WELCOME

Cyber Security
What is Mobile Security?
Cyber security
Lecture 30

INSTRUCTOR: MUHAMMAD
NAEEM KHAN
 What is mobile security?
Mobile device security states that the protection set together to prevent hackers and
other unauthorized users from accessing smartphones, tablets, and other portable
electronic devices. It means implementing plans and employing instruments to protect
private, sensitive, and personal data on these devices. To ensure that users may use their
mobile devices safely and securely, mobile device security simply attempts to prevent
unauthorized access, data breaches, and virus attacks on mobile devices. Mobile device
cybersecurity covers protecting data on the device itself as well as on endpoints and
networking hardware that are connected to the device.
Why is Mobile Device Security Important?
Mobile device security is crucial for several reasons:
Individual Information Insurance: Cell phones store an abundance of individual data,
including contacts, messages, photographs, and monetary subtleties. Getting these
gadgets safeguards delicate information from unapproved access and likely abuse.
Protection Worries: With applications and administrations getting to different
individual information, hearty security guarantees that this data isn't uncovered or
abused by vindictive gatherings.
 Continue….
 Counteraction of Unapproved Access: Cell phones frequently act as doors to
different frameworks, for example, email accounts and corporate organizations. Solid
safety efforts assist with forestalling unapproved admittance to these frameworks
through compromised gadgets.
 Relieving Malware and Assaults: Cell phones are vulnerable to malware, phishing
assaults, and different types of digital dangers. Safety efforts like antivirus
programming and customary updates help safeguard against these dangers.
 Monetary Insurance: Many individuals utilize their cell phones for banking and
shopping. Guaranteeing gadget security safeguards monetary exchanges and
forestalls false exercises.
 Consistence Prerequisites: Associations frequently need to conform to information
assurance guidelines (e.g., GDPR, CCPA). Secure cell phones assist with meeting these
legitimate and administrative necessities.
 Business Congruity: For organizations, cell phones frequently contain basic business
related information. Getting these gadgets is fundamental to guarantee business tasks
can proceed flawlessly without interferences because of safety breaks.
 Notoriety The Board: A security break can harm a person's or alternately
association's standing. Guaranteeing cell phone security keeps up with trust and
What are the Benefits of Mobile Device
Security?
The benefits of mobile device security are significant and wide-ranging:
Insurance of Individual Data: Safety efforts assist with defending delicate individual
information, for example, contact subtleties, messages, photographs, and monetary data,
from unapproved access and likely abuse.
 Upgraded: Serious areas of strength for protection conventions guarantee that
individual and confidential data stays private and isn't presented to unapproved
parties or pernicious entertainers.
 Counteraction of Unapproved Access: Compelling security keeps unapproved
clients from getting to the gadget and its items, including delicate applications and
records.
 Relief of Digital Dangers: Cell phone security safeguards against malware, phishing
assaults, and different types of digital dangers that could think twice about gadget and
its information.
 Secure Correspondence: Encryption and secure correspondence conventions assist
with guaranteeing that messages and calls produced using the gadget are private and
safeguarded from block attempt.
 Monetary Wellbeing: For clients who go through with monetary exchanges or
oversee banking exercises on their cell phones, safety efforts help safeguard against
How Does Mobile Device Security work?
Here are six key components:
 Confirmation: This includes checking the character of the client prior to giving
admittance to the gadget. Normal strategies incorporate passwords, PINs, biometric
information (like fingerprints or facial acknowledgment), and multifaceted
confirmation (MFA). This guarantees that main approved people can get to the gadget
and its items.
 Encryption: Information encryption safeguards data put away on the gadget and sent
over networks by changing over it into a code that must be translated by approved
clients. Full-plate encryption gets all information on the gadget, while encryption of
individual documents or interchanges guarantees explicit information stays classified.
 Secure Working Frameworks: Portable working frameworks (operating system) are
planned with security highlights to safeguard against dangers. Ordinary updates and
fixes are crucial for address weaknesses and upgrade security. Operating system
security highlights could incorporate sandboxing (secluding applications from one
another), secure boot processes, and application consents the executives.
How Does Mobile Device Security work?
 Antivirus and Against Malware Programming: These projects recognize and
alleviate vindictive programming that could think twice about gadget. They filter for
and eliminate infections, worms, spyware, and other destructive programming, giving
continuous insurance against new dangers.
 Far off Administration and Observing: For authoritative gadgets, cell phone the
executives (MDM) arrangements empower remote checking, the board, and control.
Elements might incorporate remote wipe (to eradicate information assuming that the
gadget is lost or taken), gadget following, and authorization of safety approaches and
designs.
 Network Security: Guaranteeing secure correspondence over networks is essential.
This includes utilizing VPNs (Virtual Confidential Organizations) to encode information
communicated over open organizations, utilizing secure Wi-Fi conventions (like
WPA3), and keeping away from associations with unstable or dubious organizations.
 Types of Mobile Device Security
 Lock Screen Security- To secure access to our devices and to prevent unwanted use
of PIN code, password, fingerprint, or facial recognition.
 Encryption- This is the strong technique used by encrypting our data to avoid the
possibility of data leakage even if our device is stolen also the person who takes it
won't be able to access our personal information without the decryption algorithm.
 App Permissions- Limit the app permissions to verified users only and examine and
adjust to limit personal information, such as your location, contacts, or camera.
 Software Update- Keep updating the operating system and apps on your device to
minimize risks, and security flaws and defend against the most recent threats.
 Avoid Public WiFi- Use public Wi-Fi very carefully as these networks may be insecure
and leak your data directly to hackers. Install a VPN instead.
 Backup Data- In case your device is stolen, lost, or mishandled by someone then
there is a high risk of loss of data so keep regular backup of your data to a secure
location like any external hard drive or cloud storage.
 Remote Wipe- To protect your personal information from unauthorized access enable
remote wipe functionality to suddenly erase all of your data if your device is lost or
stolen.
 Security In Cloud Computing :
Cloud computing which is one of the most demanding technology of the current time,
starting from small to large organizations have started using cloud computing services.
Where there are different types of cloud deployment models are available and cloud
services are provided as per requirement like that internally and externally security is
maintained to keep the cloud system safe. Cloud computing security or cloud security is
an important concern which refers to the act of protecting cloud environments, data,
information and applications against unauthorized access, DDOS attacks, malwares,
hackers and other similar attacks. Community Cloud : These allow to a limited set of
organizations or employees to access a shared cloud computing service environment.
Planning of security in Cloud Computing :
As security is a major concern in cloud implementation, so an organization have to plan
for security based on some factors like below represents the three main factors on which
planning of cloud security depends.
 Resources that can be moved to the cloud and test its sensitivity risk are picked.
 The type of cloud is to be considered.
 The risk in the deployment of the cloud depends on the types of cloud and service
models.
 Security In Cloud Computing :
Types of Cloud Computing Security Controls :
There are 4 types of cloud computing security controls i.e.
Deterrent Controls : Deterrent controls are designed to block nefarious attacks on a
cloud system. These come in handy when there are insider attackers.
Preventive Controls : Preventive controls make the system resilient to attacks by
eliminating vulnerabilities in it.
Detective Controls : It identifies and reacts to security threats and control. Some
examples of detective control software are Intrusion detection software and network
security monitoring tools.
Corrective Controls : In the event of a security attack these controls are activated. They
limit the damage caused by the attack.
 Security In Cloud Computing :
Importance of cloud security :
For the organizations making their transition to cloud, cloud security is an essential
factor while choosing a cloud provider. The attacks are getting stronger day by day and
so the security needs to keep up with it. For this purpose it is essential to pick a cloud
provider who offers the best security and is customized with the organization’s
infrastructure. Cloud security has a lot of benefits –
 Centralized security : Centralized security results in centralizing protection. As
managing all the devices and endpoints is not an easy task cloud security helps in
doing so. This results in enhancing traffic analysis and web filtering which means less
policy and software updates.
 Reduced costs : Investing in cloud computing and cloud security results in less
expenditure in hardware and also less manpower in administration
 Reduced Administration : It makes it easier to administer the organization and does
not have manual security configuration and constant security updates.
 Reliability : These are very reliable and the cloud can be accessed from anywhere
with any device with proper authorization.
 Security In Cloud Computing :
Importance of cloud security :
For the organizations making their transition to cloud, cloud security is an essential
factor while choosing a cloud provider. The attacks are getting stronger day by day and
so the security needs to keep up with it. For this purpose it is essential to pick a cloud
provider who offers the best security and is customized with the organization’s
infrastructure. Cloud security has a lot of benefits –
 Centralized security : Centralized security results in centralizing protection. As
managing all the devices and endpoints is not an easy task cloud security helps in
doing so. This results in enhancing traffic analysis and web filtering which means less
policy and software updates.
 Reduced costs : Investing in cloud computing and cloud security results in less
expenditure in hardware and also less manpower in administration
 Reduced Administration : It makes it easier to administer the organization and does
not have manual security configuration and constant security updates.
 Reliability : These are very reliable and the cloud can be accessed from anywhere
with any device with proper authorization.
 What is IoT Security?
IoT security is a technology area that particularly focuses on protecting connected
devices and networks in IoT. The act of protecting these devices and making sure they
don't bring risks into a network is known as IoT security. Attacks are likely to occur to
anything linked to the Internet at some time. From the Internet of Things devices,
Attackers may utilize remote access to steal data by using a variety of strategies,
including credential theft and vulnerability exploitation.
Types of IoT Security
IoT security encompasses a multi-layered approach to protect devices, networks, and
data. It involves both user and manufacturer responsibilities.
1. Network Security
This focuses on safeguarding the overall IoT network infrastructure. It involves:
Establishing a strong network perimeter: Implementing firewalls, intrusion detection
systems, and access controls to prevent unauthorized entry.
Enforcing zero-trust architecture: Assuming every device and user is potentially
malicious, requiring continuous verification.
Securing network communication: Encrypting data transmitted between devices and
using secure protocols.
 What is IoT Security?
2. Device Security
This centers on protecting individual IoT devices:
Embedded security agents: Employing lightweight software to monitor device
behavior and detect anomalies.
Firmware hardening: Ensuring device software is free from vulnerabilities through
rigorous testing and updates.
Secure boot process: Verifying the integrity of the device's operating system before
startup.
3. Data Security
This safeguards the information generated and transmitted by IoT devices:
Data encryption: Protecting data both at rest and in transit using strong encryption
algorithms.
Data privacy: Implementing measures to protect sensitive information from
unauthorized access.
Data integrity: Ensuring data accuracy and consistency through checksums and other
techniques.
 How Does IoT Security Work?
 IoT devices are any devices that can store data by connecting to the cloud.
 IoT devices need a special set of cybersecurity guidelines because of how they differ
from conventional mobile devices. They lack the benefit of built-in security guidelines
seen in mobile operating systems like iOS and Android.
 A lot of information is stored in the cloud, if an attacker manages to get access to the
user's account, it might be exploited for identity theft or privacy invasion.
 Although there isn't a single solution for IoT security, cybersecurity experts have made
it their mission to inform manufacturers and developers about secure coding practices
and how to strengthen cloud activity defences.
 IoT Security Issues and Challenges
Below are some challenges of IoT Security
 Lack of industry foresight: Certain sectors and their products have undergone
digital changes at the same rate as organizations. In an attempt to increase
productivity and save costs, the automotive and healthcare sectors have broadened
their range of IoT devices.
 Lack of encryption. The majority of network traffic coming from Internet of Things
devices is not encrypted which raises the risk of data breaches and security concerns.
By making sure every device is encrypted and secured, these risks may be averted.
 Multiple connected devices: Nowadays, the majority of homes have several linked
devices. The disadvantage of this ease of use is that all linked devices within the same
home will malfunction if one item malfunctions due to a security misconfiguration.
 Resource constraints. Not every IoT device has the processing capacity to include
complex firewalls or antivirus programs. Some devices can hardly connect to other
devices at all.
 IoT Security Issues and Challenges
Below are some challenges of IoT Security
 Lack of industry foresight: Certain sectors and their products have undergone
digital changes at the same rate as organizations. In an attempt to increase
productivity and save costs, the automotive and healthcare sectors have broadened
their range of IoT devices.
 Lack of encryption. The majority of network traffic coming from Internet of Things
devices is not encrypted which raises the risk of data breaches and security concerns.
By making sure every device is encrypted and secured, these risks may be averted.
 Multiple connected devices: Nowadays, the majority of homes have several linked
devices. The disadvantage of this ease of use is that all linked devices within the same
home will malfunction if one item malfunctions due to a security misconfiguration.
 Resource constraints. Not every IoT device has the processing capacity to include
complex firewalls or antivirus programs. Some devices can hardly connect to other
devices at all.
 IoT Security Issues and Challenges
Below are some challenges of IoT Security
 Lack of industry foresight: Certain sectors and their products have undergone
digital changes at the same rate as organizations. In an attempt to increase
productivity and save costs, the automotive and healthcare sectors have broadened
their range of IoT devices.
 Lack of encryption. The majority of network traffic coming from Internet of Things
devices is not encrypted which raises the risk of data breaches and security concerns.
By making sure every device is encrypted and secured, these risks may be averted.
 Multiple connected devices: Nowadays, the majority of homes have several linked
devices. The disadvantage of this ease of use is that all linked devices within the same
home will malfunction if one item malfunctions due to a security misconfiguration.
 Resource constraints. Not every IoT device has the processing capacity to include
complex firewalls or antivirus programs. Some devices can hardly connect to other
devices at all.
Thank You