Presented at
BSidesLV 2023,
Aug. 9, 2023, 2 p.m.
(Unknown duration)
On the BYOD bandwagon, it's more important than ever to understand how to secure the Android enterprise ecosystem. However, managing the security of this solution entails understanding how the ecosystem is designed and its threat model from the point of view of the three main stakeholders - the IT administrator, the Enterprise Mobility Management (EMM) service provider and the work apps developer.
In this session, we will explore Android Work Profiles which provide platform-level separation of work apps and data, giving organizations full control of the data, apps, and security policies within a work profile. We will address the questions of personal apps querying work app data, the possibility of IT admins expanding their privileges, and how rootkits, and malicious apps installed within either the work or personal profiles can violate security assumptions. We will demonstrate this research via proof of concept (PoC) walkthroughs and exploits.
We close our talk by supplying actionable steps anyone can follow, providing a cheat sheet for work profile security configurations offered by any EMM Service (Microsoft Intune, MobileIron, Samsung Knox, etc.)
Join us for a thought-provoking discussion on the balance between security, control, and privacy in the rapidly changing mobile security landscape.
Presenters:
-
Priyank Nigam
As an offensive security engineer, Priyank's primary areas of focus is conducting security exercises that emulate real-world threats impacting billions of users.
His forte is web/mobile application security assessments, network penetration testing and secure source code reviews. In the past, he has advised Fortune 500 brands and startups and does mobile and IoT related research in his spare time.
As a new parent, he is now (re)learning hacking from his toddler who defeats all the "restrictions" to limit their mobility.
Links:
Similar Presentations: