What are two methods typically used on a mobile device to provide internet connectivity

Mobile Devices

Mobile devices are probably the most commonly used device for communications, such as texting, e-mail, and of course, phone calls. The antiforensic methods on mobile devices are not as extensive as on computer systems, but they are certainly just as problematic depending upon the type of mobile device and encryption employed. Although some of the same applications can be used on a mobile device, such as the Tor browser, a computer displays the information to the computer user in a friendlier manner.

Computers and laptops still remain primary targets along with mobile devices for seizure in order to obtaining communications, for several reasons. The methods to communicate covertly using a laptop or computer are simply easier as a matter of convenience for the computer user. Large monitors, full-size keyboards, easier access to forums chatting, video conferencing, and creating user files are more convenient with a computer than a smartphone or tablet. Messages are easier to create, encrypt, or hide in other files on a computer system using a word processor rather than on a mobile device.

Publisher Summary

Mobile devices access smart grid resources through mobile applications designed specifically for mobile devices. However, every type of device capable of accessing the applications attacks these mobile applications. Mobile devices enable employees to stay connected with their organization's network and resources while out in the field diagnosing and fixing issues. Mobile application developers seeking to reach the broadest audience support multiple platforms. The following list contains some of the more common mobile platforms: cell phones (smart and regular), mobile Internet devices, portable media players, laptops, and netbooks. Because of the extensive variety of platforms, applications, and inherent mobility, mobile devices are more difficult to manage and oftentimes lack centralized management capabilities. This leads to a greater reliance on individual users to implement secure practices, such as screen locking and regularly making backups.

Summary

Mobile devices are no less secure just because they are small. While many protections are built into these devices, the reality is that things like code signing and certifications can be defeated. In addition, with the introduction of third-party applications to the mobile device, the attack landscape grows. The reality of the situation is that a mobile device needs to be treated with a higher level of security than the desktop and/or laptop. Not only do users have to follow secure use policies, such as do not open attachments from unknown sources, but they also have to deal with numerous points of entry (for instance, SMS, e-mail, data, Bluetooth, IrDA, and Wi-Fi) and ensure the device is not left behind in a cab or stolen from a pocket. In many ways, the mobile device is a very scare device with regards to security.

As if the threats facing mobile devices aren't enough, corporations also have to recognize the threat that a mobile user can be to other users. While it might be small, many mobile devices can host offensive software that can locate and gain unauthorized access to resources in their immediate area. Whether it is jamming the wireless surveillance camera, or attempting to upload files to local Bluetooth users, a mobile user can turn their device into a weapon with enough power to take down a network.

It isn't the size that counts; it's what you do with it that matters! Promiscuous behavior will result in unwanted side effects.

Preparing an Isolated Environment

Mobile devices are unique in that they often have three or more methods of communication. Wireless, GPRS, Bluetooth, and IrDA are often all available to mobile phone users. As a result, it is essential that a mobile researcher analyze the software in a safe and secure environment—away from other people and their mobile devices. For example, it would not be prudent for a researcher to study how a Bluetooth-enabled virus works in a university lab. Imagine what would happen if students started receiving Bluetooth requests for file transfers on their mobiles.

7.3.5 Communication

Mobile devices communicate in a variety of ways with other fixed or mobile devices that can be discovered dynamically. The aspects of communication that may affect the interface are:

Connectivity update notifications: they signal the change of the available communication channels and can be captured as system events that express an update of one or more ContextDimensions; and

Devices in range: other devices can enter or leave the communication range. This feature can be modeled as a system event that signals the discovery of a device. Data transfer activities can be modeled as Actions that encapsulate the details of the protocol used to manage the conversation.

Figure 7.15 shows an example of communication-enabled interface: the usage of near field communication (NFC) for exchanging the contact details of the user.

The application consists of two parts, a sender and a receiver. The “NFCCardSender” interface is minimal, because NFC normally requires the communicating devices to be very close and thus there is little space for user’s interaction. The interface presents the personal data to the user who can confirm his intent to make them available to NFC devices in range. The “SendViaNFC” Action abstracts the steps necessary to build up the NFC record and notify the device that it is ready to be dispatched.

The “NFCCardReceiver” ViewContainer models the application on the side of the receiver. The reception of the NFC payload is modeled as an asynchronous event that abstracts the system process of parsing NFC messages and triggering the registered applications that handle them. The interface is again very basic: the user can confirm and save the data or discard the message.

Figure 7.16 shows an example of adaptation of the interface composition to the network type.

The interface for reading a message is implemented in two versions. One version presents a message with all its attachments downloaded automatically. The second interface requires an explicit user command for downloading an attachment, and the attachments are downloaded and shown one at a time using a ScrollableList. The choice of which alternative interface to use is conditioned by means of an ActivationExpression, illustrated in chapter 5, that tests the type of connectivity available based on the ContextVariable ConnectivityType. On-demand attachment visualization is selected when the connection type is “MOBILE” to reduce bandwidth consumption and interface latency.

3.3.4 Summary of Mobile Cloud Services

The mobile devices, such as smart phones, are more and more popular. These devices are becoming powerful and carrying more sensors, so they become good candidates to collect environment data as well as to be a computation platform. The mobile clouds eventually serve users. As the bridge between users and resources or clouds, the mobile devices can be service providers for clouds to collect data, or be service consumers to delegate the tasks to the cloud, or connect the other service providers and consumers. The flexible role of the mobile devices leads to the various roles in the mobile cloud service model.

Conclusion

Mobile devices have provided a lot of capability for users to be productive no matter where they are. There are a number of challenges by enabling mobile devices for business use, including the risk associated with extending the edge of the enterprise network. This is what invariably happens when you allow access to corporate information like e-mail from mobile devices. Wherever that mobile device is becomes the edge of your network, whether the access is from a WiFi hotspot in a coffee shop or whether it’s being accessed over the cellular data network of your cell provider. While this was previously true by opening up a VPN gateway to allow remote access from your remote workers, especially if you allowed split tunneling, it’s even more true with mobile devices because of the potential for greater volumes. Using a push technology rather than pull will help alleviate this risk.

We are coming to a point where antivirus or some other malware protection software will become commonplace on mobile devices. One of the reasons for this is because they present an enormous foothold for those who have malicious intent, particularly when it comes to stealing information. Where there is an opportunity, there will be people lined up to take advantage of the opportunity, and right now one of the biggest opportunities is mobile devices. There is already malware in the wild affecting Android, iOS, and Blackberry. You can expect more malware instances on all the platforms as mobile usage continues to rise.

There is no stopping adoption of mobile technology at this point nor should there be any attempt to stop it. Mobile technology may be blurring the lines between work and home life, but in the end, if used wisely, it has the potential to improve the work-life balance because you don’t have to be chained to your desk any longer to be productive. You can be at your kids’ soccer game and still be available for business calls, just as though you were at your desk, and you can still answer important e-mail messages from anywhere you are. It’s worth being vigilant, however, that just because you can be productive from anywhere you are that you don’t allow your business life to take over your family life, just because you have that ability.

1.26.3.2 Distributed Spatial Database

Mobile devices have relatively lower disk space than PC. It might be impossible to store all the spatial data on one small device. Even if several spatial data compression techniques have been proposed, it is widely accepted that only a small portion of the spatial data which are close to the user’s current location can be stored in the mobile device temporarily using the caching technique or the dynamic data model strategy (Shi et al., 2009). The whole spatial database may be better stored in the servers while many mobile GIS also support offline storage mode (more details in the “Mobile Databases” section). The spatial data can be stored in one server and can also be distributed among multiple servers and clusters.

12.15 Cross-Border Data Theft

Mobile devices as a vector for data to leave the organization is nothing new, as the inherent mobility beginning with laptops has always made it impossible to rely on a strong perimeter for adequate protection. The cloud computing revolution and the myriad of hosted application services that are not geographically fixed has made it easier for data to cross national borders. With the increased use of mobile, the applications and data stored in mobile devices used locally and globally may put both users and organizations at risk. In addition, data traveling on the mobile devices is typically subject to laws and regulations that will vary from one jurisdiction to another. There are many legal/jurisdictional issues with this architecture, and organizations are just now starting to work through them.

The cross-border nature of cybercrime means that organizations should ensure good document protection practices by improving digital document security techniques. A second aspect is for organizations that have international offices, where cross-border document exchange is known, should establish proactive relationships with colleagues in international locations to identify and minimize barriers to swift and effective international cooperation in response to cross-border data theft.

Managing Mobile Devices

Now that we have finished our mobile deployment, how do we go about managing the mobile devices in our organization? Well, unlike Exchange Server 2003 SP2, which required you to download a separate Web administration tool (called the Mobile Administration Web tool) that among other things allowed you to delete device partnerships and remote wipe stolen or lost devices from a central location, these features and more are an integral part of the Exchange Management Console.

To manage the mobile device(s) for a specific user, you must perform the following steps:

Open the Exchange Management Console.

Expand the Recipient Configuration work center and click Mailbox.

Select the user mailbox for which you want to manage a mobile device.

Click Manage Mobile Device.

The Manage Mobile Device wizard now appears (Figure 5.52).

Here you can see the mobile devices that have an established partnership with the respective user mailbox. Under Additional device information, you can see when the first synchronization occurred, when the last device wipe command was issued, the acknowledge time for the device wipe, when the device was last updated with a policy, as well as the last ping heartbeat in seconds (this should be between 15 and 30 minutes, depending on how keep alive sessions have been configured with your mobile service provider and on your firewall). Finally, you can see the recovery password here (if enabled by policy).

Under Action, you have the option of either removing (a.k.a., deleting) a mobile device partnership, as well as performing a remote wipe of a mobile device. Performing a remote wipe of a mobile device will delete any data held in memory as well as on the storage card. In other words, the device will be reset to its factory defaults.

NOTE

Removing a mobile device partnership will not delete any data on the mobile device.

In order to reduce the load on IT staff (primarily the Helpdesk), the Exchange Product group also implemented these mobile device management features into OWA 2007. This means users can manage their own devices, as shown in Figure 5.53.

TIP

To remove a mobile device partnership or remote wipe a mobile device using the Exchange Management Shell, you must use the Remove-ActiveSyncDevice and ClearActiveSyncDevice cmdlets, respectively. For further details on how to do this, type Get-Help Remove-ActiveSyncDevice and/or Get-Help ClearActiveSyncDevice in the Exchange Management Shell.