pdfIntelligent Gimbal FINAL PAPER Engineering.pdf
Intelligent Gimbal FINAL PAPER Engineering.pdf
 
IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara Laskowska
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
 
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya HalderCustom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
 

Smartphone security issues

  • 1. Smartphone security issues What can you do?   NCA  Seminar,  Krushevo,  2013   Aleksandra  Gavrilovska  
  • 3. What can you do ?   •  Lock  access  to  the  phone  with  PIN  or   password   •  Backup  phone  data  in  the  cloud,  computer,   memory  card   •  Find  My  iPhone   •  Where’s  my  Droid   3  
  • 5. Malicious software •  Easily  distributed  via  applicaKon  stores   without  security  mechanism   •  Pirated  versions  of  legiKmate  apps   •  Fetch  apps  from  links  on  the  web   (“malverKzing”)   •  Install  soSware  which  targets  communicaKon,   user  locaKon  or  other  personal  data   •  SMS  trojan  and  premium  SMS   5  
  • 6. What can you do ?   •  Avoid  changing  phone’s  factory  seVngs   •  Don’t  jailbreak  or  root  your  phone   •  Install  apps  only  from  trusted  sources   •  Read  app  reviews     •  Read  permissions  requested  by  applicaKon   before  installing  it   •  Install  firmware  updates  provided  by  the   manufacturer     6  
  • 8. Malicious QR codes •  QR  code  usually  contain  web  link   •  Smartphone  browser  is  automaKcally   launched   •  Install  malware   •  Link  to  phishing  site   •  Steal  informaKon   8  
  • 9. What can you do ?   •  Use  app  that  has  built  in  securiKes  features   (Norton  Snap)   •  Enable  QR  code  review   •  Check  if  it  is  sKcker  (in  real  life)   9  
  • 10. Vulnerable wireless networks 10  
  • 11. What can you do ?   •  Don’t  transmit  sensiKve  data  via  public  Wi-­‐Fi,   which  is  usually  unencrypted   •  Send  sensiKve  data  to  sites  that  you  trust   •  Check  if  it  web  address  starts  with  haps   •  Use  secure,  encrypted  VPN  to  connect  to   corporate  network   11  
  • 12. PANIC 12  
  • 13. What can you do ?   •  Use  Mobile  device  security  tools   –  Mobile  device  management   –  Sandboxing   –  Secure  browsers   13  
  • 14. …because we develop mobile applications… 14  
  • 15. OWASP Mobile Security Project •  OWASP  FoundaKon   •  For  developers  and  security  teams   •  How  to  build  and  maintain  secure  mobile  apps   •  Primary  focus  on  applicaKon  layer   15  
  • 16. OWASP Mobile Security Project   •  Top  Ten  Mobile  Risks   •  Mobile  security  tesKng   •  Mobile  cheat  sheet  series   •  Secure  mobile  development   •  Top  ten  mobile  controls  and  design  principles   16  
  • 17. Thank you.   17