Mobile Application and BYOD (Bring Your Own Device) Security Implications to Your Business presented at BSidesSLC 2014

by Dmitry Dessiatnikov,

Summary : The explosion of the mobile application market coupled with acceptance of "bring your own device" (BYOD) to enterprise environments comes with its unique security risks. While driven by a rise in productivity, convenience and overall user satisfaction BYOD increases the attack surface that most businesses are not prepared for. In this presentation we will cover the reasons for concern along with a demonstration of a remote compromise of an Android phone in a corporate environment. We will also discuss the OWASP top 10 mobile risks and demonstrate some common issues with a vulnerable iOS mobile application. A free tool will be shared with the audience that can assist with assessing their corporate BYOD environments. Finally, we will cover some mitigating controls and what can be done to address raised issues.