Part of my job is being an expert on various technologies. This means having hands on experience with the latest products as well as the ability to demonstrate how specific solutions work. Many vendors are virtualizing their solutions making it easier to build a home lab that is portable and light on power usage. My team has researched the best method for a mobile home lab based on price, size, power consumption and noise. After comparing various servers and laptops, we found the AppleMac mini to be the best choice. It’s small enough to fit in a backpack, low on power consumption, silent and around $1,400 fully loaded.
The Mac mini is 7.7 by 7.7 and comes with standard apple OS and a hdmi display adaptor. Some monitors may need a VGA adapter, which a adapter can be purchased for $10-25 dollars. You will need a Apple super drive to load the ESXI ISO and possibly some drivers that are lost during the install depending on your Mac mini model and method of install. I’ve heard people doing it with other media methods such as USB storage however I’ve personally only used the super drive for two different Mac minis. Make sure to have a USB mouse and keyboard as well.
This website covers how to install ESXI 5.X on an older Mac mini (2011 or older) HERE. The steps are very straight forward however one lesson learned is you HAVE TO burn the driver disk that will be mounted from a windows computer. I wasted a dozen CDs burning the drivers with my MAC using various tools yet the CD never mounted. You can use any type of device to burn the ESXI software.
Everybody hates losing things. It drives you mad looking in the same places thinking a magic gnome will put your item back. Usually that doesn’t happen. Especially when it’s a highly desired product such as a mobile device. Mobile devices are becoming a leading target for theft since they can carry as much sensitive data as a standard laptop. Hackers can steal your photos, instant messages and web history. Some mobile app leverage cookies that never expire meaning hackers could essentially access sensitive websites such as your bank account through replaying old sessions.
How are these types of hacks executed? For iOS products, a hacker could take your device, spend 10 minutes jailbreaking it so they can install a remote Trojan / Administration app before returning it. This would permit the hacker unlimited continuous access into your life. Another option is dumping the records on their computer to go through later and selling the hardware on ebay. Either way, you have been PWN3D and possible put your employer as well as family at risk of future attacks.
These are just some of the methods used if your device is stolen. See this post regarding an attack calling your phone and remotely hacking your voicemail HERE
There are things you can do to defend against mobile device theft outside not misplacing your phone. Most manufactures offer password protection as well as limiting information exposed pre-login (IE not displaying text messages or other alerts until the phone is unlocked). Enable password features and stay away from easy passwords such as a row of numbers (1234) or the same number (4444). Some devices offer more complex password options than PINs which is great if available. Shorten the sleep/auto lock timer so the window your device is unlocked is limited in the event its stolen. When you are not using your device, press the lock button. Many mobile device screens absorb fingerprints after use, which make it easy for hackers to guess your password. Consider a protection screen that includes fingerprint resistants. Some devices offer location and remote wiping services that can be used to locate and secure lost or stolen devices. Also make sure to notify your employer if a device containing cooperate email or other sensitive services is stolen.
Employers should take securing mobile devices accessing cooperate data very seriously. Some approaches to improve mobile device security are utilizing endpoint management products such as Mobile Iron or Zenprise to enable features described above as well as check for Jailbroken devices (More info on this subject can be found HERE). Employees may not be willing to apply security applications on their mobile devices, which IT could focus on protecting the network as well as data that rests on mobile devices as an alternative to MDM (mobile device management). Some examples are using access control technology to check if mobile device meets company standards before permitting access. Other options are leveraging Data Loss Prevention (DLP) technology, which stops sensitive data from moving to a mobile device or encrypting that data with additional authentication to access. Sandbox solutions are an alternative by locking down the data in a secure session that expires after use (example is Good Technology). Another important function to consider is enforcing VPN tunnels whenever a mobile device accesses data outside of the internal network. This protects against common man in the middle attacks targeted at mobile devices using open wireless networks.
The good news for employers is there are many options for securing mobile devices and the data they use. The investment in mobile security should at a minimal match securing other devices with sensitive data such as laptops and servers. Don’t let mobile devices be the weakest link into your network!
Part of my job is being an expert on various technologies. This means having hands on experience with the latest products as well as the ability to demonstrate how specific solutions work. Many vendors are virtualizing their solutions making it easier to build a home lab that is portable and light on power usage. My team has researched the best method for a mobile home lab based on price, size, power consumption and noise. After comparing various servers and laptops, we found the Apple Mac mini to be the best choice. It’s small enough to fit in a backpack, low on power consumption, silent and around $1,400 fully loaded.
