BYOD Security in a Modern Enterprise 2013
November 4 - 6, 2013
Roma , Italia
Mobile devices have invaded the enterprise like never before. Today's workforce demands not just mobile devices, but in many cases, "Bring Your Own Device" (BYOD) support from their IT departments. Supporting the functional needs of the employees with their BYOD devices and maintaining enterprise security has become one of the biggest IT Security challenges of the 2010s.
This class starts by taking a deep and hands-on look at the problems surrounding BYOD/mobile devices on Google Android as well as Apple iOS devices (iPhone, iPad). Students will learn how to do static analysis of mobile apps to look for common security weaknesses such as: weak protection of sensitive user data stored on the mobile device, finding embedded secrets in the mobile app, exploring side-channel information leakage.
Next, students will learn how to do dynamic analysis of mobile apps to look for common security weaknesses such as: leaking information through key logs, screen shots, and other side-channels, inadequate (or no) use of SSL/TLS to encrypt sensitive data transiting through the network.
From there, the class looks at how to securely configure Android and iOS devices to maximize their security. Students will use available tools to lock down the security configuration on Android as well as iOS devices.
Lastly, the class looks at available product solutions for managing large fleets of mobile devices. Students will learn what products are available for doing central management of enterprise BYOD deployments. Product features and capabilities will be compared and contrasted, so students will be able to effectively decide which product(s) best suit their organizational needs and how to select them.
Policy implications are also discussed so that students have a realistic outlook of what to expect when deploying Mobile Management products.
This class starts by taking a deep and hands-on look at the problems surrounding BYOD/mobile devices on Google Android as well as Apple iOS devices (iPhone, iPad). Students will learn how to do static analysis of mobile apps to look for common security weaknesses such as: weak protection of sensitive user data stored on the mobile device, finding embedded secrets in the mobile app, exploring side-channel information leakage.
Next, students will learn how to do dynamic analysis of mobile apps to look for common security weaknesses such as: leaking information through key logs, screen shots, and other side-channels, inadequate (or no) use of SSL/TLS to encrypt sensitive data transiting through the network.
From there, the class looks at how to securely configure Android and iOS devices to maximize their security. Students will use available tools to lock down the security configuration on Android as well as iOS devices.
Lastly, the class looks at available product solutions for managing large fleets of mobile devices. Students will learn what products are available for doing central management of enterprise BYOD deployments. Product features and capabilities will be compared and contrasted, so students will be able to effectively decide which product(s) best suit their organizational needs and how to select them.
Policy implications are also discussed so that students have a realistic outlook of what to expect when deploying Mobile Management products.
Eventi correlati
BYOD Security in a Modern Enterprise November 4 - 6, 2013
