Chapter 78 Β· Concepts

Securing Wireless and Mobile β€” Concepts Map

Six comparison tables: site survey tools compared, BYOD vs. COPE vs. CYOD, MDM capabilities, Wi-Fi threat vectors and defenses, wireless survey vs. spectrum analyzer, and the three wireless attack types.

Table 1 β€” Wireless Survey Tools Compared
Tool TypeWhat It ShowsBest Use CaseSees Non-Wi-Fi RF?
Built-in OS wireless utilityVisible SSIDs, signal strength of associated/nearby APsQuick check; casual troubleshootingNo
Third-party survey app (NetSpot, Ekahau, inSSIDer)All visible APs: SSID, BSSID, channel, band, signal, security type; heat map generationFull site survey; rogue AP detection; channel planning; heat mapsNo
Spectrum analyzerAll RF energy across wireless bands regardless of source (Wi-Fi, Bluetooth, microwave, etc.)Identifying non-Wi-Fi interference; finding rogue transmitters; unexplained interferenceYes
Table 2 β€” BYOD vs. COPE vs. CYOD
ModelWho Owns DeviceOrganizational ControlPersonal UseKey Security Trade-off
BYOD (Bring Your Own Device)EmployeePartial β€” MDM manages corporate partition only; personal data outside controlFull personal useLower control; privacy tension; risk at device disposal
COPE (Corporate Owned, Personally Enabled)OrganizationFull β€” organization can wipe entire device including personal dataPermitted but under organizational termsHigher control; employee privacy limited; organization bears hardware cost
CYOD (Choose Your Own Device)OrganizationFull β€” same as COPE; device is from approved listPermitted under organizational termsEmployee preference within approved models; org retains full ownership and control
Table 3 β€” MDM Capabilities and What They Address
MDM CapabilityWhat It DoesSecurity Problem It Solves
Policy enforcementPushes security configurations to enrolled devices automaticallyEnsures consistent security posture across all devices regardless of user action
Feature controlEnables/disables camera, Bluetooth, microphone, tethering based on policyPrevents unauthorized data capture or network bridging in sensitive environments
Application managementRequires/blocks specific apps; restricts app stores or categoriesPrevents malware installation and unauthorized data exfiltration via apps
Data segmentationCreates separate corporate and personal partitions on the deviceIsolates corporate data from personal apps; allows targeted wipe of corporate data only
Screen lock + PIN enforcementForces screen lock after inactivity; requires PIN/password to unlockProtects data on lost or stolen devices from immediate physical access
Remote wipeDeletes corporate partition (or entire device) from MDM consoleDestroys corporate data if device is lost, stolen, sold, or employee offboarded
Table 4 β€” Three Wi-Fi Attack Types: Threat, Method, Defense
Attack TypeWhat the Attacker DoesPrimary Defense
Data capture (eavesdropping)Captures wireless frames in range using passive monitoringEncrypt all traffic (WPA3, TLS, VPN on untrusted networks) β€” captured frames are unreadable
On-path attack (MITM)Inserts between client and AP via rogue AP or ARP poisoning; reads/modifies trafficWPA3 Enterprise with certificate auth; end-to-end TLS; avoid auto-connect to open networks
Denial of serviceFloods frequency with noise (RF jamming) or sends forged deauthentication frames (deauth attack)802.11w management frame protection; WPA3 (authenticates management frames); physical security of the space
Table 5 β€” Cellular vs. Wi-Fi vs. Bluetooth: Security Profile
TechnologyRangeWho Controls InfrastructureKey Security RisksPrimary Defenses
Cellular (4G/5G)Miles (cell coverage)Carrier β€” not the organizationTraffic interception (IMSI catchers), location tracking, global attack surface on unpatched deviceKeep devices patched; use encrypted apps; VPN for sensitive comms
Wi-Fi (802.11)100–300 ft indoors typicallyOrganization (for corporate WLAN) or uncontrolled (public)Eavesdropping, on-path attacks via rogue AP, DoS via deauth/jammingWPA3, TLS, VPN on public Wi-Fi, 802.11w, site surveys to detect rogue APs
Bluetooth10–100 meters (class dependent)Device ownerUnauthorized pairing, eavesdropping after pairing, auto-connect to spoofed deviceFormal pairing with confirmation; disable when not in use; do not accept unknown pair requests
Table 6 β€” Site Survey Purposes and Frequency
PurposeWhat It IdentifiesWhy Repeat It?
Pre-deployment planningExisting access points, channel use, interference sources, coverage needsEnvironment changes (new tenants, new devices, construction)
Rogue AP detectionAccess points not in organizational inventory that may be unauthorizedNew rogue devices may appear at any time; only periodic surveys catch new additions
Interference identificationSources of RF noise affecting network performance and reliabilityNew devices (microwave, baby monitor, neighbor's AP) may appear and cause new interference
Coverage validationDead zones, weak signal areas, areas where signal extends beyond intended boundariesPhysical changes to space (new walls, furniture, equipment) alter signal propagation