Access "Gary McGraw on mobile security: It’s all about mobile software security"
This article is part of the July/August 2012 issue of Establishing an effective internal security pen testing methodology
You're a geek (well, you are reading this!), so you probably have a smartphone, maybe something cool like a Galaxy Nexus running Android or an iPhone4S. You’re bumming if you still have a rusty old RIM Blackberry, but likely are due for an upgrade any day now,as soon as the lagging corporate policy allows you to switch. You also have a security disaster in your pocket just waiting to happen. Don’t feel bad, we all do. So what is a geek to do about mobile security? I wrote my first article on mobile device security way back in June 2005. In it, I pondered whether cell phones were going to be the next big security target. This was before the massive convergence of computers and phones. Even back then, we saw the storm brewing. In fact, the first real cell phone worm, Cabir, was released in 2004. SMS (or texting as the kids call it) seemed like an even more obvious vector than Bluetooth and, sure enough, there are plenty of SMS-based attacks to be seen. Convergence is all done now, and phones, computers, laptops, and iPads are mostly interchangeable. Today, ... Access >>>
Premium Content for Free.
How to pen test: Why you need an internal security pen testing program
by Dave Shackleford
Learn pen testing best practices and how to build an internal pen testing team.
Securing SharePoint: SharePoint security best practices
by Marcia Savage
SharePoint has become ubiquitous in the enterprise, but organizations can overlook security. Learn SharePoint security best practices in this article.
Talk of cyberwarfare threats heats up with Flame malware
by Robert Westervelt
Experts say malware toolkit isn’t unique, but warn of cyberweapons falling into the wrong hands.
- How to pen test: Why you need an internal security pen testing program by Dave Shackleford
Big data security analytics: Harnessing new tools for better security
by Scott Crawford, Contributor
New techniques are emerging to help organizations analyze security data and improve security defenses.
Three steps for securing SharePoint
by Brien Posey
Restricting user permissions, server hardening and dedicated service accounts are critical.
- Big data security analytics: Harnessing new tools for better security by Scott Crawford, Contributor
Gary McGraw on mobile security: It’s all about mobile software security
by Gary McGraw, Contributor
Mobile systems have a lot of moving parts, but securing them is as simple as practicing software security.
Cyberspace protection requires government collaboration with industry
by Riley Repko, Contributor
Government and private sector collaboration is critical to surviving in cybespace.
LinkedIn password leak: Lessons to be learned from LinkedIn breach
by Marcia Savage
Breach at the professional networking site highlights password practices, storage procedures.
- Gary McGraw on mobile security: It’s all about mobile software security by Gary McGraw, Contributor
More Premium Content Accessible For Free
The variety and sheer number of network endpoints, users and devices in the enterprise today is driving IT's demands for enhanced security features ...
Enterprises leverage open source software for the perceived quality of the code, but the Heartbleed flaw has made many question their use of ...
The network of today's enterprise is larger and more diverse than ever, which means there's more for hackers to attack. So as enterprises update ...