in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Smartphone Security: The NSA Has iOS 5 Security Guidelines Online

How do the nation's top spies deal with smartphone security?  When it comes to iPhones and iPads, fastcompany.com has found out that the National Security Service (NSA) is recommending that, among other things, smartdevices' cameras ought to be covered with tape.  Mobile device management and security like AlertBoot Mobile Security are also explored in the PDF found online.

More Exotic Threats Also Given Consideration

As fastcompany.com points out, the document is "a mixture of bureaucratese and dry technical manual."  If I may add, the two "Stop" icons also lend it a flavor of standardized tests I ran across in the 90s.

This being the NSA, there are guidelines and recommendations for situations that most people wouldn't consider.  For example, your average office worker who's decided to join the BYOD trend and uses Apple products would generally be concerned about losing his or her iDevice and causing a data breach.  In this regard he might want to have at least (1) encryption in place, (2) automatic data wiping turned on (for those instances where people try to guess the password), and (3) remote location tracking.

The NSA being the NSA, additional considerations are given to security issues that most people wouldn't normally think about, such as:
  • Audio collection (aka, hot-mic eavesdropping, where the phone is
  • Remote camera activation
  • GPS location tracking
  • Credential spoofing

In addition to the risks, the document also provides methods for mitigating the dangers.  Activating a passcode and updating iOS are given as solutions in most of the cases that are listed.  More specific security practices that include device configuration are also given a section of their own and compromise the bulk of the document.

Device Usage and Handling

The handling guidance for administrators and users is the next biggest section (the device configuration and handling sections are pretty much the whole of the document if you look at the index).

MDM again rears its head, proving its importance, with the NSA noting that devices ought to be monitored using mobile device management to check for the latest updates to the Apple operating system.
As discussed in Section 2.2, MDM products enable enterprise integration and reporting for iOS devices. Regularly monitor the status of devices using MDM software and respond accordingly. Particularly important is ensuring that the version of iOS is kept up to date, which implies that all available security updates are installed. Some MDM products include the ability to disable access to enterprise resources if devices are not kept up to date or are otherwise not compliant.
Yep, MDM products like AlertBoot Mobile Security do that and more.

Overall, the guidelines given in this document are, for the lack of a better word, generic.  You might almost say it's commonplace (or common sense).  One might have expected more from the USA's premier security agency, but then again, this is an unclassified document.  Who knows what the classified ones say?

There are many ways of securing your digital data, but the basics never go out of style.

Related Articles and Sites:
http://www.nsa.gov/ia/_files/os/applemac/Apple_iOS_5_Guide.pdf
http://www.fastcompany.com/3004176/how-americas-spies-use-iphones-and-ipads
 
<Previous Next>

Disk Encryption: PGP/Symantec, TrueCrypt, and BitLocker Disk Encrypted Data Can Be Accessed With Forensic Software

Health Data Disk Encryption: Healthcare Organizations Are Vulnerable To Online Hacks

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.