CoSoSys, a mobile device management and endpoint security firm, is incorporating iBeacon technology in its MDM platform to provide location-based mobile device policy enforcement.
Beacon technology can be used to track the location of mobile devices inside a building and enforce mobile device policy based on location. For example, device functions, such as the camera, can be disabled when the mobile device is in a conference room. Or certain apps can be enabled or disabled when appropriate based on location.
Combining MDM and beacons can prevent theft of confidential information, explained Gabriel Kang, managing director of CoSoSys Korea. Using beacons in this way or any other doesn’t come without risks, though. Kang identified two security risks when using iBeacon technology — hijacking and spoofing. Hijacking is when an attacker hacks into a beacon, takes control of it and provisions the beacon with a new configuration. To prevent this from happening, each beacon can be set up with a private encryption key and the mobile SDK relays the encrypted messages.
Spoofing is when a fake beacon is placed near a legitimate beacon and impersonates the configuration of the legitimate one. This can result in fake notification processing. To prevent this, users can employ beacon identity validation. The beacon notification initiates a beacon identity validation, and the mobile app initiates a security handshake, Kang said.
As long as these beacon security issues are addressed properly, beacons and MDM can be used as effective data security tools for the enterprises, he said.