Upload
vohanh
View
388
Download
104
Embed Size (px)
Citation preview
1 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Securing Mobile Devices
Simplifying Security.
Module 13
2 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Mobile security is the new malware battlefield as attackers take advantage of users who don’t think their smartphones can get compromised.
Cyber‐attackers are gunning for Google’s Android as they take advantage of a user base that is “unaware, disinterested or uneducated” in mobile security, according to a recent research report.
Malware developers are increasingly focusing on mobile devices, and Android malware has surged 400 percent since summer 2010, according to the Malicious Mobile Threats Report 2010/2011 released May 11. The increase in malware is a result of users not being concerned about security, large number of downloads from unknown sources and the lack of mobile security software, according to the Juniper Networks Global Threat Center, which compiled the report.
“That’s where the momentum is for 2011,” said Dan Hoffman, Juniper’s chief mobile security evangelist. It’s important to remember that mobile malware still accounts for less than 1 percent of all malware detected globally.
Android Malware Jumps 400 Percent as All Mobile Threats Rise
http://www.eweek.com
May 16, 2011
3 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
(Reuters) ‐ Hackers are increasingly aiming attacks at smartphones, touching off a race among software giants, startups and telecom operators seeking to cash in on ways to help consumers protect themselves.
As the previously fragmented smartphone market coalesces around big operating systems like Apple's iPhone and Google's Android, it has become a more attractive target for hackers seeking to maximize damage with one hit.
That's creating a big business opportunity for everyone from traditional antivirus players like Intel's McAfee to mobile operators like France Telecom and handset makers like Nokia.
Market research firm Infonetics forecasts sales of mobile security software will grow 50 percent a year through 2014 to hit $2 billion.
Mobile Hacking Sets Off Security Gold Rush
http://www.reuters.com
Wed May 18, 2011 10:33am EDT
4 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Module Objectives
Mobile Device Security
Mobile Phone Services
Mobile Device Security Risks
Mobile Malware
Threats to Bluetooth Devices
Mobile Security Procedures
Mobile Phone Anti‐Virus Tools
Secure Bluetooth Connectivity
Securing iPhone and iPad
Securing Blackberry and Windows Phone 7 Mobiles
Mobile Security Tools
Mobile Phone Security Checklists
5 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Module Flow
Introduction to Mobile Security
Mobile Security Threats
Mobile Security Tools
Securing iPhone, and iPad
Mobile Security
Procedures
Securing BlackBerry
and Windows Phone 7 Mobiles
6 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Nokia
Samsung
LG Electronics
Apple
Sony Ericson
Motorola
ZTE
HTC
Huawei
Others
461,318.2
281,065.8
114,154.6
46,598.3
41,819.2
38,553.7
28,768.7
24,688.4
23,814.7
488,569.3
http://www.gartner.com
Mobile Device Security
Worldwide Mobile Device Sales to End Users in 2011• The rate of mobile device
adoption and sophistication is increasing rapidly
• Mobile devices such as smartphones, PDAs, and laptops facilitate seamless communication and information storage and have been an incalculable productivity boon for today's enterprises
• Mobile devices offer flexibility and convenience, while at the same time mobility presents significant security challenges for IT security administrators and other users
7 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Other OSMicrosoft
Worldwide Smartphone Sales to End Users by Operating System in 2011 Market Shares
Symbian
37.6%
15.7%
Android
iOS
22.7%
3.8%4.2%
111,576.7
67,224.5
46,598.3
12,378.211417.4
A smartphone is a mobile phone that has an identifiable operating system and offers more advanced computing ability and connectivity than a contemporary feature phone
http://www.gartner.com
8 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Mobile Phone Services
9 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
International Mobile Equipment Identity (IMEI) is a number unique to every mobile phone
IMEI is a 15 digit number and is usually found printed inside the battery compartment of the phone
It can also be displayed on phone’s screen by entering *#06#
It is used to deactivate the phone if it is stolen or lost
IMEI Number
Note: The *#06# does not work for all mobile phones
10 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Module Flow
Introduction to Mobile Security
Mobile Security Threats
Mobile Security Tools
Securing iPhone and iPad
Securing BlackBerry
and Windows Phone 7 Mobiles
Mobile Security
Procedures
11 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Mobile Device Security Risks With the enormous growth in the usage of mobile devices, various new risks and threats have made their way into the mobile platform
Mobile Malware
Application Vulnerabilities
Lost or Stolen Devices
Unauthorized Access
Security Risks
12 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Mobile MalwareMobile malware comes through emails, IMs, Bluetooth, memory cards, and Wi‐Fi
Malware may spread when rogue software is installed
An infected PC can infect a mobile phone via IR and Bluetooth
Mobile malware can capture emails, text, and multimedia messages
Mobile malware may allow an attacker to silently turn the phone on and listen to the conversation
Mobile malware can make the phone work slowly, crash the phone, and wipe out contacts and other information on the phone
Mobile malware can monitor and record all the actions on a mobile phone
13 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Mobile Application Vulnerabilities
1. Symbian2. Windows Phone 73. Windows Mobile4. Pocket PC5. iOS6. RIM7. Android
1. Web browser
2. Mobile banking application
3. Mobile gaming
The latest mobile devices provide openness platform functionality. This gives the user the flexibility to operate and program any type of mobile applications that are supported by and compatible with their smart phones.
Openness also leads to unrestricted access to mobile resources and applications
Vulnerabilities in applications can be used by attackers to access the device
Mobile Operating Systems
Applications
14 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Threats to Bluetooth DevicesBluetooth is an open standard wireless technology for exchanging data over short‐range radio frequencies from fixed to mobile devices by creating Wireless Personal Area Networks (WPANs)
Bluejacking refers to anonymously sending an electronic business card or photo to another Bluetooth user
Bluejacking
A Bluesnarfing attack is launched using the Bluejacking technique
It allows an attacker to access the address book, contact information, email, and text messages on another user's mobile phone
Bluesnarfing
Bluesniping uses a highly directional antenna and laptop to establish connections with Bluetooth‐enabled devices from more than half a mile away
Bluesniping
War nibbling refers to finding unsecured or unpatched Bluetooth connections and cruising for open 802.11 networks
War Nibbling
15 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Module Flow
Introduction to Mobile Security
Mobile Security Threats
Mobile Security Tools
Securing iPhone and iPad
Mobile Security
Procedures
Securing BlackBerry
and Windows Phone 7 Mobiles
16 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Patch mobile platforms and applications
Avoid mobile device theft
Regularly back up important data
Use encryption to secure data in a mobile device
Use power‐on authentication
Enable auto‐lock feature
Install only signed applications
Install mobile phone antivirus
Secure Bluetooth connectivity
Mobile Security Procedure
17 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Patching of Mobile Platforms and Applications
All the mobile platforms and applications should be updated regularly with the patches released by the vendor
Patching enhances the performance of a mobile device, updates the operating system, fixes security holes and bugs, etc.
Updating Updated
Download your phone's update to your mobile device to install the patch
Back up all the data and files on your mobile phone
Install the patch file to your device
Turn off your mobile for 5 to 10 minutes before you start using the mobile phone
18 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Avoid Mobile Device TheftMobile phone thefts are increasing day by day and thousands of people lose their mobile handset every day around the world
Loss of mobile phone results in, loss of important data, contacts, messages, images, and videos stored in the mobile phone
Avoid lending mobile phone to strangers
Do not talk while driving
Do not leave the handset in the vehicle
Never leave the phone unattended
Use PIN codes to lock the phone
Turn off the ringer
Record the unique 15 or 17 digit code IMEI number
Don’t walk and text
Pointers to Avoid Mobile Theft
19 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Use anti‐theft software to remotely wipe the data and make the device unusable
Inform the local police and file First Information Report (FIR)
Contact the service provider and tell them to cancel the SIM card
Claim the mobile phone insurance to replace the cost of the handset
What to Do if Your Mobile is Lost or Stolen?
20 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Use Power-on Authentication
Set Power‐on Authentication in your phone to ensure maximum security and no other unauthorized user can use it
Power‐on Authentication helps protect valuable information from malicious users who can gain access to a mobile phone
Use tool WaveSecure to lock your mobile phone
21 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Most phones today come with suites and applications that allow a user to easily manageand back up important data
To prevent losing important data such as contact details, calendar entries, messages, etc., regularly back up your phone data
A user can use third party tools and services like mobical.net to back up their mobile data
Regularly Back Up Important Data
22 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Use Encryption to Secure Data in Mobile Device
Encrypt the data stored in mobile phones such as telephone numbers, important messages, voice calls, and emails to keep them safe from prying eyes
It ensures that even if the mobile phone is lost, the data cannot be accessedonce it is encrypted
Mobile phones such as Blackberries can encrypt data as a standard feature whereas other mobile phones require special applications to encrypt data
Encrypting stored files on Blackberry smartphones:
To encrypt internal files:
Turn on the Content Protection option (Options Security Options General Settings)
To encrypt external files:
Turn on Media Card Support (OptionsMedia Card or OptionsMemoryMedia Card Support)
Set the encryption mode for the external file system. The BlackBerry smartphone encrypts files stored on the media card
Choose whether to encrypt media files in external memory only on the BlackBerry smartphone
23 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Enable Auto-LockFeature
Auto‐lock security feature allows only authorized viewing of mobile phone data
An unauthorized user cannot view or even use the phone once the auto‐lock option is enabled. In most cases valid pin number has to be entered
Navigate to your cell phone’s main menu screen and select the icon labeled Settings
Press the OK or Home button on the keypad to select the settings menu
Locate the Security option and press OK or Home to select it
Scroll down and find the Auto Lock feature on the list of security options
Press the OK or Home button on your keypad to begin setting the auto lock feature
Choose a PIN number that you will remember to unlock your device once the auto lock feature has been saved
Type your four to eight digit PIN code on the keypad. Press the Save button to save your pin, and initiate the auto lock feature
Press the End button to return to the main menu
General steps to enable auto‐lock option on mobile phones:
24 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Smart phones today provide open platform functionality and deliver the ability to install, remove, or update applications multiple times
The openness gives unrestricted access to mobile resources and APIs
Unrestricted access to mobile resources presents challenges and risks and unsigned applications that may likely increase the complexity and security risks
Install Only Signed Applications
Identify the files created on the phone by the application during the installation
Always install the applications on external storagememory cards
Do not download mobile software from any untrusted third party vendors
Ensure the quality and accountability of mobile applications by carefully investigating the vendor
Always try to download the applications from the market place provided by the mobile manufacturer
To reduce the risk of malware and installing unsigned applications, follow the guidelines:
25 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
http://www.f‐secure.com
http://us.mcafee.com
Install Mobile Phone AntiVirus
People may unknowingly or knowingly install the virus (programs or .exe files) through direct or indirect transferring
Wi‐Fi enabled handsets and Bluetoothmay let the malware in if the antivirus is not installed
Once in the system, the virus can alter or delete all the contact details, or crash or permanently lock up your mobile phone applications
Antivirus software prevents, detects, and removes malware including viruses, worms, and trojan horses
Some of the mobile antivirus software include Norton mobile security, F‐Secure mobile security, Kaspersky mobile antivirus, etc.
26 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Mobile Phone Anti-Virus Tools
ESET Mobile Antivirushttp://www.eset.com
Trend Micro Mobile Security http://us.trendmicro.com
Symantec Antivirus for Handheldshttp://www.symantec.com
Kaspersky Antivirus Mobilehttp://www.kaspersky.com
BitDefender Mobile Securityhttp://www.bitdefender.com
Avast! PDA Editionhttp://www.avast.com
Avira AntiVir Mobilehttp://www.avira.com
Norton Mobile Securityhttp://us.norton.com
27 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Secure Bluetooth Connectivity
Choose a strong PIN for connecting the Bluetooth
Use Strong PIN
Turn off Bluetooth interfaces when not in use, and disable Bluetooth's discovery feature
Basic Bluetooth security mechanism refers to identifying whether a device is in "Visible/Discoverable" mode or "non‐visible/non‐discoverable" mode
Bluetooth Security
Turn OFF Bluetooth
28 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Module Flow
Introduction to Mobile Security
Mobile Security Threats
Mobile Security
Procedures
Mobile Security Tools
Securing iPhone and iPad
Securing BlackBerry
and Windows Phone 7 Mobiles
29 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Enable Passcode Protection
Tap iPhone's Settings app tap on Generalselect Passcode Lock tap Turn Passcode On
Enter a four‐digit passcode that can be remembered; re‐enter it to confirm
Press the power button to put iPhone to sleep
Press it again and iPhone will ask you to enter a password to unlock it
30 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Tap iPhone's Settings app Select Phone select SIM PIN tap Change PIN
Enter the current password (if it is for the first time contact, wait and find out the default SIM PIN code)
Enter the new password, a four‐digitpasscode that can be remembered and re‐enter it to confirm
Enable SIM PIN Protection
31 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Enable Auto-Lock and Re-map Button
Tap iPhone's Settings app tap General tap Auto‐LockSelect the amount of idle time you want the iPhone to wait before it goes to sleep
Tap iPhone's Settings app tap on Generalselect Home ButtonInstead of "Phone Favorites," select either Home or iPod
Enable Auto‐Lock Re‐map Home Button
32 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
iPad Security
Auto‐Lock Feature in iPad
Set the auto‐lock feature to turn off the display and prevent unintended operation of your iPad
To set the amount of time before iPad locks, select General select Auto‐Lock specify the time
Passcode Lock
To set a passcode, select General click Passcode Lock select Turn Passcode On
Enter a four‐digit passcode enter the passcode again to verify
iPad then requires you to enter the passcode to unlock it or to display the passcode lock settings
To set how long before your passcode is required, select General click Passcode Lock enter passcode
Tap Require Passcode and select how long iPad can be idle before you need to enter a passcode to unlock it.
To turn the passcode off, select General click PasscodeLock click Turn Passcode Off enter your passcode
33 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Module Flow
Introduction to Mobile Security
Mobile Security Threats
Mobile Security Tools
Securing iPhone and iPad
Mobile Security
Procedures
Securing BlackBerry
and Windows Phone 7 Mobiles
34 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
BlackBerry: Setting DevicePassword
On the Home screen or in a folder, click Options
Click Security Password
Click Set Password
Type a password
Press the key click Save
To turn off the BlackBerry device’s password, clear the Enable check box
35 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
BlackBerry: Changing the Device Password
On the Home screen or in a folder, click the Options icon
Click Security Password Change Password
36 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
BlackBerry: Lock Your Device
You can lock the screen to avoid pressing it accidentally
To lock your BlackBerry device, do one of the following: If you have set a device password, then on the Home
screen or in a folder, click the Password Lock icon
To lock the screen, press the key on the top left area of your device
To unlock your device, type device password press the Enter
To unlock the screen, press the key again, and if necessary, type your device password
37 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
BlackBerry: Device Password
Locking the device when inserted in the holster:
On the Home screen or in a folder, click Options
Click Security Password select the Lock Handheld Upon Holstering check box
Press the key click Save
Setting a limit for device password attempts:
On the Home screen or in a folder, click Options
Click Security Password Change the Number of Password Attempts field
Press the key click Save
38 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
BlackBerry Password KeeperPassword keeper stores all the passwords in one place
The password keeper is designed to protect your passwords with a password keeper password
When you type this password, the password keeper decrypts your passwords.
You can also use the password keeper to generate random passwords that contain numbers, letters, and symbols
Changing the password in the password keeper
1. On the Home screen or in the Applications folder, click Password Keeper Highlight a password
2. Press the key and click Open
3. Change the password information
4. Press the key Save
Add a password to the password keeper
1. On the Home screen or in the Applications folder, click the Password Keeper icon
2. Press the key New Type the password information
3. Press the key
39 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Prevent password copyingOn the Home screen or in the Applicationsfolder, click the Password Keeper iconPress the key OptionsClear the Allow Clipboard Copy check boxPress the key Save
Set a limit for password attempts in the password keeper
On the Home screen or in the Applicationsfolder, click the Password Keeper iconPress the key OptionsSet the Password Attempts fieldPress the key and click Save
Hide passwords in the password keeperOn the Home screen or in the Applicationsfolder, click the Password Keeper iconPress the key OptionsClear the Show Password check boxPress the key Save
BlackBerry Password Keeper
40 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Encrypting Data on Your BlackBerry Device
When the user turns ON the encryption option in BlackBerry phone, the phone uses a private key to encrypt dataA user can encrypt files on the device and on a media card using an encryption key generated by the device
Turn on encryptionTo encrypt data on your BlackBerry device, first set a password for your device.1. On the Home screen or in a folder, click Options2. Click Security Encryption3. Select the Encrypt check box to encrypt data on your device in
the Device Memory section4. Select the Media Card check box to encrypt the media card
files and do one of the following:a. Change the Mode field to Device Keyb. Change the Mode field to Device Passwordc. Change the Mode field to Device Password & Device Key5. Select the Include Media Files check box to encrypt media
files such as pictures, songs, and videos6. Press the key Save
41 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Windows Phone 7 Mobile: Use of PIN to Lock SIM Card
You can use a PIN for the SIM (Subscriber Identity Module) card in your phone to prevent people from making unauthorized phone calls
After turning on SIM security, you will be prompted to enter your SIM PIN each time you start your phone
On Start, click/tap Phone click More click Call Settings Turn on SIM Security
It prompts you to Enter SIM PIN enter the PIN for your SIM card by doing one of the following:
If you are setting the PIN for the first time, try typing 1234 tap Enter
If you have already set a PIN for the SIM card, type your PIN and tap Enter
Steps to turn ON SIM security
42 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
1
2
3
4
5
To set up a password for the first time turn ON Password enter a password in the New password text box reenter it in the Confirm password text box
If the phone already has a password and you want to change it, tap Change password enter the phone's current password in the Current password text box before entering your new password
In Settings, tap Lock & wallpaper
Tap Done to save your changes
On Start flick left to the App list tap Settings
Windows Phone 7 Mobile: Changing the Password of the Phone
43 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Windows Phone 7 Mobile: Changing the Password of the Phone
44 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Module Flow
Introduction to Mobile Security
Mobile Security Threats
Mobile Security Tools
Securing iPhone and iPad
Mobile Security
Procedures
Securing BlackBerry
and Windows Phone 7 Mobiles
45 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Mobile Security Tools: PhoneBAKAnti-theft
http://www.bak2u.com
PhoneBAK protects a PDA phone from theft and risk of unauthorized access to sensitive information and, if stolen, tracks down the thief via his/her mobile phone number
PhoneBAK checks on any Subscriber Identity Module (SIM)card inserted into the PDA phone and if unauthorized, it sends SMS text alerts to notify the theft and wipes out all video, photos, and documents!
46 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Mobile Security Tools
Sprite Terminatorhttp://www.spritesoftware.com
Airscanner Mobile Encrypterhttp://www.airscanner.com
Mobile Securityhttp://www.f‐secure.com
Resco Backup for Pocket PChttp://www.resco.net
SecuBoxhttp://www.aikosolutions.com
eWallethttp://www.iliumsoft.com
Kaspersky Mobile Securityhttp://usa.kaspersky.com
WaveSecurehttps://www.wavesecure.com
47 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Module Summary
Mobile phones are becoming the new PCs to check email and browse the Internet
Mobile malware comes through email, IMs, Bluetooth, memory cards, and WiFi
Bluetooth is an open standard wireless technology for exchanging data over short‐range radio frequencies from fixed to mobile devices by creating Wireless Personal Area Networks (WPANs)
All applications should be updated regularly with the patches released by the vendor
Use antivirus software to prevent, detect, and remove malware including viruses, worms, and Trojan horses
Bluetooth devices should be configured by default as, and remain, undiscoverable except as needed for pairing
48 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Bluetooth Security Checklist
Choose PIN codes that are sufficiently random and long
Bluetooth devices should be configured by default as, and remain, undiscoverable except as needed for pairing
Change the default settings of the Bluetooth device
Ensure that portable devices with Bluetooth interfaces are configured with a password to prevent unauthorized access if lost or stolen
Install antivirus software on Bluetooth‐enabled hosts that are frequently targeted by malware
Ensure that Bluetooth devices are turned off when they are not in use
Install Bluetooth software patches and upgrades regularly
49 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Users should perform pairing of Bluetooth devices as infrequently as possible
Unnecessary Bluetooth services, user controls, and applications should be removed from the host device
Users should not accept transmissions of any kind from unknown or suspicious devices
If a Bluetooth device is lost or stolen, unpair the missing device from all other Bluetooth devices with which it was previously paired
The user should authorize all initial incoming connection requests
Devices should support only a single headset connection between one headset and one handheld device
Bluetooth Security Checklist
Ensure that Bluetooth devices are turned off when they are not in use
50 Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Mobile Phone Security Checklist
Use antivirus and antispyware software for mobile devices
Keep mobile phone operating system and other applications up‐to‐date
Create a password to access the device and change the default Bluetooth password
Encrypt sensitive data on the device and regularly back up mobile data to a PC
Wipe all the data before disposing of wireless devices and Properly read the device user manuals to ensure appropriate protection
When entering a crowded zone, make sure the Bluetooth is switched off
Never follow links from unsolicited email or text messages
Never transmit sensitive information when connected to the Internet at public places (shopping malls, cafes, etc.)