BYOD security issues need to be addressed

Seven BYOD security solutions

BYOD PolicyAs the use of BYOD increases, security is more of an issue and needs to be revisited frequently.

Bring Your Own Device Sample

Some of the solutions for BYOD environments include:

  • Restricting access to hardware, such as prohibiting the use of removable storage when accessing enterprise information, to prevent that data from being saved on removable media that is outside the enterprise’s control
  • Restricting access to software, such as preventing use of the enterprise’s information on a device with applications not formerly approved
  • Encrypting the enterprise’s data stored on a device, to stop unauthorized applications and users from accessing it
  • Requiring authentication, such as performing successful multi-factor authentication before allowing access to the enterprise’s applications and information
  • Restricting applications that can run on BYOD.
  • Continuously monitor each device’s unique security settings, to detect any violations of the enterprise’s security policies, and to immediately and automatically report all violations as soon as they are discovered.
  • Remote locking and wiping.  No matter how careful users are with their mobile devices, accidents happen. Devices will be lost, stolen or otherwise unaccounted for. And these devices may contain sensitive information belonging to the enterprise, which must be safeguarded from any parties that gain access to the devices.  Alternatives include
    •  By authorization of an administrator issue a command to immediately lock a managed mobile device — preventing access until the necessary credentials (such as passwords, biometrics or cryptographic tokens) have been presented. This is helpful if a device was unlocked or in an unknown state when lost or stolen because implementing a device lock down can prevent any further access to applications or data.
    • Configuring a device so that after a certain number of consecutive failed authentication attempts, the device will securely wipe itself.

Author: Victor Janulaitis

M. Victor Janulaitis is the CEO of Janco Associates. He has taught at the USC Graduate School of Business, been a guest lecturer at the UCLA's Anderson School of Business, a Graduate School at Harvard University, and several other universities in various programs.