Tag Archives: mobile device security

February 14, 2013

The Importance of a BYOD Policy for Companies

Here is a guest post from Pierluigi Paganini. He is a security researcher for InfoSec Institute. InfoSec Institute is an information security training company now offering a mobile computer forensics course.

The IT landscape is dominated by the rise of paradigms such as cloud computing, mobile networking, and social networking, three concepts that have totally revolutionized the daily user’s experience on the web.

Users, in a more or less conscious way, have now become slaves of the concepts of mobility and connectivity, technological change has been rapid and has involved masses of people as never before. There are a billion people, acting as nodes in a global network and exchanging an unimaginable quantity of data, while ignoring the basic concepts of information security.

-        Which means are used for the data transfer?
-        Are the communications channels secure?
-        Where is the user’s information hosted?
-        What is the impact on user’s private and what is the impact of technological innovation for business?

All of these questions need careful reflection to avoid serious consequences for our data, for our digital identities, for our business.

Every day we read the world “BYOD” in many articles, but how much we know about it?

BYOD is an acronym for “bring your own device” and it refers to the fact that employees, business partners, and other users bring their own mobile computing devices, such as laptops, tablets, and smartphones, to the workplace for use and connectivity on the corporate network and for access to business data. The repercussions, from the security perspective, are extremely serious, because the absence of proper policies regulating the use of these devices exposes user and company to risk of data leak and cyber attacks.

These policies have to address the ways in which employees could use the devices once out of workplace, the mechanisms of access protection to be adopted, data encryption, data accessible by the mobile platform, and limiting the execution of applications that can be run outside the company (e.g., email client or data mining applications).

Suggestions for a secure BYOD policy

The proper management of mobile devices and their use by employees when outside is a critical aspect for the security of enterprises. Companies today may choose to be compliant to different standards and regulation; the majority of them, such as ISO 27001, already cover many aspects that could improve a BYOD policy.

Because the presence of mobile devices inside companies and government agencies has increased at an impressive rate, ordinary business relationships with other enterprises, such as clients and providers, require the definition and the adoption of a proper BYOD policy. Sophos proposed a document titled “BYOD Risks and Rewards” that reports that one in four devices used today for work are either smartphones or tablets.

Figure 1 – Sophos BYOD Survey

The SANS (SysAdmin, Audit, Networking, and Security) Institute in March 2012 published the whitepaper “SANS Mobility/BYOD – Security Survey.” The survey found that “only 9 percent of respondents felt completely aware of all mobile devices accessing their enterprise infrastructure and applications. At the same time, nearly 40 % felt they were fully aware of their devices, while nearly half did not have the level of awareness that they should.”

Figure 2 – SANS Institute -State of Mobile Devices Awareness

Continue reading →

Rating: 2.0/5 (1 vote cast)

Hacking the iPhone : Breaking Pins and Passcodes : Booting without approved Apple Firmware

“My buddy Aamir Lakhani is developing a iOS security class and recently posted about hacking iOS devices. This is a very popular subject and want to share this. Also shout out to Tom Bedwell for his assistance with the research. You can find the original posting at www.cloudcentrics.com”

iOS devices can be booted with their own kernel and micro operating systems instead of approved Apple firmware. When iOS devices are loaded with a micro kernel, you can run attacks such as bypassing the passcode, decrypting passwords, copying file systems, viewing emails and much more. The following guide describes how to create a RAM DISK, however it may not function precisely as a step-by-step instruction set, since each system is unique and requires some level of customization.

Note: If you run in to trouble when creating a RAM DISK due to unique OS configurations and code versions, don’t despair.

If you want to take the easy way

Download: http://cloudcentrics.com/wp-content/uploads/2012/11/iphone-dataprotection-modifed.zip

- and then complete step 11 then proceed to step 20.

Now let the real fun begin

IMPORTANT: Watch the word wrap. Many commands are single line and may be wrapped on multiple lines.

Step 1: Uninstall file system readers

If you have a system tool such as MacFuse or Tuxera, uninstall the program before starting and reboot your machine.

Step 2: Install Xcode from the Mac App Store

Step 3: Download and install Xcode Command Line Tools:

1. Download Xcode from the Apple App Store
2. Launch Xcode and go to preferences
3. Install Xcode Command Line tools and Simulators

Step 4: Open the Terminal App.

Make sure you are in your home directory. In my case the home directory is /Users/alakhani
Continue reading →

Rating: 0.0/5 (0 votes cast)

1 Comment

Filed under Bring Your Own Device BYOD, Host And Mobile Device Security, Penetration / Hacking

Tagged as 802.1x, Aamir Lakhani, apple, Apple firmware, apple security, breaking iOS, Breaking Passcodes, Breaking Passwords, Breaking Pins, end point management, Fuse, hacking, hacking apple devices, hacking passwords, hacking phones, hacking tools, Home, http://www.cloudcentrics.com/, iOS, iOS firmware, iOS kernel, iOS SDK, iPhone, iPhone 5, jail breakable iOS, jailbreak, jailbreaking phones, Joey, Joey Muniz, joseph, joseph muniz, Mercurial, micro operating systems, mobile, mobile device, mobile device management, mobile device security, mobile endpoints, Mobile phone security, Muniz, network security, Python, RAM DISK, redsnow, Security, USB Multiplexing, wireless hacking, wireless security, World Wide Technology, world wide technology inc., wwt, Xcode

October 15, 2012

Zenprise 7.01 Out Now : What’s New From Previous Version 6.6

Zenprise recently released an upgrade to their flagship mobile device management MDM solution. My team has been showcasing a previous version 6.6 and went through the upgrade to Zenprise 7.01 this week. The Zenprise ZDM upgrade took around 15- 20 minutes, which steps included upgrading the software and java on the hosting server. Here is a comparison of both versions of Zenprise ZDM.

Dashboard: Zenprise 7.01 now includes a dashboard or centralized landing page. From a visual perspective, it’s a great way to quickly identify the state of the system and managed endpoints. The picture below is customized for 6 different reports. Functionality wise, the previous version of Zenprise could accomplish the same things by clicking around.

iOS and Android Enrollment: The new 7.01 version of Zenprise offers a dedicated section for device enrollment that includes options such as MDM server discovery, email or SMS notification. We felt enrollment was a weak spot for Zenprise however this release dramatically simplifies the process. The group enrollment features makes it much easier to deploy the Zenprise MDM software to a larger number of users at once. Furthermore, Zenprise 7.01 can import a CSV file to populate its database for bulk enrollment.

iOS Location Services, Geo-tracking and Geo-fencing: This is a huge feature. Admins can set location service policies to located devices at any given time. Geofencing allows admins to define a geographic perimeter and perform a selective or full wipe upon perimeter breach. We have had requests for Geofencing that range from stopping students from walking off with school issued mobile devices to military secured facilities wiping any device that leaves the controlled area. In high security areas it it possible to wipe a device on-demand as it exists a “safe” zone. Continue reading →

Rating: 0.0/5 (0 votes cast)

Configuring On-Boarding Using Identity Services Engine ISE 1.1MR / 1.1.1

Cisco recently updated their flagship access control solution Identity Services Engine ISE label 1.1.1 or ISE 1.1MR (Maintenance Release). See more on ISE HERE. My team has received lots of questions around on-boarding new devices with ISE. This post will focus on this feature and assumes a standard ISE design is enabled for wireless access.

On-boarding simply means brining a new device onto the network for the first time. This process includes certificate enrollment and profile provisioning without involving IT as well as little interaction with the end user. ISE 1.1MR accomplishes these goals levering an existing Certificate Authority, user database such as Active Directory and ISE framework.

The ISE on-boarding process can vary however will be explained as having a new device connecting to a SSID specified for on-boarding new devices (can be open or secured with PEAP). Devices that connect to the on-boarding SSID will be redirected to a guest registration portal. The user will authenticate, which will trigger the certificate enrollment and profile provisioning process. Parameters to connect to the internal secure SSID will be included with the configuration profile that is provisioned to the mobile device post authentication. From that point on, the device will use the internal SSID for network access, which may have different ISE authorization rules depending on the design. Devices that fail to complete the on-boarding process will default to ether a guest SSID or be denied access depending on the desired policy.

WIRELESS: On-boarding can be designed many ways however for this post we will use two SSIDs called Provisioning_Wireless for new devices and Employee_Wireless for existing approved devices. An accesslist limiting access to ISE, DHCP and DNS will be enabled to prevent devices from staying on the provisioning SSID. A possible configuration for both SSIDS could be as follow

Attribute: Provisioning_Wireless / Employee_Wireless
Broadcast SSID: Enable / Enable
Layer2 Security: None / WPA+WPA2
MAC Filtering: Enable / Disabled
WPA+WPA2 Parameters: None / WPA2 Policy, AES, 802.1x
Layer 3 Security: None / None
AAA Server: ISE / ISE
Advanced: AAA Override Enabled / AAA Override Enabled
Advanced: NAC State – Radius NAC / NAC State – Radius NAC

To build this, go to WLANs > Create New > Go and fill out the profile details. Use NONE for the layer 2 settings so it’s OPEN. For AAA, set the Radius server for ISE. Under advanced, enabled Allow AAA Override and change the NAC state to Radius NAC. Go to Controller > General > Fast SSID change and enabled Fast SSID to help speed up the SSID changing.

ISE: (1) First in ISE setup Active Directory by going to Admin > External Identity Sources > Active Directory and join ISE to an AD system.

(2) Next go to Admin > External Identity Sources > Certificate Authentication Profile > ADD to define the certificate authentication profile (name it and choose Common Name for X509).

(3) Next define an Identity Source Sequence by going to Admin > Identity Source Sequences > Add. Give it a name, enabled and select the certification profile you just created then add AD for the authentication search list.

(4) Next configure ISE to act as a Simple Certificate Enrollment proxy server (SCEP). Go to Admin > Certificates > SCEP CA Profiles > Add. After defining your SCEP server, ISE will download the RA and root CA certificates of the CA server (this can be verified uner the certificate store via SYSTEM > Certificate > Certificate Store).

For this scenario, we will configure ISE authentication to use MAB for on-boarding new devices. It many cases, ISE will not know the MAC address in advance so it must be configured to continue the authentication process via redirection regardless.

This is done in ISE:

(1) Going to Policy > Authentication, choose your MAB wireless policy, click the carrot after allow protocols to show the user options and click the + sign for use.

(2) Select IF USERS NOT FOUND, CONTINUE. As a reminder, ISE Authentication policies are verified top down so make sure your MAB policy used for BYOD is at the top and open for all identity stores. You should lock down the 802.1x wireless to only wireless certificates.

Client provisioning is based on how ISE classifies the client machine. There are customized packages in ISE available that include a software-provisioning wizard, which configures 802.1x settings and ability to obtain digital certificates on the endpoint.

To download wizard packages in ISE, go to Policy Elements > Results > Client Provisioning > Resources > Add. Common mobile devices such as iOS typically have these settings enabled natively so a wizard is not needed.

To configure client provisioning in ISE:

(1) Go to Policy Elements > Results > Client Provisioning > Resources > Add.

(2) Create a native suppliant profile by giving it a name, selecting the Wireless Checkbox, your on-boarding SSID, WPA2 for security, TLS for allow protocals and key size 2048.

(3) Next go to Policy > Client > Provisioning to build your provisioning resources. Create one for native devices and select the mobile profile you just created for the results (example RULE = IOS, Identiy Group = Any, Operating systems MAC IOS ALL and your new mobile profile for results).

(4) Create another that is similar however use Android for the operating systems. Create a third for generic MacOsX devices and use the downloaded wizard. You may also want to create a separate one for Wired and Wireless. The same goes for two more to cover wireless and wired Windows devices. Here is an example of my Client Polices

The final steps are verifying profiling for wireless is working as well as your authorization profiles are setup for redirection, employee and guest access (see previous postings for these configs). These can vary depending on how you want to restrict devices that pass and fail your polices.

Written by Joseph Muniz and Aamir Lakhani

Reviewed by Aman Diwakar and Brian Trulove

Rating: 5.0/5 (1 vote cast)

4 Comments

Filed under Bring Your Own Device BYOD, Network Admission Control

Tagged as 802.1x, Access Control, bring your own device, bring your own technology, byod, CAM, CAS, Cisco, Cisco NAC, Clean Access, Client Provisioning, Enhanced Client Provisioning, Guest Server, Home, Identity Services Engine, iPad, iPhone, ISE, ISE advance license, ise lab, ISE new device, ISE new features, ISE1.0, ISE1.1, ISE1.1.1, ISE1.1MR, Joey, Joey Muniz, joseph, joseph muniz, Maintenance Release, mobile, mobile certificate, mobile device, mobile device management, mobile device security, Mobile phone security, Muniz, NAC, NAC appliance, NAC to ISE, network access control, network security, on boarding, on-boarding SSID, prime, Profiler, testing mobile security, trustsec, wireless security, World Wide Technology, world wide technology inc., wpa2, wwt

November 25, 2011

Test The Strength Of Your Security

Many agencies spend millions on security each year. Security investments range from firewalls to contractors, which spending is typically based on weighing risk of loss against cost to protect. Sometimes it’s difficult to evaluate the return on investment for security since the desired end result is not being compromised rather than a particular outcome that can be measured. Studies show regardless of the level of spending for security, the majority of IT management doesn’t know how effective their defenses are against today’s threat landscape. Here are some ways to evaluate the strength of your security.

Secure all access points to your network

* Security is as strong as your weakest link. Make sure all access points are secured or you will eventually be compromised. The common access points are Email, Web, LAN, Wireless, VPN, Data Center, Endpoint (laptops, desktops, etc.) and Mobile Devices.

Scan desktops and servers for vulnerabilities

* Tools are available for penetration testing such as Saint, Tenable, Core Impact and Rapid 7. The concept is simple … test for the same vulnerabilities hackers use to access your network. Penetration tools look for open ports, unpatched servers and other means hackers could use to compromise your equipment. The industry leaders typically can test all network nodes and include recommendations for remediation.

Evaluate network traffic for malicious intent

* Network forensic tools are available for capturing and categorizing network traffic (Example HERE). You will not know you are compromised if none of your security devices are triggered. Looking at traffic at the packet level can identify unknown communication through unrecognized ports, traffic with foreign entities or other red flags that indicate you have been compromised. Typically forensic skillsets are required to identify threats however manufactures like NetWitness offer great tools for simplifying packet level analytics.

Include failsafe security solutions that rate your existing toolsets

* Best practice is to test the effectiveness of your existing security toolsets. The most popular method is placing honeypots on your network with the goal of luring hackers who bypass your security into highly monitored systems. Other toolsets are available for testing your signature and behavior based tools such as Spectrum by NetWitness that can flag if specific threats could bypass your security. Another interesting tool is by FireEye that runs threats in a virtualized honeypot to identify malicious behavior.

Standardize and monitor your network device configurations

* Enforce a baseline template for all network devices to avoid vulnerable configurations and software. Network management tools by SolarWinds, Cisco, EMC, etc. can enforced standardized code and configurations as well as monitor if changes are made. I personally like 360GRC’s ConfigScan for evaluating configurations for vulnerabilities specified by industry standards.

Profile all devices on the network.

* Use a profiling tool such as Cisco ISE or Greatbay to identify what types of devices are on your network based on how they communicate. You may be surprised to find a few Xboxes hidden in a corner office.

Categorize Sensitive Data.

* Data Loss Prevention (DLP) leaders such as RSA and Symantec offer various tools that locate and categorize sensitive data. Make sure sensitive data is controlled and protected.

Test your staff with social engineering attacks.

* People will always be your weakest link. The only way to improve this is through training. I’ve seen customers use social engineering attacks on their users and show the results as a means of training. There are many online forums that can assist with developing your social engineering training strategy.

Periodically audit your network.

* Use unbiased consultants to help you understand how vulnerable you are.

Rating: 0.0/5 (0 votes cast)

4 Comments

Filed under General Security, Security Management & Analysis

Tagged as 360GRC, Access Control, ATP, audit your network, Categorize Sensitive Data, Cisco, Cisco Network Compliance Manager, ConfigScan, core impact, Data Loss Prevention, DLP, EMC, EMC Voyence, end point management, fireeye, Greatbay, honeypot, Identity Services Engine, ISE Profiling, Joey, Joey Muniz, joseph, joseph muniz, mobile, mobile device, mobile device management, mobile device security, NAC, NCM, NetWitness, NetWitness Investigator, network access control, Network Compliance Manager, network forensic, network security, Opsware, rapid 7, RSA, Saint, Security, security audit, Security investments, social engineering, Spectrum, Symantec, Tenable, test security, Voyence, vulnerabilities, wireless security, World Wide Technology, world wide technology inc., wwt

October 30, 2011

Configuring Cisco ISE With Wireless For Mobile Device Access Control : iPad Android Etc.

My team built a Cisco Identity Services Engine ISE demo lab designed to secure mobile devices such as iPads, Androids, etc. We ran into a few snags however in the end got the system to work nicely. Here is a guide to help you build a Cisco ISE lab for securing mobile devices.

First the assumption is you have a standard Cisco ISE configuration built. In our lab, we use Cisco UCS to host a virtualized ISE appliance, Active Directory and other services. For hardware, we had a Cisco 3560 switch running 12.2 55E (downgraded from 12.2 58), ASA 5505 (for outbound NATing, info HERE) and Cisco Wireless network consisting of two APs and WLC appliance (NOTE: WLC MUST run 7.X code for Radius between ISE and WLC to work!!!). The ISE system was synched with AD for three identity groups (employees, contractors and guests). We used the default 90-day demo license and enabled all profiling probes. The wireless system was built in a standard fashion.

To start off, its VERY important to check the time in AD (windows clock) and ISE (show clock command). If time is not synched, your radius authentication will fail with a variation of funky error messages (see ISE monitor image above). Once groups are added, test AD users in ISE under external identity store, AD, Connect to make sure the AD / ISE integration is working. Next go to Authentication and verify you have a default 802.1x policy. Click the little triangle and change the ISE identity sources to AD (see below). This will tell ISE to query AD for any device accessing the network using 802.1x. Next go to Network Devices under Administration and add a new network device. Fill out the form for your Wireless LAN controller and configure a shared radius key (cisco guides explain this).

On WLC, go to security and add ISE for radius authentication and accounting. Make sure to match the shared secret used in ISE! Next create the WLAN for your environment. Under Security and Layer 2 in your WLAN, make sure Auth Key Mgmt is set to 802.1x. Under the AAA Server tab add your services via selecting from the scroll down section or manually. Under advanced, check AAA override and scroll down to radius NAC under NAC state. Enable your WLAN and save.

Back in ISE, go to Profiling under Policy and select the mobile profiles you want to include in your lab. Each profile by default will state “Use Hierarchy”. Change this to “Create Matching Identity Group” (see image below).

Next go to Rules under Policy and click down into the Authorization Profiles section under Authorization. This section tells what to do with authorized users. In our ISE lab, we created an iPad Employe and iPad Guest policy which employees were put into VLAN 10 and guests in VLAN 20. You can put users on the same vlan and apply ACLs for control, create a redirection if posture is desired or other combinations of security. Spend time learning the different options for authorization.

The final step is buiding your ISE Authorization policy under the Policy tab. We created rules for specified devices as the Identity Source such as Apple-iPad and Apple-Device as seen in the default profiling section. NOTE: The device profiles you changed to “Create Matching Identity Group” will appear here. Under conditions, click new condition, select your AD, select = and whichever group of users should apply. Below is our ISE policy covering general Apple Devices, Ipads, Iphones and PC workstations for employees and guests. An example is the Identity Group is Apple-iPad, Condition is AD users = to AD_group_employes then apply iPadEmployees which means all iPads used by Employees will end up in Vlan 10 as specified by the iPadEmployee policy.

Hopefully this guide helps you with your ISE mobile device testing.

Rating: 5.0/5 (4 votes cast)

21 Comments

Filed under Bring Your Own Device BYOD, Host And Mobile Device Security, Network Admission Control, Wireless Topics

Tagged as 802.1x, Access Control, ACS, ACS5.0, ACS5.1, ACS5.2, android security, Cisco, Cisco NAC, Cisco Wireless Lan Controller, Clean Access, end point management, enterprise mobile device, Home, Identity Services Engine, iPad, ipad security, iPhone, iphone security, ISE, ise android, ISE authentication, ise authorization, ise ipad, ise iphone, ise lab, ISE MDM, ise profiles, ISE wireless, ISE1.0, Joey, Joey Muniz, joseph, joseph muniz, MDM, MDM lab, mobile device lab, mobile device management, mobile device security, Mobile phone security, Muniz, NAC, NAC appliance, network access control, network security, Radius, secure x, Security, wireless access control, wireless ISE, wireless lan controller, wireless security, WLC, World Wide Technology, world wide technology inc., wwt

October 17, 2011

What To Look For In A Mobile Device Management MDM Solution

IT administrators are being asked to come up with ways to permit mobile devices onto the corporate network in a secure fashion (via MDM Solution or other technology) . This subject touches a few technology areas such as access control, secure wireless, data protection and secure management of mobile devices however the focus for this piece will be mobile device management. Members of my team have tested the MDM leaders such as Mobile Iron, Airwatch, Zenprise, Good Technology, McAfee, Symantec, etc. and summed up the following as things to consider when evaluating a Mobile Device Management solution.

The first thing to consider is your desired MDM Solution Policy. Typically there are three scenarios to address:

1) GUESTS / PERSONAL DEVICES – Devices coming on the network as guests that you don’t manage or access internal data

2) CONTRACTORS / PERSONAL DEVICES ON NETWORK- Devices coming on network with partial access to corporate data

3) EMPLOYEES / CORPORATE DEVICES - Devices with full network access and managed by corporate.

The target of most MDM solution requirements is addressing items 2 and 3 while item 1 is typically covered by an access control technology. The two common approaches taken by MDM vendors are a sandbox or endpoint management offering. Sandbox or secure container technologies provide the most security by protecting corporate data within a sandbox application. Policies for encryption, data loss prevention and limiting data access can be controlled through MDM issued access methods rather than what is offered by the device manufactures. Most mobile device offerings give power to users (all but blackberry) however sandbox technology protects the data regardless of rights provided to users. The main con against the sandbox approach is not utilizing native device applications such as built in email, which tends to impact user acceptance. Good Technologies is an example of a sandbox based MDM solution.

MDM solutions that offer an endpoint management approach support specific vendors (Apple iOS, Android, etc) and compliment existing native applications. Application management MDM solutions leverage an agent on mobile devices to control applications as well as issue commands such as remotely wiping sensitive data. Its hard to say application management MDM solutions address a specific threat category however risk is dramatically reduced by using them to remove hacked / jail-broken devices, permitting approved applications and managing native security options such as passwords and data removal. Application management MDM solutions tend to be more suited for “Bring your own device” requirements while sandboxed MDM solutions favor corporate issued mobile devices.

Other factors to consider are provisioning mobile devices and proper control of data access. Consider the activation and enrollment options for the three use cases listed above (Guests, Contractors and Employees). Can employees register personal devices for access via a GUI or will it require an administrator? How well does the MDM solution assign and manage corporate controlled devices? What are the maintenance options regarding standardizing and upgrading mobile device software for corporate managed assets? Can the MDM solution provide reports listing all applications on mobile devices accessing the network? A strong MDM solution should handle all of these, which specific data access is controlled based on how users authenticate via local authentication or advance access control solutions.

The final thing to consider is MDM security features which usually are common across the leading vendors. Top features include verifying device configuration policies such as checking for hacks or jailbreaks. Policies should be flexible depending on if devices are corporate or personal. Mobile device applications should be verified and controlled to avoid vulnerable software such as a game with backdoor malicious intent. Remote wipe capabilities should be available and focus only on corporate data (IE do not wipe personal email, contacts, etc. without the end-users’ permission). Data protection such as password enforcement should be enabled through a centralized platform. All of these features should be displayed in a report so leadership can verify the security status of mobile devices accessing corporate data.

Every MDM vendor has their own way to accomplish its features so it’s a good idea to develop your policy and match it to MDM solution rather than an open comparison between products. Hopefully this gives you some points to consider for your MDM evaluation. Also note subjects like access control, two-factor authentication, secure wireless and other technologies should be considered for a complete solution.

Rating: 5.0/5 (3 votes cast)

16 Comments

Filed under Bring Your Own Device BYOD, Host And Mobile Device Security

Tagged as Access Control, Airwatch, android, android security, apple security, application sandbox, black berry, corporate iphone policy, Data Loss Prevention, DLP, end point management, enterprise iphone policy, enterprise mobile device, Good Technology, iPad, iPhone, iphone 4, iphone s, iphone security, Joey, Joey Muniz, joseph, joseph muniz, laptop, McAfee, MDM, mobile, mobile device, mobile device management, mobile device security, Mobile Iron, mobile phone, mobile policy, mobile sandbox, Muniz, sandbox, securing iphones, Security, Symantec, wireless access control, wireless security, World Wide Technology, world wide technology inc., wwt, Zenprise

Tag Archives: mobile device security

The Importance of a BYOD Policy for Companies

Hacking the iPhone : Breaking Pins and Passcodes : Booting without approved Apple Firmware

Zenprise 7.01 Out Now : What’s New From Previous Version 6.6

Configuring On-Boarding Using Identity Services Engine ISE 1.1MR / 1.1.1

Configuring Cisco ISE With Wireless For Mobile Device Access Control : iPad Android Etc.

What To Look For In A Mobile Device Management MDM Solution

Search

Topics

Cisco ISE Documentation

Subscribe

Blogroll