SEC571: Mobile Device Security
This course is designed to teach students about the threats organizations are exposed to via the mobile devices on which they depend. This two-day hands-on class uses lecture, labs and real world experiences to educate the students about mobile security within the enterprise. The class will explore how the devices work, what implementation options are available, and how attackers are abusing the organization. The students will also examine various remediation strategies, policies, and solutions to these concerns.
Exploring mobile devices and platforms
The class will begin by exploring various types of mobile devices and how they have evolved over the last few years. This will include mobile phones, smart phones, PDAs and tablets. The focus will be on providing a foundational understanding of the industry-leading mobile device platforms; Blackberry, iPhone, Android and Windows Mobile. These platforms make up the majority of the enterprise deployments of smart phones and as such it is critical for management and technicians to understand how these platforms operate and integrate with existing IT infrastructure.
Mobile device security policy
Policy is a keystone in an organization's security and is impacted by the usage of mobile devices. The class will discuss the changes necessary to existing policies as well as new policies needed due to the implementation of mobile devices in the workplace. We will discuss both organizationally supplied and personal device usage in an enterprise setting. Organizations are faced with many challenges in maintaining compliance with federal and state laws, regulations, and industry standards. Establishing strong policies for mobile environments and the protection of information used with mobile devices is a critical step. SEC571: Mobile Device Security will examine this based on the experiences of the authors, both in building these policies and responding to incidents involving mobile devices.
The class will then explore the integration technologies that these platforms use to work within the organization's infrastructure. The class will look at the necessary changes to existing infrastructure as well as new technologies being implemented that extend the functionality of our systems. These ideas will focus not simply on what the technologies are, but the procedures we can follow to harden and monitor how this new ingress and egress is being used.
After this, the class will explore the application development landscape. Topics will cover both controlling applications installed as well as securely using these applications within the enterprise. The class will focus on third-party applications but will also cover how application development within an organization can change the usage and security posture presented.
Security 571 requires a Windows, Linux or Macintosh computer with the following minimum hardware requirements:
Please install the following software on the computer:
You must have the ability to disable the host firewall (Windows firewall or other third party firewall) and antivirus running on your desktop. This usually means you need to have administrative privilege on the machine.
DO NOT plan on just killing your antivirus service or processes, because most antivirus tools still function even when their associated services and processes have been terminated
If you have additional questions about the laptop specifications, please contact firstname.lastname@example.org.
|Who Should Attend|
*CPE/CMU credits not offered for the SelfStudy delivery method