T5 “Debunking the Myths of Mobile Security” presented at RochesterSecuritySummit 2015

by Stephen Johnson,

Summary : Cyber threats against mobile devices are on the rise! When it comes to securing mobile devices, the most popular choices have been Mobile Device Management (MDM) and Enterprise Mobility Management (EMM) solutions. However, it is not clear how much protection any of these solutions offer in real world situations. Do any of these protect against malware? Within this presentation we will review the various approaches to mobile security and the positive and negatives of each. In addition, we will also present a plan for delivering real-time mobile security and intelligence to your organization’s existing security and mobility infrastructure.
Bring Your Own Device (BYOD) has been a widely adopted corporate strategy for enabling corporate users to have the freedom and flexibility of working anywhere. This session will highlight the security risks associated with this policy and how existing MDM solutions are not enough to secure these mobile devices. In addition, the proliferation of mobile devices has seen a new target for hackers and a current blindspot within corporate security. This presentation will also offer a real-live interactive demonstration with audience participation. We will demonstrate embedding malware into a legitimate application, distributing it to mobile devices and then taking control of the device (recording audio/video, taking photos, accessing calendar information, contacts, web browsing history and more) through a Command & Control Server.
Please Note: This will be done in a controlled lab environment, using demo equipment we will provide.