Tactical Advice

5 Security Tips to Lock Down Your BYOD Environment

Use these tips to protect your company's BYOD environment.
5 Security Tips to Lock Down Your BYOD Environment

The influx of tablets, smartphones and other devices is a potential breeding ground for security breaches. IT staffs building a BYOD environment should take the following steps to ensure security. 

Tip 1: Develop a policy. 

Take the time to develop a written policy, both to get buy-in from all departments, and to have something specific on hand before the IT department finds it necessary to cut off access to devices that are insecure or not supported. The policy should include which devices are supported or not supported; whether waivers are necessary for unsupported devices; which software is required, such as antivirus or encryption products; what standards of behavior are expected, such as encrypting proprietary data; and to what extent unsupported devices will be supported. 

Tip 2: Develop network zones for trusted and untrusted devices. 

Most wireless access points will let IT managers set up two types of accounts: user accounts that can access internal networks and separate guest accounts that can access only the Internet. This lets only authenticated users access the internal network, while allowing everyone else to remain connected to the outside world. Some access points will synchronize with Microsoft Active Directory or other user databases, while some may require separate access control lists. Many access points will also let IT managers prioritize traffic, ensuring that some guests watching movies won’t disrupt Voice over Internet Protocol or other internal traffic that may be sensitive to network congestion. 

Tip 3: Deploy Network Access Control products. 

Network Access Control (NAC) tools verify that devices attempting to connect to the network meet prescribed criteria. They can check for the latest version of an operating system or antivirus signature and whether proper applications are installed. If a device is not correctly configured, the NAC can block access completely, or allow access only to a segregated guest network. NAC tools can also place restrictions depending on the type of device being used, letting approved smartphones or tablets connect while blocking others. 

Tip 4: Ensure network security. 

In addition to login passwords, consider internal firewalls to make sure that departments or data that needs protection resides behind additional security. With the right equipment, even unauthorized devices that connect to the main network can’t scan for devices or servers to attack on a protected network. For example, the accounting department can run on a separate network where they can access the Internet and other parts of the regular network, but outside users won’t be able to see the clients or servers in the critical departments. 

Tip 5: Consider encryption. 

There are multiple levels of encryption, from per-file encryption to built-in database encryption that encrypts entire databases or only fields that need additional protection, such as Social Security numbers. Whole-disk encryption keeps entire systems safe, even if devices are stolen. This is useful for people who log in from portable devices, or who travel with data on USB drives. On the server side, database encryption ensures that even if data is accessed from a compromised device, any data copied is encrypted. Encryption systems are easy to use. Rather than requiring a long password that must be entered before accessing the data, the password is stored on a separate device, or associated with a fingerprint or other biometric data. 

 
 
Sign up for our e-newsletter

About the Author

Logan Harbaugh

Logan G. Harbaugh

Logan Harbaugh is a longtime technology journalist, with experience in reviewing a wide range of IT products including network operating systems, clustering, load balancing, NAS and SAN systems, traffic simulation, network management and server hardware.

Security

Heartbleed: What Should Your... |
One of the biggest security vulnerabilities has almost every user and every industry...
Why Businesses Need a Next-G... |
Devices investigate patterns that could indicate malicious activity.
Review: HP TippingPoint S105... |
Next-generation firewall can easily replace a stand-alone intrusion prevention system....

Storage

The New Backup Utility Proce... |
Just getting used to the Windows 8 workflow? Prepare for a change.
How to Perform Traditional W... |
With previous versions going unused, Microsoft radically reimagined the backup utility in...
5 Easy Ways to Build a Bette... |
While large enterprises have the resources of an entire IT department behind them, these...

Infrastructure Optimization

Businesses Must Step Careful... |
Slow and steady wins the race as businesses migrate IT operations to service providers,...
Why Cloud Security Is More E... |
Cloud protection services enable companies to keep up with security threats while...
Ensure Uptime Is in Your Dat... |
Power and cooling solutions support disaster recovery and create cost savings and...

Networking

Securing the Internet of Thi... |
As excitement around the connected-device future grows, technology vendors seek ways to...
How to Maximize WAN Bandwidt... |
Understand six common problems that plague wide area networks — and how to address them.
Linksys Makes a Comeback in... |
The networking vendor introduced several new Smart Switch products at Interop this week.

Mobile & Wireless

Mobility: A Foundational Pie... |
Other technologies rely on mobile computing, which has the power to change lives, Lextech...
Now that Office for iPad Is... |
After waiting awhile for Microsoft’s productivity suite to arrive, professionals who use...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.

Hardware & Software

Review: HP TippingPoint S105... |
Next-generation firewall can easily replace a stand-alone intrusion prevention system....
New Challenges in Software M... |
IT trends such as cloud, virtualization and BYOD pose serious hurdles for software...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.