Thursday, September 17, 2015

BYOD concern

Which of the following is a concern based on a user taking pictures with a smartphone?

Geotagging is a concern based on a user taking pictures with a mobile device such as a smartphone. This is because the act of geotagging utilizes GPS, which can give away the location of the user.

Application whitelisting is when there is an approved list of applications for use by mobile devices. Usually implemented as a policy, if the mobile device attempts to open an app that is not on the list, the process will fail, or the system will ask for proof of administrative identity.

BYOD stands for bring your own device, a technological concept where organizations allow employees to bring their personal mobile devices to work and use them for work purposes.

MDM stands for mobile device management, a system that enables a security administrator to configure, update, and secure multiple mobile devices from a central location.
 Additional Learning
BYOD Concerns

Around 2011, organizations began to allow employees to bring their own mobile devices into work and connect them to the organization’s network (for work purposes
only, of course). This “bring your own device” concept has since grown into a more popular method of computing for many organizations. It is enticing from a budgeting standpoint, but can be very difficult on the security administrator, and possibly on the user as well.

In order to have a successful BYOD implementation, the key is to implement storage segmentation —a clear separation of organizational and personal information,
applications, and other content. It must be unmistakable where the data ownership line occurs. For networks with a lot of users, consider third-party offerings from companies that make use of mobile device management (MDM) platforms. These are centralized software solutions that can control, configure, update, and secure remote mobile devices such as Android, iOS, BlackBerry, and so on, all from one administrative console. The MDM software can be run from a server within the organization, or administered within the cloud. It makes the job of a mobile IT security administrator at least manageable. From the central location, the security administrator can implement patch management and antivirus management such as updates to the virus definitions.

The admin can also set up more secure levels of mobile device access control. Access control is the methodology used to allow access to computer systems. For larger organizations, MDM software makes it easy for an admin to view inventory control, such as how many devices are active for each of the mobile operating systems used. It also makes it simpler to track assets, such as the devices themselves, and the types of data each contains. In addition, MDM software makes it less complicated to disableunused features on multiple devices at once, thereby increasing the efficiency of the devices, reducing their footprint, and ultimately making them more secure. For instance, an employee who happens to have both a smartphone and a tablet capable of making cellular calls doesn’t necessarily need the latter. The admin could disable the tablet’s cellular capability, which would increase battery efficiency as well as security for that device. Finally, application control becomes easier as well. Applications can be installed, uninstalled, updated, and secured from that central location. Even devices’ removable storage (often USB-based) can be manipulated—as long as the removable storage is currently connected to the device.

Policies that need to be instituted include an acceptable use policy, a data ownership policy, and a support ownership policy. In essence, these define what a user is allowed to do with the device (during work hours), who owns what data and how that data is separated, and under what scenarios the organization takes care of technical support for the device as opposed to the user.

No comments:

Post a Comment