Tactical Advice

4 IT Security Tips for BYOD

Everyone wants to bring personal devices into the workplace; these tips will help keep your network secure.
Endpoint Security for BYOD

From iPhones and Android devices to tablets and notebooks, employees are increasingly bringing devices from home to the office for both work and personal reasons. Once they arrive, they expect to be able to join those devices to the network, ­either to access shared resources or simply to connect to the Internet. Whatever a company’s stance on the “bring your own device”(BYOD) trend, a few simple tips can help protect the network.

1. Start with policy.

As with any IT security matter, it’s always best to start with a statement of the company’s policy on BYOD. This requires coordination with any applicable security requirements as well as with the IT chain of command inside the company. A policy governing this type of activity in the business may already be in place. Both users and administrators will appreciate a clearly written statement of what is and is not acceptable use of personally owned devices and who is eligible for BYOD programs.

2. Consider segmenting the network.

One of the best controls for protecting the enterprise network from the risks borne by personally owned devices is to create a separate wireless network specifically for these devices. This restricts users’ ability to put company-owned devices at risk by limiting their access to other parts of the network.

In the case of employees who simply want to gain access to the Internet, this approach should be sufficient. If employees need to access company resources, they may do so by first connecting to a virtual private network from the BYOD network. Chances are good that the company already has a VPN set up for teleworkers and has controls in place to limit the damage that non-enterprise computers can cause corporate systems.

3. Develop security configuration requirements.

The company should also clearly state the security requirements for different devices and may wish to consider limiting BYOD devices to those that have been preapproved and are governed by configuration standards. For example, security requirements for smartphones might dictate the following:

  • Devices must be configured with a screen-lock passcode;
  • The company retains the ability to remotely wipe the device if lost or stolen, or if the individual’s employment is terminated;
  • The company retains the right to prohibit certain risky applications from being installed on devices connected to company networks;
  • Representatives from the company may audit the device for compliance with security requirements at any time;
  • Devices must be configured to encrypt all user data using a company-approved encryption algorithm;
  • Users are prohibited from storing corporate data on cloud services through the device.

4. Draw the line between corporate and personal responsibility.

It’s easy for users of BYOD devices to quickly blur the line between corporate and personal responsibility. The company support staff should clearly define the level of service that it will provide for personally owned devices, from some support to no support, and varying amounts in between; for example:

  • BYOD support may be limited to certain company-approved activities, such as checking corporate e-mail accounts, using a calendar and expense reporting;
  • BYOD support may be provided “as available,” or by limiting the time spent on BYOD support tickets;
  • BYOD support may be provided only for initial setup when connecting BYOD devices to the enterprise network;
  • BYOD devices, while allowed, may not receive company IT support.

The BYOD movement is being propelled by the rapid adoption and ubiquitous nature of smartphones. As these devices increase in variety and number, businesses will undoubtedly encounter a growing number of users who want to connect to company networks. By following the advice presented here, agencies can ensure that they remain a step ahead of this trend.

Sign up for our e-newsletter

About the Author

Mike Chapple

Mike Chapple is an IT professional and assistant professor of computer applications at the University of Notre Dame. He is a frequent contributor to BizTech magazine, SearchSecurity and About.com as well as the author of over a dozen books including the CISSP Study Guide, Information Security Illuminated and SQL Server 2008 for Dummies.

Security

Heartbleed: What Should Your... |
One of the biggest security vulnerabilities has almost every user and every industry...
Why Businesses Need a Next-G... |
Devices investigate patterns that could indicate malicious activity.
Review: HP TippingPoint S105... |
Next-generation firewall can easily replace a stand-alone intrusion prevention system....

Storage

The New Backup Utility Proce... |
Just getting used to the Windows 8 workflow? Prepare for a change.
How to Perform Traditional W... |
With previous versions going unused, Microsoft radically reimagined the backup utility in...
5 Easy Ways to Build a Bette... |
While large enterprises have the resources of an entire IT department behind them, these...

Infrastructure Optimization

Businesses Must Step Careful... |
Slow and steady wins the race as businesses migrate IT operations to service providers,...
Why Cloud Security Is More E... |
Cloud protection services enable companies to keep up with security threats while...
Ensure Uptime Is in Your Dat... |
Power and cooling solutions support disaster recovery and create cost savings and...

Networking

Securing the Internet of Thi... |
As excitement around the connected-device future grows, technology vendors seek ways to...
How to Maximize WAN Bandwidt... |
Understand six common problems that plague wide area networks — and how to address them.
Linksys Makes a Comeback in... |
The networking vendor introduced several new Smart Switch products at Interop this week.

Mobile & Wireless

Mobility: A Foundational Pie... |
Other technologies rely on mobile computing, which has the power to change lives, Lextech...
Now that Office for iPad Is... |
After waiting awhile for Microsoft’s productivity suite to arrive, professionals who use...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.

Hardware & Software

Review: HP TippingPoint S105... |
Next-generation firewall can easily replace a stand-alone intrusion prevention system....
New Challenges in Software M... |
IT trends such as cloud, virtualization and BYOD pose serious hurdles for software...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.