Security Think Tank: Management is key to secure BYOD

With BYOD and the growth of the personal cloud being used at work, what security measures can IT take to ensure security of enterprise data and does MDM really have a role in security?

This is the time of asking the right questions of the right people at the right time. 

The discipline of bring your own device (BYOD) is not only about the devices themselves, but also about bring your own application (BYOA) and what the apps can do within the corporate perimeter.

In this arena, an organisation must set expectations and work with "What If?" scenarios so that everybody knows what will happen if the device is lost and/or corporate information is at risk. Everything starts with policies and expectations. Then processes and procedures.

BYOx – the world is almost turning to "bring your own everything" – is here to stay, since it brings benefits to companies in terms of employee retention, user satisfaction and even financial gains. 

Everything starts with policies and expectations. Then processes and procedures

Ramsés Gallego, Quest Software

But it also presents challenges by exposing the enterprise to threats and vulnerabilities that have to be addressed.

One way is to include BYOx in the corporate's asset management programme, embracing the discipline but at the same time managing the devices and their apps fully.

There should be a policy clearly indicating that a jailbroken device (a hacked smartphone) or one without certain level of security (patches, operating system) will not be allowed into the corporate perimeter.

There is technology around these days that can really track a device – know what it is doing, understand what apps are active – and companies are able to have whitelisting/blacklisting for apps – to prevent the wrong things from happening. That is fair and is, again, about setting expectations. It is about saving intellectual property, protecting sensitive information, defending the brand.

Mobile device management (MDM) should play an instrumental role in the security approach to BYOx, since if the device is managed, useful information about its use, activity, in/out messaging, and so on, is available to the CISO, who is tasked with preventing the company from becoming the next corporate security breach headline.

MDM knows about how the device is being used in context-aware computing mode, and that is truly a unique opportunity to embrace BYOx in a secure, robust and powerful manner.

Ramsés Gallego is international vice-president of ISACA and security strategist and evangelist at Quest Software.

Read more on Endpoint security