A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
ISDPodcast Button
RootSecure Button
Social-engineer-training Button
Irongeek Button

Web Hosting:
Dreamhost Logo
Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Thomas Richards: Android in the Healthcare Workplace Derbycon 2012 (Hacking Illustrated Series InfoSec Tutorial Videos)

Thomas Richards: Android in the Healthcare Workplace
Derbycon 2012 Stable Talk

With Android tablets and phones taking over the market share of the mobile landscape; companies are starting to develop enterprise applications for this. I work for a Home Health company, basically think of visiting nurses. We have a 75% mobile workforce and we migrated our primary platform to Android. Having the need to verify our vendor's claims, I decided to assess the app to make sure my company's information was safe. The application is designed for the mobile staff to sync their work back to the "cloud." What I found was truly alarming. I will walk through my process and discuss my findings and vendor notification process that occurred as a result of my research.

Thomas Richards is an IT professional located in Rochester, NY. He currently is responsible for network and system administration for a medium sized Healthcare company. He has always had an interest in the security field and currently holds the OSCP, OSWP, GPEN, and Security+ certifications. In his spare time he conducts vulnerability research and is an active participant in his local 2600 group.

Big thanks to Damian Profancik for recording these.

Back to Derbycon 2012 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2014, IronGeek
Louisville / Kentuckiana Information Security Enthusiast