Last day to save $500 for SANS San Diego 2013

OnSite

SEC571: Mobile Device Security

This course is designed to teach students about the threats organizations are exposed to via the mobile devices on which they depend. This two-day hands-on class uses lecture, labs and real world experiences to educate the students about mobile security within the enterprise. The class will explore how the devices work, what implementation options are available, and how attackers are abusing the organization. The students will also examine various remediation strategies, policies, and solutions to these concerns.

Exploring mobile devices and platforms

The class will begin by exploring various types of mobile devices and how they have evolved over the last few years. This will include mobile phones, smart phones, PDAs and tablets. The focus will be on providing a foundational understanding of the industry-leading mobile device platforms; Blackberry, iPhone, Android and Windows Mobile. These platforms make up the majority of the enterprise deployments of smart phones and as such it is critical for management and technicians to understand how these platforms operate and integrate with existing IT infrastructure.

Mobile device security policy

Policy is a keystone in an organization's security and is impacted by the usage of mobile devices. The class will discuss the changes necessary to existing policies as well as new policies needed due to the implementation of mobile devices in the workplace. We will discuss both organizationally supplied and personal device usage in an enterprise setting. Organizations are faced with many challenges in maintaining compliance with federal and state laws, regulations, and industry standards. Establishing strong policies for mobile environments and the protection of information used with mobile devices is a critical step. SEC571: Mobile Device Security will examine this based on the experiences of the authors, both in building these policies and responding to incidents involving mobile devices.

The class will then explore the integration technologies that these platforms use to work within the organization's infrastructure. The class will look at the necessary changes to existing infrastructure as well as new technologies being implemented that extend the functionality of our systems. These ideas will focus not simply on what the technologies are, but the procedures we can follow to harden and monitor how this new ingress and egress is being used.

After this, the class will explore the application development landscape. Topics will cover both controlling applications installed as well as securely using these applications within the enterprise. The class will focus on third-party applications but will also cover how application development within an organization can change the usage and security posture presented.

Course Syllabus
 
 
  Laptop Required

Security 571 requires a Windows, Linux or Macintosh computer with the following minimum hardware requirements:

  • 1GHz processor
  • 2GB RAM (More memory is highly recommended)
  • 10 GB free hard disk space
  • DVD ROM drive

Please install the following software on the computer:

  • VMWare Player 3.x or VMWare Workstation 6.x or newer or VMWare Fusion (Server and ESX are not supported)
  • Firefox browser

You must have the ability to disable the host firewall (Windows firewall or other third party firewall) and antivirus running on your desktop. This usually means you need to have administrative privilege on the machine.

DO NOT plan on just killing your antivirus service or processes, because most antivirus tools still function even when their associated services and processes have been terminated

If you have additional questions about the laptop specifications, please contact laptop_prep@sans.org.
 
  Who Should Attend

  • System administrators
  • IT managers
  • System architects
  • Security consultants
  • IT auditors
  • Operational IT staff
  • Project managers
 

We just purchased Securing the Human, which I think is the best I have ever seen. In addition it's backed up by SANS extensive experience and knowledge base in infosec.
- Karen McDowell

Share
Get an iPad or Nexus 10 with Online Training
Latest Whitepapers

Building and Maintaining a "Certifiable" Workforce
By Robert J. Mavretich

How Can You Build and Leverage SNORT IDS Metrics to Reduce Risk?
By Tim Proffitt

Daisy Chain Authentication
By Courtney Imbert

Last 25 Papers »

Latest Tweets @SANSInstitute

NEW #SANS Survey: Security Analytics & Intelligence 2nd [...]
October 1, 2013 - 6:30 PM

Tips on how to convince your boss to let you train online wi [...]
October 1, 2013 - 6:23 PM

#2 Tip on how 2 convince your boss 2 let u train online: Fle [...]
October 1, 2013 - 3:00 PM

Contact Us

(301) 654-SANS (7267)
Mon-Fri 9am - 8pm EST/EDT
info@sans.org

"As a security professional, this info is foundational to do a competent job, let alone be successful."
- Michael Foster, Providence Health and Security

"This has been a great way to get working knowledge that would have taken years of experience to learn."
- Josh Carlson, Nelnet

"The perfect balance of theory and hands-on experience."
- James D. Perry II, University of Tennessee