Abstract [eng] |
Nowadays mobile devices, also called smart devices, have reached memory and processing power almost equal to personal and laptop computers. This technological breakthrough has opened a lot of new possibilities for the users. They can use the mobile device to surf the internet, listen to music, watch movies or store data. Moreover, it is possible to install various mobile applications on these devices, which expand their functionality even more. Therefore, smart phones, tablets and other mobile devices have become very popular and now are an integral part of our lives. These devices are widely used not only for personal purposes but for the work too. It is very inconvenient for an employee when they have to use separate enterprise issued devices for the work needs. In this case the employee is forced to use two or more devices at the same time. It reduces the work efficiency and increases the costs of IT infrastructure. To solve these problems and create a more comfortable work environment more and more enterprises are allowing their employees to use their own personal mobile devices for the work tasks. This trend is called “bring your own device”. The use of personal mobile devices gives a lot of advantages but at the same time it exposes the enterprise to additional security threats. Employees tend to misuse their devices, they aren’t educated enough for IT security, often connect to public wireless networks and use incorrect configurations. Therefore their mobile devices are vulnerable to viruses, malware or hacker attacks. Moreover, these devices can be lost or stolen. When security breach occurs, enterprise risks losing their confidential information stored on mobile device. One of the solutions to these problems is a mobile device management system. The aim of this work is to create a mobile devices secure configuration support system. This paper is organized as follows: • In the first part of the work, the analysis of the mobile device security vulnerabilities and threats to enterprises is presented. We study mobile device vulnerabilities, security threats emerging for business and mobile device security technologies. Moreover we look at enterprise mobile security policy creation and application. • In the second part of the work, we define an enterprise employee-owned mobile devices secure configuration support system model. This model consists of system architecture, client and server communication scheme and system operating principles. Various system processes are illustrated by graphs. Also the prototype of the secure configuration support system is provided in this part of the work. • In the third part of the work, we present the results of our experiments. During the experiment, we studied the web service configurations influence to the system speed. We researched transport and message layer protocol configurations impact to request execution time. Based on the result we provide recommendations for what web service configurations should be used in the system. • Finally, we present the conclusions of the work. |