Mobile Device Vulnerabilities - CompTIA Security+ SY0-701 - 2.3

Mobile device security

• Challenging to secure

- Often need additional security policies

and systems

• Relatively small

- Can be almost invisible

• Almost always in motion

- You never know where it might be

• Packed with sensitive data

- Personal and organizational

• Constantly connected to the Internet

- Nothing bad happens on the Internet

Jailbreaking/rooting

• Mobile devices are purpose-built systems

- You don't have access to the operating system

• Gaining access

- Android - Rooting

- Apple iOS - Jailbreaking

• Install custom firmware

- Replaces the existing operating system

• Uncontrolled access

- Circumvent security features

- The MDM becomes relatively useless

Sideloading

Malicious apps can be a significant security concern.

- One Trojan horse can create a data breach

Manage installation sources

- The global or local app store

Sideloading circumvents security

- Apps can be installed manually without an appstore

- Again, your MDM becomes relatively useless

<>

<>