10 ways to reduce insider BYOD threats

Employees benefit by using their own devices for work, but there can be security risks as well. Here are some ways to control or reduce these threats.

Device management used to be so simple for IT professionals. New hires would arrive and you would order a Blackberry (or possibly an iPhone or Android, though Blackberry’s mobile device management ecosystem was superb) for them, provision it, configure their account and apply the security settings they needed. Everything ran on one carrier which provided device support and replacements and the company footed the bill, so you could establish usage upon users with mutual agreement.

Then along came the BYOD (Bring Your Own Device) movement which brought massive cost savings, user flexibility and a better range of device choices. But it also made life tougher for IT pros in the way of greater support headaches and security concerns. Security requirements don’t change, regardless of who owns the device or what operating system it runs.

With this advice in mind, here are some tips to reduce insider BYOD threats:

  1. Know when to say no …
  2. Have a BYOD policy …
  3. Identify responsibilities up front …
  4. Consider segmented services or networks …
  5. Use Mobile Device Management …
  6. Mandate standard security settings …
  7. Mandate application/operating system updates …
  8. Educate users …
  9. Have a security incident plan …
  10. Use monitoring …

Source: 10 ways to reduce insider BYOD threats – TechRepublic

Share

Protecting the enterprise against mobile threats

Mobile devices have transformed the digital enterprise allowing employees to access the information they need to be most productive from virtually anywhere. Has that convenience come at a cost to enterprise security, though?

According to Forrester’s The State of Enterprise Mobile Security: 2016 to 2017, by Chris Sherman, “Employees are going to continue to purchase and use whatever devices and apps they need to serve customers and be highly productive, whether or not these devices are company-sanctioned.” …

What that means for security practitioners is that the attack surface is massive. “It now has been multiplied by a factor of 100 or 1,000 by the sheer number of vulnerable applications and devices that the attacker is able to leverage,” Simkin said. …

Source: Protecting the enterprise against mobile threats

Share