2015 MDRT Annual Meeting e Handout Material. What is Your Smartphone Leaking?

Similar documents
Mobile Operating Systems & Security

Connecting your Aiki phone to a network

ONE Mail Direct for Mobile Devices

3. Security Security center. Open the Settings app. Tap the Security option. Enable the option Unknown sources.

Quick Start Guide. Business Wireless Gateway. WiFi Devices. Model Number: DPC3939B. Business Wireless Gateway

U.S. Cellular Mobile Data Security. User Guide Version 00.01

Sophos Mobile Control user help. Product version: 6.1

How to connect your D210 using Bluetooth. How to connect your D210 using GPRS (SIM Card)

BlackVue Cloud App Overview...3. Getting Started...6. Basic Menu Screens BlackVue Cloud BlackVue Wi-Fi Internal Memory...

Medstar Health Dell Services

GO!Enterprise MDM Device Application User Guide Installation and Configuration for Android

Reviewer Guide Core Functionality

Administrator's Guide

Sophos Mobile Control User guide for Apple ios. Product version: 4

Smart Ideas for Smartphone Security

Business Mobile Banking

Skype for Business for Android

How can I protect against the loss of my ID if my device is lost or stolen?

Setting Up groov Mobile Apps. Introduction. Setting Up groov Mobile Apps. Using the ios Mobile App

Sophos Mobile Control User guide for Apple ios. Product version: 2 Document date: December 2011

Cloud Services MDM. ios User Guide

Online Services User Guide

GO!Enterprise MDM Device Application User Guide Installation and Configuration for Android with TouchDown

Android Tablet Basics Class Handouts

Two Factor Authentication (TFA; 2FA) is a security process in which two methods of authentication are used to verify who you are.

B&SC Office 365

Rockets Smartphone Configuration. Spring 2012 Edition

Mobile Iron User Guide

Business Mobile Banking Features

RESPONSEWARE FOR ANDROID PARTICIPANTS

Verizon Wireless Family Locator 4.9 User Guide Contents

MOBILE BANKING USER GUIDE

MCBDirect Corporate Logging on using a Soft Token

Mobile Banking web user guide

High Speed Internet - User Guide. Welcome to. your world.

Mobile Conference Connection User Guide Android Mobile Device

Android App User Guide

En Wireless Mobile Utility (Android) User s Manual. D750, D610, D600, D7200, D7100, D5500, D5300, D5200, D3300, Df

Kaspersky Security 10 for Mobile Implementation Guide

How to connect your D200 using Bluetooth. How to connect your D200 using GPRS (SIM Card)

TIPS FOR USING OS X 10.8 MOUNTAIN LION

Sophos Mobile Control User guide for Windows Phone 8. Product version: 3.5

Kaspersky Password Manager

NHL App FAQ For ios / ipad, iphone, and ipod

10 Quick Tips to Mobile Security

User Guide. BES12 Self-Service

Two Factor Authentication - USER GUIDE

Securing your credit *

Getting to know your ipad For Beginners

Management Website User Guide. SecureAnywhere AntiVirus SecureAnywhere Internet Security Plus SecureAnywhere Complete

Research Information Security Guideline

This guide describes features that are common to most models. Some features may not be available on your tablet.

Supplementary Owner's Handbook. The Ultimate Driving Machine. MY BMW REMOTE - ios. SUPPLEMENTARY OWNER'S HANDBOOK.

Quick Start Guide. English. Android 5.0, Lollipop

Vehicle Monitoring Quick Reference Guide

Marlon R Clarke, Ph. D., CISSP, CISM Director Network Operations and Services, NSU

SafeNet MobilePASS Version 8.2.0, Revision B

How to configure Mac OS X Server

Cloud Services MDM. Overview & Setup Admin Guide

1. Set a longer (and stronger) six-digit passcode. 2. Prevent apps from uploading your data

GO!Enterprise MDM Device Application User Guide Installation and Configuration for ios with TouchDown

Manual. Start accepting card payments with payleven

Building a BYOD Program Using the Casper Suite. Technical Paper Casper Suite v9.4 or Later 17 September 2014

Mobile Communicator for Mobile Devices

GO!Enterprise MDM Device Application User Guide Installation and Configuration for ios Devices

iphone 3GS Initial Set-up Guide

INTEGRATION GUIDE. Bluetooth Connection Instructions for CR2300/CR2600/CR3600 VERSION 03 RELEASE DATE: MARCH 2016

SysAid MDM User Guide for Android

1 CONNECT & CREATE CHAMBERLAIN INTERNET GATEWAY USER S GUIDE. Featuring MyQ Technology

SalesPad Mobile Usage Guide. Contents. A software product created by SalesPad Solutions Copyright

Tutorial on Smartphone Security

This guide describes features that are common to most models. Some features may not be available on your tablet.

ESC Mobile App Guide

STINGRAY MUSIC MOBILE APP USER GUIDE FOR MTS VERSION 1.0

MobileMerchant Application Guide

Kaspersky Security for Mobile Administrator's Guide

Tom Schauer TrustCC cell

En Wireless Mobile Utility (Android) User s Manual. D610, D600, D7100, D5300, D5200, D3300, Df

Lync 2013 Quick Reference Lync Meetings. Join a Lync Meeting. Schedule a Lync Meeting. Do I need a PIN, work number or extension? Set meeting options

Your HTC Desire What s new?

AVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS. ftrsecure.com

The easy way to accept EFTPOS, Visa and MasterCard payments on the spot. Mobile Users Charging your PayClip. 2. Downloading the PayClip app.

MiniPOS and BluePad-50 user manual

Welcome to. Vodafone

CommBank Small Business app User Guide

Kaspersky Endpoint Security 8 for Smartphone for Android OS

MDM User Guide June 2012

GLOBALMEET FOR iphone. GLOBALMEET FOR iphone USER GUIDE

How to Print Using the PrinterOn Hosted Service & FAQs

Downloading Electro Scan Smartphone App From Google Play* * Previously known as The Android Market

CareSentinel Set Up Guide for Android Devices

Flexible Identity. OTP software tokens guide. Multi-Factor Authentication. version 1.0

NetSuite OpenAir Mobile for Android User Guide Version 1.3

Apple Deployment Programs Apple ID for Students: Parent Guide

What does the First Mobile app do for me? What else can I do with the mobile banking app beyond the basics? Why should I use the mobile banking app?

IT user guide. Campus WiFi eduroam. September Information Services

PLEASE READ THIS FIRST

Transcription:

2015 MDRT Annual Meeting e Handout Material Title: Speaker: What is Your Smartphone Leaking? Anwar Visram, CISSP Presentation Date: Wednesday, June 17, 2015 10:00 11:00 a.m. The Million Dollar Round Table (MDRT) does not guarantee the accuracy of tax and legal matters and is not liable for errors and omissions. You are urged to check with tax and legal professionals in your state, province or country. MDRT also suggests you consult local insurance and security regulations and your company s compliance department pertaining to the use of any new sales materials with your clients. The information contained in this handout is unedited and errors, omissions and misspellings may exist. Content may be altered during the delivery of this presentation. 2015 Million Dollar Round Table Million Dollar Round Table 325 West Touhy Ave. Park Ridge, IL 60068 USA

Anwar Visram, CISSP What is Your Smartphone Leaking? Source: Febelfin and Safeinternetbanking.be What Info Are You (UNINTENTIONALLY) Sharing? 1

Mobile Devices Usage Share our information Client data, banking, TIME, shopping, social media, personal information, etc Criminals top target Mobile Device Security Guide Security actions Step-by-step guide Presentation notes 2

Is Your Password Guessable? PIN: 0000 8888 1234 SWIPE: 0 L Security Action #1 A password is the very basic protection level you should your device be lost or stolen. 6 Characters Long Create A More Secure Password 1. Tear piece of paper (see last page of guide) 2. Write down new password 3. Store it securely in your wallet or purse 3

Sample Passwords bbq-ribs goodday! 2fast4uuu safety1st Of course, longer/ complex is better: @nwar1$myher0! ( Anwar Is My Hero! ) Mobile Device Security Guide Security actions Step-by-step guide Presentation notes Attention Android Users Icons and menus may vary depending on your device, OS version and/or device settings. Presentation and Guide based on: Google Nexus Android version 5 (AKA Lollipop) 4

Apple Users If you see differences, then you likely have an older IOS version. Presentation and Guide based on: Apple IOS 8 Apple: 1. Settings 2. Touch ID & Passcode Android: 1. Settings 2. Security Apple: 3. Turn OFF Simple Passcode 4. Press Turn Passcode On Android: 3. Screen lock 4. Select Password 5

Apple: 3 / 4 Enter New Password you wrote on paper Android: 5. Enter New Password you wrote on paper 6. Notification settings Apple: 5. Set Require Passcode time Android: 7. Set Automatically Lock 8. Set Power button instantly locks Apple: 6. Enable Erase Data All data erased after 10 consecutive failed password tries Android: 9. NO BUILT-IN auto-erase data function after password failed attempts at the time of creating this slide 6

Store in Your Wallet or Purse Security Action #2 operating system up-to-date Mobile Device = Computer Install patches and security fixes Reduce vulnerabilities use to attack you 7

Updating Your Mobile Device Apple: Android: Security Action #3 Apps up-to-date Updating Your APPs Apple: Android: 8

Security Action #4 reputable market places like Apple s App Store or Google Play App Store Bad Apps: What Can Happen? 9

What APPs Are Safe? No definitive guide Check reviews App Store Internet search Security Action #5 Note: Android only security protection software Android Security Software Search for security Read internet reviews Your own due diligence For example, I use both: Sophos: Lookout 10

The Future of Apps Evolution of digital ID What could be next Passport? Medical ID? Apps Permissions Sample from Google Maps!!! Directly call phone numbers $$$ Read your contacts READ/ modify/ delete data Disable lock screen Add/ remove accounts Control WiFi, NFC, GPS, Bluetooth 11

Sources: Austin News, IT News, Action News, Location Tracker Service Apps, Pictures, Posts, Messages You may be giving away more info than you may think Your Location has been Shared 5,398 Times in 14 days! A Field Study on Mobile App Privacy Nudging ( AppOps briefly appeared in Android 4.3 no longer available) 12

Locations Services Where you ve been When you were there How long you were there Check Your Location Services Apple: Android: Security Action #6 Location Services settings 13

Source: IDStrongHold, FoxNews Your NFC Settings Apple: Currently, NFC is locked down. It may only be used with Apple Pay. There is no way to disable it broadcasting of NFC signals However, NFC may open up to other apps in the future and thus increase NFC related risks. Android: Security Action #7 NFC when not being used 14

FREE NFC Protective Sleeve Come and speak to me at speakers corner and get a NFC protective sleeve for your credit cards, drivers licenses, etc. Great opportunity to ask me any questions that you may have! Just covered the TIP of the iceberg Similar mindset for: Online banking Social Media Web applications Cloud technologies Computer systems Etc Thank You Questions? 15

MILLION DOLLAR ROUND TABLE, 2015 ANNUAL MEETING: WHAT IS YOUR SMARTPHONE LEAKING? Mobile Device Security Guide Created By Anwar Visram

What is Your Smartphone Leaking? Table of Contents Executive Summary... 3 Important... 3 Changing Your Mobile Device Password... 4 Updating Your Mobile Device... 8 Downloading Apps... 9 Security Software... 9 Location Services... 10 NFC Near Field Communication... 10 Fill in the Blank Answers... 11 Additional Presentation Notes... 12 Presentation Slide Create A More Secure Password... 12 Mobile Device Security Guide Page 2 12

Executive Summary What is Your Smartphone Leaking? The security tips, action items and other recommendations noted in this guide are in reference to the What is Your Smartphone Leaking presentation. Important Pictures and references were developed using the Apple IOS 8 and Android version 5 (a.k.a. Lollipop ) on the Google Nexus Features, menus, icons, etc. may vary depending on your o device, o OS version and/or o device settings Features, menus, icons, etc. will likely evolve over time and may not exactly as shown in this guide The concepts covered in this document and related presentation may be applied to ALL mobile devices regardless of manufacturer or version. Mobile Device Security Guide Page 3 12

What is Your Smartphone Leaking? Changing Your Mobile Device Password A password provides the very basic mobile device protection that prevents anyone simply picking up your lost or stolen mobile device and having direct access to your email, client information, social media accounts, pictures, text messages, etc. Security Action #1: Password should be at least. NOTE: To increase your security, make your password longer, complex and more difficult to guess. 1 2 APPLE IOS 8 1 ANDRIOD version 5 1. Press Settings icon 2. Press Touch ID & Passcode 1. Press Settings icon 2. Press Security 2 Mobile Device Security Guide Page 4 12

What is Your Smartphone Leaking? 4 APPLE IOS 8 3 ANDRIOD version 5 5 3 4 6 3. Set Simple Passcode to off position (You do NOT want to see green ) IF prompted with the Enter a password screen: Enter the new password you wrote on paper After password is changed, skip to Step 5 4. Press Turn Passcode On Enter password your wrote on paper: 3. Press Screen lock 4. Press Password 5. Enter the new password you wrote on paper 6. Select preferred Notification Settings This setting sets the amount of notification (e.g. text message, calendar reminder, missed call, etc.) detail that is displayed when the mobile device is locked. For increased privacy, select Hide sensitive notification content or Don t show notifications at all. Mobile Device Security Guide Page 5 12

What is Your Smartphone Leaking? APPLE IOS 8 ANDRIOD version 5 5 7 8 5. Set Require Passcode time Recommended setting: 5 minutes or less Password protection will now be enabled: After configured time period OR When power button is pressed (Functions similar to the screensaver on desktop and laptop computers) 7. Set Automatically Lock time Recommended setting: 5 minutes or less Password protection will now be enabled: After configured time period OR When power button is pressed (Functions similar to the screensaver on desktop and laptop computers) 8. Set Power button instantly locks to: On = Mobile Device Security Guide Page 6 12

What is Your Smartphone Leaking? APPLE IOS 8 ANDRIOD version 5 9 6 6. Enable Erase Data After 10 consecutive failed password tries: All data erased AND Device reset to factory default settings 9. At the time of writing this document, the autoerase data after X number of failed password attempts was not a built in feature. Instead, a 30 second delay is activated after every 10 consecutive failed password attempts. Mobile Device Security Guide Page 7 12

Updating Your Mobile Device What is Your Smartphone Leaking? Security Action #2: Keep my. 1 2 APPLE IOS 8 1 2 ANDRIOD version 5 3 3 7. Press Settings icon 8. Press General 9. Press Software Update 10. Press Settings icon 11. Press About tablet 12. Press System updates Security Action #3: Keep my. APPLE IOS 8 1 1 ANDRIOD version 5 2 2 1. Press the App Store icon 2. Press Updates 1. Press Play Store icon The Play Store icon may be found under Apps/ Widgets menu: 2. Under the My Apps menu, press UPDATE ALL button Mobile Device Security Guide Page 8 12

What is Your Smartphone Leaking? Downloading Apps Security Action #4: Only download apps from. Recommendation: Only download apps from reputable market places that take app security seriously: Apple App Store Google Play How to determine if an APP is safe? Unfortunately, there is no definitive guide Check App reviews and see what people are posting about the app Internet search that includes the App name and virus or malware or ransom and see what the results are Regardless of the marketplace (both Apple and Android), it is critical to perform due diligence checking BEFORE installing ANY app. Security Software Security Action #5: Download and install. NOTE: At the time of writing this document, this only applies to Android devices as Apple development model does not support software that checked/ tested/ scanned its devices for malware. Use the search term security at the Google Play store Check internet reviews. Be aware that: o There is no best software o Most security software work approximately the same o Security software ratings and reviews are subjective as the ratings will differ depending on who is reviewing it what the both the test and sample criteria are. o Use security software from reputable brands that have been around for a few years Mobile Device Security Guide Page 9 12

What is Your Smartphone Leaking? Location Services Location Services uses both GPS and your Wi Fi signal to calculate your exact location on this planet. It is useful when trying to find get directions on how to get to the new restaurant you will be trying out; however, this many apps and services secretly collect this information allowing potential allowing malicious apps and criminals to track you as you move about this planet. Security Action #6: Review. 1 APPLE IOS 8 1 ANDRIOD version 5 2 2 3 1. Press Settings icon 2. Press Privacy 3. Press Location Services 1. Press Settings icon 2. Press Location NFC Near Field Communication NFC is a technology that is use by many credit cards to wirelessly pay for goods and services. The issue with NFC is that it is an always on technology. Meaning it is continuously wirelessly broadcasting payment information (e.g. credit card number, name, expiry and other security information), which can be picked up by any NFC receiver. Almost all of the latest mobile devices are now equipped with NFC capability which could allow a virus laden app to collect nearby NFC broadcasts and wirelessly transmit them to an attacker anywhere in the world. Security Action #7: Disable. APPLE IOS 8 At the time of creating this document NFC is locked down. It may only be used with Apple Pay. There is no way to disable it broadcasting of NFC signals. However, NFC may open up to other apps in the future and thus increase NFC related risks. 1 1. Press Settings icon 2. Press More 3. Check NFC on/off switch On = 2 ANDRIOD version 5 3 Mobile Device Security Guide Page 10 12

Fill-in-the-Blank Answers Security Action #1: What is Your Smartphone Leaking? Password should be at least 6 characters long. Security Action #2: Keep my (IOS and/or Android) operating system up to date. Security Action #3: Keep my APPs up to date. Security Action #4: Only download apps from reputable market places like Apple s App Store or Google Play. Security Action #5: Download and install security protection software (ANDROID ONLY). Security Action #6: Review Location Services settings. Security Action #7: Disable NFC when not being used. Mobile Device Security Guide Page 11 12

What is Your Smartphone Leaking? Additional Presentation Notes Presentation Slide Create A More Secure Password 1. Tear piece of paper and 2. Write down new more secure password (at least 6 characters long) 3. Safely store in wallet or purse Mobile Device Security Guide Page 12 12

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information