Page 23 - Mobile Data Loss
P. 23
CHAPTER 3 3
Mobile Security Countermeasures
So far I’ve outlined many of the mobile device threats that could lead
to data loss. Fundamentally, when considering data loss one must
encompass data-at-rest and data-in-motion to ensure confidentiality
and integrity of the data. But a mobile device is more sophisticated
than that. This involves protecting data on the device, data in the app,
and data over the network (Figure 3.1).
Fortunately, mobile devices and complimentary products leverage
new features in the mobile operating systems not previously found in
traditional PCs. Let’s continue by detailing these newer features and
outline countermeasures to many of these aforementioned threats.
MOBILE OS COMPROMISE
In the previous chapter I outlined a myriad of ways in which a mobile
device can become compromised. There are multiple approaches for
detecting and mitigating this threat. First, the EMM client should pro-
vide ways to identify an OS compromise locally on the device, and then
report that back to the console. In response, the administrator should
have a policy to quarantine devices when a compromise is detected.
This automation should allow the console to send down a Selective or
Full Wipe of the device. A selective wipe would remove the enterprise
data only, while leaving the personal data alone. A full wipe of course
wipes the entire device back to factory defaults, and is typically only
suited for corporate-owned devices. Selective wipes can be accomplished
in a few ways. One way is to remove the previously deployed configura-
tion profiles such as email, Wi-Fi, VPN, etc. Additionally, managed
apps and/or their data can also be removed (note that this capability
varies across the different mobile operating systems). When using a con-
tainer, the selective wipe would purge the container itself.
Mobile Data Loss. DOI: http://dx.doi.org/10.1016/B978-0-12-802864-3.00003-9
© 2016 Elsevier Inc. All rights reserved.
