Mobile Security: A Pocket Guide
()
About this ebook
This pocket guide gives you clear and reliable guidance on how to protect the information contained in your mobile phone. Written by one of the country’s top academic experts on information security, the guide covers such topics as safeguarding data through encryption, establishing a virtual private network (VPN) to create a secure way for your staff to connect to the server on a remote device, and countering the growing threat on mobile platforms of SMS-phishing and malware. Rather than trying to ban the Blackberry, the solution proposed is for organisations to factor mobile devices into their overall information security policy.
Steve Furnell
Professor Steven Furnell is the head of the Centre for Information Security & Network Research at the University of Plymouth. He has been active in security-related research since 1992, and his interests include computer crime, user authentication and security usability. He is the Editor-in-Chief of the journal Information Management & Computer Security, a Fellow and Branch Chair of the British Computer Society (BCS), and a Senior Member of the Institute of Electrical and Electronic Engineers (IEEE).
Related to Mobile Security
Related ebooks
E-mail Security: A Pocket Guide Rating: 0 out of 5 stars0 ratingsMobile Malware Attacks and Defense Rating: 5 out of 5 stars5/5Cloud Storage Forensics Rating: 4 out of 5 stars4/5The Cyber Security Handbook – Prepare for, respond to and recover from cyber attacks Rating: 0 out of 5 stars0 ratingsA concise introduction to the NIS Directive: A pocket guide for digital service providers Rating: 0 out of 5 stars0 ratingsMobile Security: How to secure, privatize and recover your devices Rating: 5 out of 5 stars5/5How to Defeat Advanced Malware: New Tools for Protection and Forensics Rating: 0 out of 5 stars0 ratingsComputer Forensics: A Pocket Guide Rating: 4 out of 5 stars4/5Security Leader Insights for Information Protection: Lessons and Strategies from Leading Security Professionals Rating: 0 out of 5 stars0 ratingsHandbook of Digital Forensics and Investigation Rating: 4 out of 5 stars4/5Cyber Security: Essential principles to secure your organisation Rating: 0 out of 5 stars0 ratingsThor's Microsoft Security Bible: A Collection of Practical Security Techniques Rating: 0 out of 5 stars0 ratingsThe Little Book of Cybersecurity Rating: 0 out of 5 stars0 ratingsMobile Security and Privacy: Advances, Challenges and Future Research Directions Rating: 5 out of 5 stars5/5The Psychology of Information Security: Resolving conflicts between security compliance and human behaviour Rating: 5 out of 5 stars5/5Unified Communications Forensics: Anatomy of Common UC Attacks Rating: 4 out of 5 stars4/5Intrusion Prevention and Active Response: Deploying Network and Host IPS Rating: 3 out of 5 stars3/5EC Council Certified Incident Handler A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsNmap A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratingsManaging Information Security Breaches: Studies from real life Rating: 0 out of 5 stars0 ratingsDigital Forensics A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratings#HACKED: 10 Practical Cybersecurity Tips to Help Protect Personal or Business Inform Rating: 0 out of 5 stars0 ratingsInformation Security A Practical Guide: Bridging the gap between IT and management Rating: 5 out of 5 stars5/5OS X Exploits and Defense: Own it...Just Like Windows or Linux! Rating: 0 out of 5 stars0 ratingsDigital Cop: A Digital Cop's Guide to Cyber Security Rating: 0 out of 5 stars0 ratingsThe Certified Ethical Hacker Exam - version 8 (The concise study guide) Rating: 3 out of 5 stars3/5Digital Forensics A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsCertified Ethical Hacker (CEH) Rating: 0 out of 5 stars0 ratingsCyber Security Awareness A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratings
Security For You
Remote/WebCam Notarization : Basic Understanding Rating: 3 out of 5 stars3/5Hacking for Beginners: Mastery Guide to Learn and Practice the Basics of Computer and Cyber Security Rating: 0 out of 5 stars0 ratingsCompTIA Security+ Study Guide: Exam SY0-601 Rating: 5 out of 5 stars5/5How to Become Anonymous, Secure and Free Online Rating: 5 out of 5 stars5/5Make Your Smartphone 007 Smart Rating: 4 out of 5 stars4/5Wireless Hacking 101 Rating: 4 out of 5 stars4/5Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5How to Hack Like a GOD: Master the secrets of hacking through real-life hacking scenarios Rating: 4 out of 5 stars4/5Practical Ethical Hacking from Scratch Rating: 5 out of 5 stars5/5Practical Lock Picking: A Physical Penetration Tester's Training Guide Rating: 5 out of 5 stars5/5Ultimate Guide for Being Anonymous: Hacking the Planet, #4 Rating: 5 out of 5 stars5/5Cybersecurity For Dummies Rating: 4 out of 5 stars4/5Hacking For Dummies Rating: 4 out of 5 stars4/5Game Console Hacking: Xbox, PlayStation, Nintendo, Game Boy, Atari and Sega Rating: 0 out of 5 stars0 ratingsCompTIA Network+ Review Guide: Exam N10-008 Rating: 0 out of 5 stars0 ratingsAmazon Web Services (AWS) Interview Questions and Answers Rating: 5 out of 5 stars5/5IAPP CIPP / US Certified Information Privacy Professional Study Guide Rating: 0 out of 5 stars0 ratingsHow to Hack Like a Pornstar Rating: 5 out of 5 stars5/5Mike Meyers CompTIA Security+ Certification Passport, Sixth Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers Rating: 4 out of 5 stars4/5Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5Cybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity Rating: 5 out of 5 stars5/5Tor and the Dark Art of Anonymity Rating: 5 out of 5 stars5/5Network+ Study Guide & Practice Exams Rating: 4 out of 5 stars4/5Codes and Ciphers - A History of Cryptography Rating: 4 out of 5 stars4/5CompTIA CySA+ Practice Tests: Exam CS0-002 Rating: 0 out of 5 stars0 ratingsSocial Engineering: The Science of Human Hacking Rating: 3 out of 5 stars3/5Security+ Boot Camp Study Guide Rating: 5 out of 5 stars5/5
Reviews for Mobile Security
0 ratings0 reviews
Book preview
Mobile Security - Steve Furnell
978-1-84928-122-5
PREFACE
Mobile devices represent an increasingly important proportion of the technology market, with laptops, PDAs and smartphones all offering substantial opportunities to improve personal communications and business flexibility. In addition, removable storage, such as memory sticks, now enables enormous quantities of data to be carried around, making it available to use on demand in any location. However, such undoubted advantages can also bring considerable risks, with devices being physically vulnerable to loss, theft and damage, as well as potentially exposed to various forms of electronic attack. As such, there is a significant and growing need for protection, in order to enable us to get the best out of the kit in an otherwise dangerous digital world.
The book provides a concise reference to the key security issues affecting those that deploy and use mobile technologies to support their organisations. It aims to raise awareness of the threats to which mobile devices, users and data are exposed, as well as to provide advice on how to address the problems.
The key themes tackled in the chapters are as follows:
• the importance of mobile technologies
• physical threats in the outside world
• dealing with network connectivity
• authenticating the user
• other mechanisms for protecting mobile data
• attacks facing mobile devices and users
• the potential limitations of mobile security features.
The content is essentially applicable to anyone using and deploying mobile devices, but particularly relevant to those wanting guidance on why protection is required and what should be done to achieve it (while at the same time noting that it is not a detailed how-to guide for any particular technology platform). In addition to the main discussion and evidence, each chapter concludes with a series of ‘takeaways’ that summarise the key messages, and can be used as high-level reminders of the points that we need to remember.
ABOUT THE AUTHOR
Prof. Steven Furnell is the head of the Centre for Information Security & Network Research at the University of Plymouth in the United Kingdom, and an Adjunct Professor with Edith Cowan University in Western Australia. He has been active in security-related research since 1992, with interests including security management, computer crime, user authentication and security usability.
During his academic career to date, Prof. Furnell has authored over 190 papers in refereed international journals and conference proceedings, as well as a number of books including Cybercrime: Vandalizing the Information Society (Addison Wesley, 2001) and Computer Insecurity: Risking the System (Springer, 2005). He is also the editor-in-chief of Information Management & Computer Security, and an associate editor for other journals including Computers & Security and Security & Communication Networks. In addition, he is the co-chair of the Human Aspects of Information Security & Assurance (HAISA) symposium, and he has served as a programme committee member for over 120 other international conference events.
Prof. Furnell is a Fellow and Branch Chair of the British Computer Society (BCS) and a Senior Member of the Institute of Electrical and Electronics Engineers (IEEE). He is also active as a UK representative in International Federation for Information Processing (IFIP) working groups relating to Information Security Management (of which he is the current chair) and Information Security Education.
Further details can be found at www.plymouth.ac.uk/cisnr.
ACKNOWLEDGEMENTS
Thanks are due to Dr Nathan Clarke for his helpful feedback on the draft version of the manuscript, as well as for his contribution to some of the underlying work referenced in the guide. Thanks are also due to Sevasti Karatzouni and Reinhardt Botha for their valued collaboration on some of the related research.
CONTENTS
CHAPTER 1:
GETTING MOBILE
As an introduction to the topic area, this chapter identifies the range and increasing capabilities of mobile devices, including laptops/notebooks, PDAs, mobile phones, media players and removable storage. The discussion emphasises that while mobility is an undoubted asset to the business, it does serve to open up a new range of risks through both the technology and the ways it is used. This will set the scene for the more focused chapters that follow.
Mobile technology has transformed the nature of our personal and business lives, with laptop computers, Personal Digital Assistants (PDAs), and mobile phones all having made the transition from being high-end executive items to everyday technologies in the mass market. As just one example, by 2005 mobile phones had already reached 80% penetration across the OECD area, with 14 countries having exceeded 100% (i.e. having more active mobile accounts than their total population).¹ Not only do more people have them, they can also do more with