Page 19 - Mobile Data Loss
P. 19

Understanding Mobile Data Loss Threats  13


            allow a developer, business unit, and other non-IT folks to distribute
            or update malicious apps to users. The implications are that if one of
            these individuals has malicious intent, it would be quite easy for him
            or her to distribute a malicious app that contains spyware that could
            allow access to SMS messages, email, or even the microphone or video
            camera to spy on an individual. While many would lump this into mal-
            ware or malicious apps, they would only be partly correct. The intent
            and method of infestation are arguably different. In the next chapter,
            we’ll outline an approach to tackle this issue.

               Another issue is your productive users. Many users look for ease-
            of-use when sharing data with other employees, customers, and busi-
            ness partners. If IT takes a stance restricting everything, users will
            inevitably find a way around it, a phenomenon known as Shadow IT.
            This can be one of the biggest data threats. Users want to use the
            cloud to share content; it makes it easier than what IT has provided.
            But when this occurs, IT looses at visibility and control of the data,
            and indirectly represents a data breach. Fortunately, enterprise file and
            sync share (EFSS) solutions exist today to allow secure file and content
            sync and sharing that allows them to securely store data in the cloud
            and continue to use their personal cloud shares. More of this will be
            covered in the next chapter. For now, this is another threat vector to
            enterprise data to include in the overall list of threats.



            MOBILE NETWORK THREATS

            We live in a mobile world, and as a result our users are mobile. Users will
            commonly connect to any free Wi-Fi they can find while they’re traveling
            or away from the office. This includes coffee shops, hotels, airports, and
            other public places. Attackers know this and as a result locations with
            Open Wi-Fi are hunting grounds for attackers. Attacks can range from
            simple interception of unencrypted Wi-Fi traffic to more sophisticated
            Man-in-the-Middle (MitM) attacks targeted at encrypted traffic.

               To perform an interception attack, the attacker can simply associate
            to the same wireless access point as the target user. Now that network
            access has been established the attacker can simply start his wireless
            sniffer (commonly wireshark) and begin capturing traffic looking for
            unencrypted transmissions such as HTTP, telnet, ftp, and more. This
            exposes more than account logins and passwords. It also exposes
   14   15   16   17   18   19   20   21   22   23   24