Click here to load reader

Information Security Office Palm Pilots / PDAs / Cell Phones/ Wireless Security

  • View

  • Download

Embed Size (px)

Text of Information Security Office Palm Pilots / PDAs / Cell Phones/ Wireless Security

  • Slide 1
  • Information Security Office Palm Pilots / PDAs / Cell Phones/ Wireless Security
  • Slide 2
  • Information Security Office Dont Compromise Your PDA! What information on the device can be compromised Everything! Contacts/clients; meetings; patient data; legal and financial information
  • Slide 3
  • Information Security Office Confidentiality Solutions Passwords good first line defense User ID/Power passwords Alphanumeric Non alphanumeric 8 Character Problems data not encrypted Security specific software
  • Slide 4
  • Information Security Office Some Common Sense The lonely PDAnot for long Left on a desk Left on an airplane Dropped from a pocket or bag Stolen! The PDA and all its contents immediately are released to another individual unless protected SECURITY IS PARAMOUNT!
  • Slide 5
  • Information Security Office Are You Protected? Policies Infrastructure/Network Encryption software Awareness
  • Slide 6
  • Information Security Office Mobile and Wireless Security Issues Handhelds, being small, portable devices, are easily lost or stolen. About 250K PDAs were lost in US airports during 2002.(Gartner report) Handhelds are frequently used in hostile environments like hotspots, customer sites, business partner offices, and industry conferences. Attackers are drawn to locations where business travelers gather, because targets are more plentiful and it is easier to go unnoticed.
  • Slide 7
  • Information Security Office Security features limited - Handheld devices have simpler user interfaces and less CPU, storage, memory, and network bandwidth than desktops or laptops. Inherently harder to manage. Not continuously connected More difficult to enforce security policies and monitor security events. Handhelds often ship with security features disabled by default.
  • Slide 8
  • Information Security Office Threats Handhelds are also potentially vulnerable to viruses, worms, trojans, and spyware. Most are Win32 viruses that can be spread from unprotected handhelds to desktops through synchronization, email, or file shares. Self-replicating worms like Bugbear, Klez, and Spida flood email and file servers, delete registry keys, kill processes, disable software, and carry trojans. Trojans can log keystrokes, launch denial of service (DoS) zombies, or let attackers assume remote control of infected hosts. Spyware in cookies and programs like Kazaa are not overtly malicious, but leak potentially sensitive information about your computing behavior.
  • Slide 9
  • Information Security Office Threats Mobile phones that can download games, ring tones, and other software have opened a new avenue for hackers to exploit. Compact flash and PCMCIA cards supported by handhelds can store 5 GB or more. These removable cards (and their contents) are easily borrowed or stolen. According to CERIAS, networked handhelds are less resistant to common TCP denial of service attacks because their limited resources are easily exhausted.
  • Slide 10
  • Information Security Office Practical Security Strategies for Pocket PCs Set power-on passwords. According to Gartner, the biggest risk associated with Pocket PCs is that no power-on password is required by default. Use mobile firewall to block unauthorized handheld network activity Defends against port scans, unauthorized requests, unwanted peer-to-peer connections, denial of service floods, and other network-borne attacks.
  • Slide 11
  • Information Security Office Practical Security Strategies for Pocket PCs Encrypt sensitive values, database records, key files and folders, or entire compact flash cards.. Protect traffic sent and received by handhelds. Consider encrypted, authenticated VPN tunnels to ensure the privacy and integrity of communication between handhelds and connected networks. If credentials must be saved on a handheld, encrypt them. Detect and eradicate viruses. Backup handheld data regularly. Frequent backups can reduce loss of data and downtime when a Pocket PC is lost, stolen, wiped clean, or damaged beyond repair.
  • Slide 12
  • Information Security Office How Data Is Stored Digitally as tiny magnetized regions, called bits Hard drives store this on a platter, like a CD Data can be extracted from ANY electronic/digital source (floppy, cd, dvd, zip disks, removable media, hard drives, flash memory, thumb drive, usb drives, printer memory, blackberry, pda, XBOX, tivo, etc.) Once data is written, it remains until disk is wiped or overwritten by other information
  • Slide 13
  • Information Security Office 25 August 2003 - Used Blackberry Contained Proprietary Information A man who bought a BlackBerry on eBay for $15.50 found that the wireless device contained a database of over 1,000 names, e-mail addresses and phone numbers of Morgan Stanley executives, as well as more than 200 internal Morgan Stanley e-mails. The seller is a former VP of mergers and acquisitions who had left the company. He said he had removed the battery months before selling the BlackBerry and assumed the data had been erased.
  • Slide 14
  • Information Security Office Controls Information that is placed on device Security configuration including software used to protect the information Does the device synchronize with others - Admin rights? Modes of operation Wireless Infrared
  • Slide 15
  • Information Security Office Controls No upload/download via infrared or wireless while connected to desktop networked PC Use infrared only for authorized data transfers PDAS not to be left unattended while attached to a computer PDAs secured with password protection while not in use User takes responsible steps to prevent loss or theft of device Regularly sync device so that appropriate security files (virus signature) are updated
  • Slide 16
  • Information Security Office Awareness Physical security of device A strong password (eight characters, mixture of numbers, letters and special characters) Information to be stored on device Procedure to follow if device is lost or stolen Firewall Record, in the event PDA is lost or stolen: Serial number Make and model
  • Slide 17
  • Information Security Office Wireless Security WIRELESS DATA CONNECTIVITY GUIDELINE
  • Slide 18
  • Information Security Office
  • Slide 19
  • What Is This Phenomenon of Drive-by Hacking? Hacker taps into a network using a wireless device. Got its name because a hacker can literally construct a device, that will allow them to park in front of a building and gain access to a network while sitting in the car. Relative ease of uncovering this vulnerability and gaining access to a company's unsecured network can be likened to installing a wireless LAN jack in your parking lot (access to everyone).
  • Slide 20
  • Information Security Office What Does It Mean to Do "War Driving"? Need a device capable of receiving an 802.11b signal (the wireless standard) A device capable of locating itself on a map Software that will log data from the second when a network is detected by the first. You then move these devices from place to place, letting them do their job. Over time, you build up a database comprised of the network name, signal strength, location, and ip/namespace in use. You may even log packet samples and probe the access point for data available via SNMP.
  • Slide 21
  • Information Security Office Is This a New Security Vulnerability? The security community has known about this vulnerability for a couple of years, but only recently has it become more widely known and popular. Freeware programs can be downloaded that automate finding and cracking wireless networks; combining this with the rapidly increasing use of 802.11 due to low cost components hitting the market makes it a big issue today.
  • Slide 22
  • Information Security Office Why Is It Easy to Get Into a Wireless Network? The most common wireless local area network is built based on a standard known as 802.11. The security function of this technology has been demonstrated to be inadequate when challenged by simple hacking attempts. In addition, products sold with this technology are often delivered with security functionality disabled.
  • Slide 23
  • Information Security Office Does the WEP Encryption Option Built Into 802.11 Make Me Secure? Not really. The 802.11 standards include a security component called Wired Equivalent Privacy, or WEP, and a second standard called Shared Key Authentication. WEP defines how clients and access points identify each other and communicate securely using secret keys and encryption algorithms. Although the algorithms used are well understood and not considered weak, the way in which they are used, in particular the way keys are managed, has resulted in a number of easily exploitable weaknesses. On top of this, it is estimated that approximately only 30% of 802.11 networks use WEP encryption or have turned on the option to enable WEP encryption-this is based on anecdotal evidence of war driving experiences that people have posted on the Internet.
  • Slide 24
  • Information Security Office Will Banning Wireless Devices From Our Network Make Us More Secure? Wireless access points are now so affordable that people are using them for convenience everywhere. For example, someone may have a wireless device connected to their home comp