Page 839 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 839

someone could easily eavesdrop on a conversation on a cordless phone
               since its signal is rarely encrypted. With a frequency scanner, anyone

               can listen in on your conversations.


               Mobile Devices

               Smartphones and other mobile devices present an ever-increasing
               security risk as they become more and more capable of interacting
               with the internet as well as corporate networks. Mobile devices often
               support memory cards and can be used to smuggle malicious code into
               or confidential data out of organizations. Many mobile devices also

               support USB connections to perform synchronization of
               communications and contacts with desktop and/or notebook
               computers as well as the transfer of files, documents, music, video,
               and so on. The devices themselves often contain sensitive data such as
               contacts, text messages, email, and even notes and documents.

               The loss or theft of a mobile device could mean the compromise of
               personal and/or corporate secrets.

               Mobile devices are also becoming the target of hackers and malicious

               code. It’s important to keep nonessential information off portable
               devices, run a firewall and antivirus product (if available), and keep
               the system locked and/or encrypted (if possible).

               Many mobile devices also support USB connections to perform
               synchronization of communications and contacts with desktop and/or
               notebook computers as well as the transfer of files, documents, music,
               video, and so on.


               Additionally, mobile devices aren’t immune to eavesdropping. With
               the right type of sophisticated equipment, most mobile phone
               conversations can be tapped into—not to mention the fact that anyone
               within 15 feet can hear you talking. Employees should be coached to be
               discreet about what they discuss over mobile phones in public spaces.

               A wide range of security features is available on mobile devices.

               However, support for a feature isn’t the same thing as having a feature
               properly configured and enabled. A security benefit is gained only
               when the security function is in force. Be sure to check that all desired
               security features are operating as expected on any device allowed to
   834   835   836   837   838   839   840   841   842   843   844