Description: With Android tablets and phones taking over the market share of the mobile landscape; companies are starting to develop enterprise applications for this. I work for a Home Health company, basically think of visiting nurses. We have a 75% mobile workforce and we migrated our primary platform to Android. Having the need to verify our vendor's claims, I decided to assess the app to make sure my company's information was safe. The application is designed for the mobile staff to sync their work back to the "cloud." What I found was truly alarming. I will walk through my process and discuss my findings and vendor notification process that occurred as a result of my research.
Thomas Richards is an IT professional located in Rochester, NY. He currently is responsible for network and system administration for a medium sized Healthcare company. He has always had an interest in the security field and currently holds the OSCP, OSWP, GPEN, and Security+ certifications. In his spare time he conducts vulnerability research and is an active participant in his local 2600 group.
Tags: securitytube , hacking , hackers , information security , convention , computer security , derbycon-2012 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.