Awareness of BYOD Security Concerns

Contributed by Benjamin Tillett-Wakeley

Today’s enterprise environment is continually facing changes as technology grows exponentially. Today, we have a slew of new phone and tablet devices that run on mobile operating systems much different from their desktop and laptop counterparts. Functions of these devices are increasingly used in place of functions that would normally be done on a PC. Workers want to take their email, word processing, and much more on the go. On one hand there are great benefits to be seen from this. Communication is quicker and easier than ever, and workers are more productive because they can work on the go and they can choose the device that they’re most comfortable with. On the other hand, from a security standpoint, these new devices can be a can of worms. Not only are there now a number of new devices on your network that create new security vulnerabilities, but potentially confidential data is being downloaded to these devices that roam from network to network, and the devices themselves are easily lost or stolen due to their small form factor.

BYOD is the trend of enterprise environments to allow network users to connect their own devices such as smart phones, tablets, or laptops to the enterprise network and access resources and information on that network through these devices. These devices can be both personally owned and corporate owned devices, but even if they are corporate owned, this often means a mixture of personal and enterprise data resides on these devices as the devices will travel with the user between work, home, and often to public spaces. According to a study performed by Cisco partners in 2013, 92% of bring your own device (BYOD) workers use a smartphone for work every week, and 62% use one every day. Only 42% of workers felt their employers were prepared for problems that could arise from their smartphone use (Cisco mConcierge, 2013).

In this paper we will take a look at the security risks that mobile devices bring to the enterprise environment. Such as the concern for malware that can be unknowingly downloaded, the potential for physical loss or theft of the device, and the potential for network based attacks with devices that so often roam and connect to many different networks. We will talk about best practices for mitigating these risks, and see what tools are available to help us do this.

This document is in PDF format. To view it click here.

Rate this article: 
Average: 3.5 (2 votes)