Maintaining Android in the enterprise
Risk Management
Conclusions
Android is insecure; the add-on software that many manufacturers offer does nothing to change this. Add-ons are not enough to instill confidence in an insecure OS. If you want to avoid big expenditures, you need to take steps yourself to provide a clean, working device to your employees if worst comes to worst.
With the right analysis tools, you can perhaps also find out which door was left open and then use apps such as the AFWall+ firewall to introduce appropriate measures and close the door in the future. There is no alternative to hoping your employees act sensibly and building up mutual trust.
Security experts, such as those at the it-sa IT Security Expo, agree: Android and Apple devices in the enterprise are like PCs in Internet cafes: They are insecure and constantly exposed to threats that cannot be controlled. The only remedy is a regular reinstall.
Infos
- SUSECon: http://www.susecon.com
- "Architectural Failures" by Markus Feilner. Linux-Magazin , October 2012, p. 28 [in German]
- Android SDK: https://developer.android.com/sdk/index.html
- XDA Developers: http://www.xda-developers.com
- AndroidPIT: http://www.androidpit.com
- Superuser: https://play.google.com/store/apps/details?id=com.noshufou.android.su&hl=en
- Network Log: https://play.google.com/store/apps/details?id=com.googlecode.networklog&hl=en
- AFWall+: https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall
- Titanium Backup: https://play.google.com/store/apps/details?id=com.keramidas.TitaniumBackup
- "Admin's Little Helpers" by Holger Gantikow and Markus Feilner: Linux Magazine , issue 158, pg. 30: http://www.linux-magazine.com/Issues/2014/158/Admin-s-Little-Helpers
- CyanogenMod: http://www.cyanogenmod.org
- Sleuth Kit: http://www.sleuthkit.org/
- viaForensics: https://viaforensics.com/android-forensics/google-nexus-yaffs2-images.html
- Yaffs: http://www.yaffs.net
- Wear leveling: http://en.wikipedia.org/wiki/Solid-state_drive
- "Volatility 2.3" by Markus Feilner and Hans-Peter Merkel: Linux Magazine , issue 157, pg. 42: http://www.linux-magazine.com/Issues/2013/157/Volatility-2.3
- Sample memory images: http://code.google.com/p/volatility/wiki/SampleMemoryImages
- Creating your own memory dumps: http://code.google.com/p/volatility/wiki/AndroidMemoryForensics
- Google NDK: http://developer.android.com/tools/sdk/ndk/index.html
The Author
Hans-Peter Merkel has focused on data forensics for many years in the open source community. He trains employees of law enforcement agencies in Europe, Asia, and Africa and is a founder member and chairman of FreiOSS and Linux4Afrika!
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
US / Canada
UK / Australia
Related content
-
Forensic Analysis on Linux
In computer forensics, memory analysis is becoming increasingly important as a means for investigating security incidents. In this article, we provide an overview of the various memory dumping options on Linux and introduce the support in Linux for the Volatility Analysis Framework.
- Millions of Android Devices Affected by Chinese Malware
- More Than 80% of Android Devices at Risk of Attack
- Bad Trojan Threatens Two Thirds of All Android Devices
- Qualcomm Bug Threatens Millions of Android Devices