Upload
software-testing-solution
View
383
Download
8
Embed Size (px)
Citation preview
MOBILE SECURITY WITH INTUITIVE MOBILE APPLICATION TESTING PRACTICES
TESTING OF MOBILE DEVICE AND APPS TO IMPROVISE SECURITY• Mobile Security – Protection Of
Smart Phones Tablets Laptops Wearables
THREATS
APPLICATION SECURITY
• Magnitude Of Apps Downloaded • Multiple Permissions Request • Misuse Of Data• Typically Confidential And Critical Data Shared
Contacts Location Details Calendar Details
• Virus Infected Apps
DEVICE DATA LEAKAGES & INSECURE DATA STORAGES
• Mobile Malware Used To Hack Confidential Data Sensitive Data
• Data Leaks While Syncing With Enterprise Cloud• App Designs Over Look
Account Details Credit Card Numbers
• Secure Storage Methods
LACK OF DATA ENCRYPTION & BROKEN CRYPTOGRAPHY
• Common Encryption Methods are Not Fool-proof• Proper Testing Methods Advised • Cryptographic Keys Included On The Device• Keys Management On Central Server
WEAK BACK-END SECURITY • Proper Security On Servers Accessed By Apps• Device Test Strategy Helps
UNENCRYPTED WIRELESS TRANSMISSIONS• Un – Encrypted Data Transfers Can Be Intercepted In
Emails App Data
POOR MDM POLICIES
• BYOD – Poses security threats• Less Rigorous MDM Practices
Leads To Unauthorized Data Access
• A Good MDM Appreciates Differences in
Devices Operating Systems Management Strategy
• Stolen Devices
MALWARE ATTACKS • Malware Attacks Are Not Treated Properly• SMS Routed Trojan Virus Attacks
VULNERABILITIESData Flow & Audit Trails
Data Storage EncryptionDatabases
CloudsData Leakage Points
User Authentication & Authorization
Points Of Entry Into The SystemBack End
Lost Device Management
SECURITY REQUIREMENTS
• Define Scope Under Usefulness Of The Mobile System
• Study The Scope • Gauge
• Security Requirements Probable Breaches Expected Attacks
• Determine The Testing Framework And Tools According To Requirements
TESTING RULES
• A Healthy Balance between Automated and Manual Testing Tools
• Human Intelligence Should Be Used • Use Multiple Mobile App Testing Tools • Versatile Team With Dynamic Testers
VISITW W W. S P E C - I N D I A . C O M
& R E Q U E S T A F R E E P O C
T O T E S T D R I V E O U R S E RV I C E S