mobile security with intuitive mobile application testing practices

MOBILE SECURITY WITH INTUITIVE MOBILE APPLICATION TESTING PRACTICES

TESTING OF MOBILE DEVICE AND APPS TO IMPROVISE SECURITY• Mobile Security – Protection Of

Smart Phones Tablets Laptops Wearables

THREATS

APPLICATION SECURITY

• Magnitude Of Apps Downloaded • Multiple Permissions Request • Misuse Of Data• Typically Confidential And Critical Data Shared

Contacts Location Details Calendar Details

• Virus Infected Apps

DEVICE DATA LEAKAGES & INSECURE DATA STORAGES

• Mobile Malware Used To Hack Confidential Data Sensitive Data

• Data Leaks While Syncing With Enterprise Cloud• App Designs Over Look

Account Details Credit Card Numbers

• Secure Storage Methods

LACK OF DATA ENCRYPTION & BROKEN CRYPTOGRAPHY

• Common Encryption Methods are Not Fool-proof• Proper Testing Methods Advised • Cryptographic Keys Included On The Device• Keys Management On Central Server

WEAK BACK-END SECURITY • Proper Security On Servers Accessed By Apps• Device Test Strategy Helps

UNENCRYPTED WIRELESS TRANSMISSIONS• Un – Encrypted Data Transfers Can Be Intercepted In

Emails App Data

POOR MDM POLICIES

• BYOD – Poses security threats• Less Rigorous MDM Practices

Leads To Unauthorized Data Access

• A Good MDM Appreciates Differences in

Devices Operating Systems Management Strategy

• Stolen Devices

MALWARE ATTACKS • Malware Attacks Are Not Treated Properly• SMS Routed Trojan Virus Attacks

VULNERABILITIESData Flow & Audit Trails

Data Storage EncryptionDatabases

CloudsData Leakage Points

User Authentication & Authorization

Points Of Entry Into The SystemBack End

Lost Device Management

SECURITY REQUIREMENTS

• Define Scope Under Usefulness Of The Mobile System

• Study The Scope • Gauge

• Security Requirements Probable Breaches Expected Attacks

• Determine The Testing Framework And Tools According To Requirements

TESTING RULES

• A Healthy Balance between Automated and Manual Testing Tools

• Human Intelligence Should Be Used • Use Multiple Mobile App Testing Tools • Versatile Team With Dynamic Testers

VISITW W W. S P E C - I N D I A . C O M

& R E Q U E S T A F R E E P O C

T O T E S T D R I V E O U R S E RV I C E S