• Classroom
Course Description

Mobility poses many security-related challenges, including anonymous connections, & connections, clear text network traffic, wireless networks and many more. Unfortunately, mobile technology usage in the workplace has grown at a rate that far exceeds the training and education necessary to equip information security professionals to adequately protect their organizations and their end users from mobile-related threats. These professionals are further challenged by the fact that mobile devices are finding their way into the workplace, whether or not the business is ready for them.

This three-day seminar is designed to provide the knowledge and experience needed in order to enable an organization to securely embrace, deploy and manage mobile devices/applications. Through hands-on exercises, attendees will gain specialized knowledge of mobile technology security. We will cover mobile computing fundamentals, security settings for varying device types, assessing mobile computing risks, developing mobile policies, procedures, and standards, auditing mobile devices, deploying and managing a Mobile Device Management (MDM) solution, attacking and defending mobile devices and applications and mobile device forensics.

This course is available on-site at your location, or offered through open enrollment in New York, NY.

Learning Objectives

What You Will Learn:

  1. The State of Security in the Mobile Ecosystem, Mobile Network Security Vulnerabilities, Carrier networks Personal networks, Mobile Device Hardware Vulnerabilities, Chipsets (baseband, memory, processors), Supply chain problems, Mobile Platform Operating System Vulnerabilities, iOS, Android, BlackBerry 7 vs 10, Windows Phone, Mobile Application Security Landscape, Malicious apps, enterprise impact, Application exploitation of OS vulnerabilities
  2. Mobile Technology Security Policies, Corporate-liable vs BYOD, Regulatory requirements, mobile tech impacts, EDiscovery precedents, Mobile Acceptable Use Policy development
  3. Network Vulnerability Risk Management, Understanding baseband firewall options, Firewall log capture, review
  4. Mobile Device Management Landscape, Defining success for MDM deployments, Understanding COTS solutions costs/benefits, Understanding DIY solutions costs/benefits
  5. Mobile Platform Vulnerability Risk Management, iOS, Android, BlackBerry, Windows Phone
  6. Mobile Application Risk Management, Inter-Process Communications Firewalls, Static Analysis, Application Reputation Services
  7. Mobile Data Risk Management, iCloud and its impact on enterprise infosec, Cloud backup of mobile data in general
  8. Mobile Technology Forensics, Forensic toolset strengths, weaknesses, BYOD, personal line of service forensics challenges

Framework Connections