Mobile Access Safety: Beyond BYOD

Overview

Over recent years, the amount of mobile equipment that needs to be connected to corporate networks remotely (smartphones, laptops, etc.) has increased rapidly. Innovative development perspectives and new tendencies such as BYOD (bring your own device) are exposing business information systems more than ever to various compromising threats. The safety control of remote access has become a strategic issue for all companies. This book reviews all the threats weighing on these remote access points, as well as the ...

See more details below
Other sellers (Hardcover)
  • All (8) from $69.99   
  • New (7) from $69.99   
  • Used (1) from $90.28   
Mobile Access Safety: Beyond BYOD

Available on NOOK devices and apps  
  • NOOK Devices
  • Samsung Galaxy Tab 4 NOOK
  • NOOK HD/HD+ Tablet
  • NOOK
  • NOOK Color
  • NOOK Tablet
  • Tablet/Phone
  • NOOK for Windows 8 Tablet
  • NOOK for iOS
  • NOOK for Android
  • NOOK Kids for iPad
  • PC/Mac
  • NOOK for Windows 8
  • NOOK for PC
  • NOOK for Mac
  • NOOK for Web

Want a NOOK? Explore Now

NOOK Book (eBook)
$55.99
BN.com price
(Save 42%)$97.95 List Price

Overview

Over recent years, the amount of mobile equipment that needs to be connected to corporate networks remotely (smartphones, laptops, etc.) has increased rapidly. Innovative development perspectives and new tendencies such as BYOD (bring your own device) are exposing business information systems more than ever to various compromising threats. The safety control of remote access has become a strategic issue for all companies. This book reviews all the threats weighing on these remote access points, as well as the existing standards and specific countermeasures to protect companies, from both the technical and organizational points of view. It also reminds us that the organization of safety is a key element in the implementation of an efficient system of countermeasures as well. The authors also discuss the novelty of BYOD, its dangers and how to face them.

Contents

1. An Ordinary Day in the Life of Mr. Rowley, or the Dangers of Virtualization and Mobility.
2.Threats and Attacks.
3. Technological Countermeasures.
4. Technological Countermeasures for Remote Access.
5. What Should Have Been Done to Make Sure Mr Rowley’s Day Really Was Ordinary.

About the Authors

Dominique Assing is a senior security consultant and a specialist in the management and security of information systems in the banking and stock markets sectors. As a security architect and risk manager, he has made information security his field of expertise.
Stephane Calé is security manager (CISSP) for a major automobile manufacturer and has more than 15 years of experience of putting in place telecommunications and security infrastructures in an international context.

Read More Show Less

Product Details

  • ISBN-13: 9781848214354
  • Publisher: Wiley
  • Publication date: 3/4/2013
  • Series: ISTE Series
  • Edition number: 1
  • Pages: 256
  • Product dimensions: 6.30 (w) x 9.30 (h) x 1.20 (d)

Table of Contents

Introduction ix

Chapter 1. An Ordinary Day in the Life of Mr. Rowley, or the Dangers of Virtualization and Mobility 1

1.1. A busy day 1

1.2. The ups and downs of the day 3

1.3. What actually happened? 3

Chapter 2. Threats and Attacks 7

2.1. Reconnaissance phase 9

2.1.1. Passive mode information gathering techniques 10

2.1.2. Active mode information gathering techniques 14

2.2. Identity/authentication attack 22

2.2.1. ARP spoofing 22

2.2.2. IP spoofing 22

2.2.3. Connection hijacking 29

2.2.4. Man in the middle 29

2.2.5. DNS spoofing 30

2.2.6. Replay attack 31

2.2.7. Rebound intrusion 31

2.2.8. Password hacking 32

2.2.9. The insecurity of SSL/TLS 34

2.3. Confidentiality attack 38

2.3.1. Espionage software 39

2.3.2. Trojans 41

2.3.3. Sniffing 43

2.3.4. Cracking encrypted data 44

2.4. Availability attack 49

2.4.1. ICMP Flood 50

2.4.2. SYN Flood 50

2.4.3. Smurfing 52

2.4.4. Log Flood 52

2.4.5. Worms 53

2.5. Attack on software integrity 55

2.6. BYOD: mixed-genre threats and attacks 57

2.7. Interception of GSM/GPRS/EDGE communications 61

Chapter 3. Technological Countermeasures 65

3.1. Prevention 66

3.1.1. Protection of mobile equipment 67

3.1.2. Data protection 71

3.2. Detection 81

3.2.1. Systems of intrusion detection 81

3.2.2. Honeypot 88

3.2.3. Management and supervision tools 91

3.3. Reaction 95

3.3.1. Firewall 95

3.3.2. Reverse proxy 102

3.3.3. Antivirus software 104

3.3.4. Antivirus software: an essential building block but in need of completion 107

3.4. Organizing the information system’s security 108

3.4.1. What is security organization? 109

3.4.2. Quality of security, or the attraction of ISMS 110

Chapter 4. Technological Countermeasures for Remote Access 113

4.1. Remote connection solutions 114

4.1.1. Historic solutions 115

4.1.2. Desktop sharing solutions 115

4.1.3. Publication on the Internet 116

4.1.4. Virtual Private Network (VPN) solutions 118

4.2. Control of remote access 137

4.2.1. Identification and authentication 139

4.2.2. Unique authentication 155

4.3. Architecture of remote access solutions 157

4.3.1. Securing the infrastructure 157

4.3.2. Load balancing/redundancy 161

4.4. Control of conformity of the VPN infrastructure 162

4.5. Control of network admission 166

4.5.1. Control of network access 166

4.5.2. ESCV (Endpoint Security Compliancy Verification) 167

4.5.3. Mobile NAC 170

Chapter 5. What Should Have Been Done to Make Sure Mr Rowley’s Day Really Was Ordinary 173

5.1. The attack at Mr Rowley’s house 173

5.1.1. Securing Mr Rowley’s PC 173

5.1.2. Securing the organizational level 174

5.1.3. Detection at the organizational level 175

5.1.4. A little bit of prevention 175

5.2. The attack at the airport VIP lounge while on the move 176

5.3. The attack at the café 176

5.4. The attack in the airport VIP lounge during Mr Rowley’s return journey 178

5.5. The loss of a smartphone and access to confidential data 180

5.6. Summary of the different security solutions that should have been implemented 181

Conclusion 187

APPENDICES 189

Appendix 1 191

Appendix 2 197

Bibliography 223

Index 233

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)