If you’re planning to take the Security+ exam, you should have a basic understanding of mobile device security methods available to reduce risks associated with mobile devices.
For example, can you answer this question?
Q. Your company provides electrical and plumbing services to homeowners. Employees use tablets during service calls to record activity, create invoices, and accept credit card payments. Which of the following would BEST prevent disclosure of customer data if any of these devices are lost or stolen?
A. Mobile device management
B. Disabling unused features
C. Remote wiping
D. GPS tracking
More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation is available at the end of this post.
Securing Mobile Devices
Mobile devices are smartphones, tablets, and laptop computers. Because they are mobile, they are more susceptible to some threats such as theft, and data security is one of the primary concerns with mobile devices.
There are many methods available to reduce risks associated with mobile devices. Some methods focus on securing the device, while others focus on application security.
Some general security concepts include:
- Encryption. Encryption protects against loss of confidentiality on multiple platforms, including workstations, servers, mobile devices, and data transmissions. Encryption methods such as full device encryption provide device security, application security, and data security.
- Authentication and device access control. Authentication methods such as usernames and passwords ensure only authorized personnel can access devices. Laptops support multifactor authentication, which is especially useful when the laptop includes valuable data. Smartphones and tablets typically have short passcodes, but users can be forced to use more secure authentication methods when they access the organization’s network.
- Device access control. Authentication methods protect access to devices. Without proper authentication methods, attackers can bypass device access controls.
The 601 Version of the Study Guide
The CompTIA Security+: Get Certified Get Ahead: SY0-601 Study GuideEach of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action.
You’ll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive review section to help you focus on what’s important.
Over 300 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The book includes:
- A 75 question pre-test
- A 75 question post-test
- Practice test questions at the end of every chapter.
Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question. You’ll be ready to take and pass the exam the first time you take it.
If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you’ll be a step ahead for other exams. This SY0-601 study guide is for any IT or security professional interested in advancing in their field, and a must-read for anyone striving to master the basics of IT security.
Mobile Device Security Concepts
The primary scenario that concerns mobile device users and administrators is loss or theft of a device. For example, if a thief steals Homer’s smartphone or tablet, Homer will have two primary concerns. He’ll want to locate the device and prevent the thief from accessing any data on the device. Several tools address both of these concerns.
Here are some device security concepts and concerns:
- Removable storage. USB thumb drives and other removable storage devices are a source of data leakage and malware distribution so security policies often restrict the use of USB thumb drives and other portable devices such as music players. Disabling removable storage capabilities makes it more difficult for users to copy data to and from the devices and protects them from malware. When using external USB hard drives, encryption can be effective at protecting the confidentiality of the data. However, it’s important to use strong access controls to ensure attackers cannot bypass the encryption and access the data.
- Storage segmentation. In some mobile devices, it’s possible to segment storage of data. For example, users might be required to use external storage for any corporate data to reduce the risk of data loss if the device is lost or stolen.
- Remote wiping. This is similar to the Erase iPad feature. It sends a remote signal to the device to wipe or erase all the data. Remote wipe capabilities are useful if the phone is lost. The owner can send a remote wipe signal to the phone to delete all the data on the phone. This also deletes any cached data, such as cached online banking passwords, and provides a complete sanitization of the device by removing all valuable data.
- Disabling unused features. Basic hardening practices for desktop and server systems apply to mobile devices, too. If ports and protocols aren’t needed, they should be disabled or removed. Similarly, if mobile devices have any features that are not needed, they should be disabled. A side benefit of disabling unused features is that it reduces the drain on the battery and helps the battery to last longer.
Q. Your company provides electrical and plumbing services to homeowners. Employees use tablets during service calls to record activity, create invoices, and accept credit card payments. Which of the following would BEST prevent disclosure of customer data if any of these devices are lost or stolen?
A. Mobile device management
B. Disabling unused features
C. Remote wiping
D. GPS tracking
Answer is C. Remote wiping sends a signal to a device and erases all data, which would prevent disclosure of customer data.
Mobile device management helps ensure devices are kept up to date with current patches.
Disabling unused features is a basic hardening step for mobile devices, but doesn’t help if the device is lost.
Global positioning system (GPS) tracking helps locate the device, but doesn’t necessarily prevent data disclosure if the device cannot be retrieved.
