4.2 Other Enterprise Security Areas Part 2

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
2 hours 41 minutes
Difficulty
Beginner
CEU/CPE
3
Video Transcription
00:00
>> Hi, and welcome to
00:00
the next episode of
00:00
Cybersecurity Architecture Fundamentals.
00:00
Today, we'll cover mobile and data center security.
00:00
We would go through what is mobile security,
00:00
what are the threats,
00:00
and what to look out for in designing
00:00
>> a system with mobile,
00:00
>> and look at data center security if you have
00:00
>> to design a system in a data center.
00:00
We'll start with mobile security.
00:00
What is mobile security?
00:00
It's concerned with mobile devices,
00:00
which is mainly smartphones
00:00
>> and tablets, but increasingly,
00:00
>> it's going to cover wearable devices,
00:00
especially if you are designing
00:00
>> systems for telemedicine.
00:00
>> This space, we shall cover some of the common issues.
00:00
One of the biggest problem is
00:00
there are too many variations of mobile devices.
00:00
Be it the OS, the architecture,
00:00
the chipset, or
00:00
even a vendor's implementation of standards.
00:00
Although in the enterprise space,
00:00
we do see convergence of some of these,
00:00
like iOS and Android Enterprise,
00:00
>> but there are still many different variants
00:00
>> in the Android space for example.
00:00
Almost every manufacturer is putting a spin on the UI,
00:00
which could affect the performance
00:00
or the security of some applications.
00:00
Another major concern is the
00:00
>> explosion of apps available.
00:00
>> Everybody is adopting a mobile-first strategy.
00:00
Even payments, mobile apps
00:00
are quickly replacing credit cards and so on.
00:00
The other very big challenge is
00:00
the mixing of personal and business environment.
00:00
Very few people would like to carry multiple devices,
00:00
and with the rise of BYOD in the enterprise,
00:00
this is increasingly becoming
00:00
an important factor to consider.
00:00
Because this is such a common and important space,
00:00
there are a lot of work done on
00:00
building mobile threat models.
00:00
Recalling the earlier module on threat modeling,
00:00
you can see many of these threats are the same but
00:00
with a focus of
00:00
the threat vector coming in from a mobile device.
00:00
I would encourage you to visit the URL shown
00:00
below to get a clearer picture and study the threats.
00:00
This would help improve
00:00
your mobile security threat modeling.
00:00
Picking a few of the threats
00:00
I'll go to in detail.
00:00
There is an increase in malware,
00:00
especially on the Android platform.
00:00
It has been shown that many
00:00
antivirus do not really work,
00:00
so we have to be very careful of
00:00
what's the information process on a mobile.
00:00
As part of a multi-factor authentication strategy,
00:00
the mobile is increasingly being
00:00
used as the second factor.
00:00
Criminals are increasingly targeting this aspect of
00:00
the mobile as part of identity theft attack.
00:00
Do pay attention to how you secure or
00:00
authenticate the mobile as
00:00
a second factor if you are designing it.
00:00
The next big threat is eavesdropping.
00:00
This could be as simple as intercepting
00:00
some of the communication from the device,
00:00
>> or, as seen in some attacks,
00:00
>> compromising the accessibility feature of a phone,
00:00
converting your speech to text,
00:00
and sending some information out via data channel.
00:00
Do pay attention to
00:00
what accessibility service on
00:00
the mobile can access your application.
00:00
What are the common tools and
00:00
techniques used in mobile defense?
00:00
Firstly, mobile device management is extremely useful.
00:00
But if you do have access to the whole device,
00:00
using a mobile application management strategy
00:00
is also a good alternative.
00:00
At least, you can protect the data of the application.
00:00
The use of sandboxing or containerization is
00:00
also an important part of cyber defense on the mobile.
00:00
This prevents data leakage
00:00
>> in and out of an application.
00:00
>> Finally, there should be
00:00
some method to self-destruct the data.
00:00
For example, if a password is guessed too many times,
00:00
or you detect a brute force attack,
00:00
there should be a mechanism to at
00:00
least delete the data or encrypt it.
00:00
There is a lot more to mobile security,
00:00
>> and at the end of this session,
00:00
>> there is a link to some reading material you
00:00
can download and learn more about this.
00:00
Moving on to the next topic of data center security.
00:00
This covers the physical aspect of security
00:00
and also environmental threat defense.
00:00
We need to look beyond access control.
00:00
It's not just about the access to the data center,
00:00
but how would you manage
00:00
the data center to ensure security.
00:00
To highlight some of the common threats
00:00
in a data center,
00:00
it could be physical attacks
00:00
like cable tapping to eavesdrop,
00:00
power outages, communication outage.
00:00
Fire and humidities are
00:00
also big threats to a data center.
00:00
Unauthorized access is a big problem,
00:00
and it's usually perform
00:00
through some form of social engineering.
00:00
It is important to focus on
00:00
the physical guards or people with
00:00
access to make them aware of
00:00
social engineering techniques to get credentials.
00:00
Let's talk a little bit about
00:00
some of the tools and techniques you can
00:00
utilize to help your data center security.
00:00
For the environmental threats,
00:00
we need to look at how would you
00:00
rate locations to build the data center.
00:00
Which location to use if you
00:00
are deciding on a data center?
00:00
What are the public utility support in that area?
00:00
What are type of fire suppression systems you use?
00:00
The temperature and humidity of that area.
00:00
For physical access, we need to
00:00
make sure there are multiple access gates,
00:00
the use of man traps,
00:00
multi-factor authentication to access.
00:00
It could be biometrics and password,
00:00
fingerprint and a pin number, for example.
00:00
The use of a likes of
00:00
operation where nobody physically access
00:00
the data center and only
00:00
manage it from remote jumps stations.
00:00
Not forgetting the physical infrastructure,
00:00
we need to have secure walls,
00:00
which cannot be punched through,
00:00
and cages for systems that hold sensitive data.
00:00
The use of recorded stations with cameras also
00:00
help deter and also
00:00
the ability to audit access to systems.
00:00
There are other aspects of
00:00
data center security that you have to be aware of.
00:00
For example, firmware patching or
00:00
firmware of the utility service
00:00
that are managing your data centers.
00:00
These are not really covered under cybersecurity,
00:00
but they need to be taken care of and to
00:00
ensure that these tasks are done in a secure fashion.
00:00
In this session, we have discussed mobile security,
00:00
the different threats and
00:00
defenses you have to think about.
00:00
Also, we covered
00:00
data center security and the things to consider
00:00
if you are asked to look at
00:00
the security of systems on-premise.
00:00
As mentioned earlier,
00:00
here are two good guides to read more about the topic.
00:00
There is a NIST guideline for managing
00:00
the security of mobile devices in the enterprise,
00:00
and there is an ISACA Journal article
00:00
that talks about a secure data center model.
00:00
Please take the time to read this
00:00
to get deeper understanding of the topic.
00:00
In the next episode,
00:00
I will cover two more areas
00:00
in advance enterprise security areas.
00:00
One is IoT security,
00:00
which is increasingly becoming more popular.
00:00
Also, the managed security service
00:00
considerations when designing a system.
00:00
If you have the time, please join
00:00
me in the next session. Thank you.
Up Next