14 DAY TRIAL // Although Apple provides comprehensive enterprise management features for its iOS devices, the exact features available through MDM, as well as details of the protocol itself, are tightly controlled by Apple, according to Intrepidus Group.
Mobile Device Management (MDM) is now more important than ever, according to David Schuetz, consultant for Intrepidus Group, as organizations are pressured to rely on “iStuff” to do their job, he notes.
The need to remotely manage and control these devices has become increasingly urgent, as they are invading every level of corporate society, according to Intrepidus.
As such, David Schuetz has set out to present “Inside Apple’s MDM Black Box” at Black Hat USA 2011 to provide details on how Cupertino’s MDM works.
Mr. Schuetz will kick off with basic iOS configuration principles. Together with those attending the talk, Schuetz will explore the iPhone Configuration Utility and the default configuration profiles generated by it.
He will look at over-the-air profile delivery, and the key features and mechanisms behind MDM, including remote device locking and wiping, according to Intrepidus.
The high point of the presentation will be implementing an MDM server, “which allows organizations to manage iOS devices using official device management application programming interfaces (APIs),” Intrepidus said.
Finally, Mr. Schuetz will take some time to discuss the security and social engineering impacts of freely available MDM servers with these capabilities.
With roughly 15 years of security industry experience, Schuetz is a Computer Science graduate who previously worked in system administration.
Intrepidus Group hired Schuetz last year and assigned him to penetration testing, mobile app reverse engineering and web application security reviews.
Although he has great experience building tools for supporting vulnerability and penetration tests, including findings databases and a multi-user GUI report editor, his most recent focus has been Apple’s iOS platform.
Schuetz has developed a desire to include extensive support for large enterprise deployments.