Internet And Network Technologies
Securing Mobile Devices in the Enterprise
Securing Mobile Devices in the Enterprise: Configuring Enterprise-level Security
sp_emds_a04_it_enus
Securing Mobile Devices in the Enterprise: Mobile Security Technologies
sp_emds_a02_it_enus
Securing Mobile Devices in the Enterprise: Mobile Security Threat Mitigation
sp_emds_a03_it_enus
Securing Mobile Devices in the Enterprise: Mobile Security Threats
sp_emds_a01_it_enus
Securing Mobile Devices in the Enterprise: Configuring Enterprise-level Security
Lesson Objectives
Securing Mobile Devices in the Enterprise: Configuring Enterprise-level Security
- start the course
- describe network architecture challenges for securing enterprise mobile devices
- describe a solution for enterprise mobile device security challenges based on Microsoft's product portfolio
- create an account for Microsoft Intune
- navigate the Microsoft Intune interface
- enroll devices in Microsoft Intune
- target devices in Microsoft Intune
- enforce configurations in Microsoft Intune
- handle certificates in Microsoft Intune
- deploy enterprise profiles in Microsoft Intune
- distribute apps in Microsoft Intune
- protect data in Microsoft Intune
- describe Microsoft System Center Configuration Manager and Intune interoperability
- configure the Microsoft Intune Connector Role
- prepare for Windows Mobile device enrollment in Microsoft System Center Configuration Manager
- prepare for iOS device enrollment in Microsoft System Center Configuration Manager
- create an account on Microsoft Intune, enroll devices, and deploy enterprise profiles
Overview/Description
The final stage in moving toward a secure mobile enterprise requires the use of a mobile device management (MDM) platform. These management systems can lock down and govern all aspects of mobile device usage in the enterprise in COD and BYOD scenarios. In this course, you will learn about a model for enterprise mobile security and two MDM systems from Microsoft – Intune and System Center Configuration Manager.
The final stage in moving toward a secure mobile enterprise requires the use of a mobile device management (MDM) platform. These management systems can lock down and govern all aspects of mobile device usage in the enterprise in COD and BYOD scenarios. In this course, you will learn about a model for enterprise mobile security and two MDM systems from Microsoft – Intune and System Center Configuration Manager.
Target Audience
Enterprise network engineers and managers, network security engineers and managers, anyone tasked with providing secure access to company resources from mobile devices
Enterprise network engineers and managers, network security engineers and managers, anyone tasked with providing secure access to company resources from mobile devices
Securing Mobile Devices in the Enterprise: Mobile Security Technologies
Lesson Objectives
Securing Mobile Devices in the Enterprise: Mobile Security Technologies
- start the course
- describe usage scenarios for cryptography
- describe the theory of one-way cryptographic functions and hashes
- describe hashing and identify the main hashing algorithms
- perform hashing using Windows PowerShell
- describe symmetric encryption
- describe asymmetric encryption and its common uses
- encrypt and decrypt a message using OpenSSL
- describe digital signing
- perform digital signing using OpenSSL
- describe key distribution in cryptographic systems
- describe digital certificates and the process of issuing certificates in a CA system
- create a certificate in Visual Studio makecert
- describe requirements for back-end security for mobile applications
- describe measures to harden services for mobile applications
- describe requirements for securing app mobile app deployment
- describe measures to protect mobile apps at the transport layer
- describe infrastructure security requirements to support secure mobile apps
- describe the architecture of a demilitarized zone to protect mobile app services
- describe the use of a reverse proxy in protecting mobile app back-end services
- describe processes for securing directory services and certificate authorities used in mobile app back-end systems
- describe the use of S/MIME to secure e-mail in the enterprise
- describe the use of rights management systems to secure document content
- describe measures to protect data in transit and at rest
- describe the use of mobile device management systems to fully manage secure mobile devices
- describe threats to back-end systems, and strategies to mitigate them
Overview/Description
Cryptography provides the means to secure data at rest and in transit, but that's only part of the story for hardening mobile systems. Requirements for a hardened back-end infrastructure are magnified by mobile units as these go-anywhere devices provide attackers with a potentially simple route into your back-end network. In this course, you will learn about encryption, some practical use cases in the mobile enterprise, and back-end hardening for mobile systems.
Cryptography provides the means to secure data at rest and in transit, but that's only part of the story for hardening mobile systems. Requirements for a hardened back-end infrastructure are magnified by mobile units as these go-anywhere devices provide attackers with a potentially simple route into your back-end network. In this course, you will learn about encryption, some practical use cases in the mobile enterprise, and back-end hardening for mobile systems.
Target Audience
Enterprise network engineers and managers; network security engineers and managers; anyone tasked with providing secure access to company resources from mobile devices
Enterprise network engineers and managers; network security engineers and managers; anyone tasked with providing secure access to company resources from mobile devices
Securing Mobile Devices in the Enterprise: Mobile Security Threat Mitigation
Lesson Objectives
Securing Mobile Devices in the Enterprise: Mobile Security Threat Mitigation
- start the course
- describe the requirements for establishing a mobile enterprise
- describe mobile device ownership models and how they relate to a coherent mobile threat mitigation strategy
- describe mitigation strategies for unmanaged devices in a small organization
- describe mitigation strategies for unmanaged company-owned devices
- describe appropriate user policies for risk mitigation with unmanaged devices
- configure security settings on unmanaged Android devices
- configure security settings on |INS |/INS unmanaged iPhone and iPad iOS devices
- configure security settings on |INS |/INS unmanaged Windows Phone devices
- describe requirements for secure cloud storage
- use Boxcryptor to encrypt and secure cloud data
- describe Microsoft Exchange ActiveSync functionality for managing mobile devices
- configure Office 365 Exchange ActiveSync to manage mobile devices
- describe challenges with transport layer security, and how they can be solved with short-lived session keys and perfect forward secrecy
- configure perfect forward secrecy in Internet Information Services
- describe virtual private networks for securing network connections
- connect a mobile device to a VPN server
- describe BYOD containers for segregating data on BYOD devices
- describe usage scenarios for BYOD containers
- configure BYOD containers using Good Work
- describe security functionality offered by app wrapper technologies for mobile devices
- describe methods to mitigate malicious functionality in mobile apps
- describe methods to mitigate code vulnerabilities in mobile apps
- describe Microsoft Azure Rights Management cloud-based rights management system
- configure Microsoft Azure Rights Management System to protect confidential documents
- describe mitigation strategies for BYOD and COD devices in the enterprise
Overview/Description
Once you have identified threats to mobile security, the next step in creating the fully mobile-aware enterprise is to look at mitigation strategies. In this course, you will learn about threat mitigation in a small, unmanaged environment; in a semi-managed environment using Exchange ActiveSync; and in a fully managed environment using a mobile device management (MDM) solution. You will also learn about mitigation from a Bring Your Own Device (BYOD) and a company-owned device (COD) perspective.
Once you have identified threats to mobile security, the next step in creating the fully mobile-aware enterprise is to look at mitigation strategies. In this course, you will learn about threat mitigation in a small, unmanaged environment; in a semi-managed environment using Exchange ActiveSync; and in a fully managed environment using a mobile device management (MDM) solution. You will also learn about mitigation from a Bring Your Own Device (BYOD) and a company-owned device (COD) perspective.
Target Audience
Enterprise network engineers and managers, network security engineers and managers, anyone tasked with providing secure access to company resources from mobile devices
Enterprise network engineers and managers, network security engineers and managers, anyone tasked with providing secure access to company resources from mobile devices
Securing Mobile Devices in the Enterprise: Mobile Security Threats
Lesson Objectives
Securing Mobile Devices in the Enterprise: Mobile Security Threats
- |INS start the course |/INS
- describe current mobile devices and form factors
- describe the current state of mobile device security
- describe mobile security considerations
- describe the process to determine risk in a mobile environment
- describe sensitive mobile assets
- describe sensitive usage scenarios for mobile devices
- describe how mobile data is stored and transported
- list the OWASP top 10 mobile risks, and describe how weak server-side controls affect mobile device back-end systems
- describe how insecure data storage affects mobile device front-end and back-end systems
- describe how insufficient transport layer protection affects mobile device front-end and back-end systems
- describe how unintended data leakage affects mobile device front-end and back-end systems
- describe how poor authorization and authentication affects mobile device front-end and back-end systems
- describe how broken cryptography affects mobile device front-end and back-end systems
- describe how client-side injection affects mobile device front-end systems
- describe how security decisions via untrusted inputs affect mobile device back-end systems
- describe how improper session handling affects mobile device front-end systems
- describe how lack of binary protections affects mobile device front-end systems
- describe the potential technical impacts of mobile exploits
- describe the potential business impacts of mobile exploits
- describe requirements for secure device data handling
- describe requirements for secure device authorization and authentication
- describe requirements for secure device sensors, jailbreaking, and mobile device management systems
- describe requirements for secure device connectivity and apps
- describe requirements for users of secure devices
- assess threats from OWASP top 10 and their impact on mobile systems
Overview/Description
Mobile security threats are among the most serious threats to the enterprise, as mobile attacks are often a gateway to a wider attack on connected resources. The Open Web Application Security Project tracks the top 10 security concerns for mobile devices and applications, and this course uses those risks as a basis for discussing mobile security. In this course, you will learn about some best practices for securely handling mobile devices.
Mobile security threats are among the most serious threats to the enterprise, as mobile attacks are often a gateway to a wider attack on connected resources. The Open Web Application Security Project tracks the top 10 security concerns for mobile devices and applications, and this course uses those risks as a basis for discussing mobile security. In this course, you will learn about some best practices for securely handling mobile devices.
Target Audience
Enterprise network engineers and managers; network security engineers and managers; anyone tasked with providing secure access to company resources from mobile devices
Enterprise network engineers and managers; network security engineers and managers; anyone tasked with providing secure access to company resources from mobile devices
